[GRLUG] Coyote Linux Personal Firewall
Bob Kline
bob.kline at gmail.com
Fri Jan 2 16:30:59 EST 2009
On Fri, Jan 2, 2009 at 2:49 PM, Michael Mol <mikemol at gmail.com> wrote:
> On Fri, Jan 2, 2009 at 2:44 PM, Joshua Burns <jdburnz at gmail.com> wrote:
> > unfortunately not, it's a pretty straight boot...
>
> Then my next approach would be to boot of a live CD, change the root
> password on the live CD, and copy the encrypted password from the
> liveCD's /etc/shadow to the machine's /etc/shadow and /etc/shadow- .
> I've done this a few times, though it might not work if the two
> distros use a different salt for the password hash. (Though, honestly,
> I've never encountered that barrier.)
>
This describes a pretty nifty way to break
in to a PC. The ability to use a live CD or DVD
to rearrange passwords, and otherwise modify
the Linux OS (windoz too? ) seems like a ready
made master key.
I've had occasion to use a live CD to provide
root access to my own PC, and wondered then
why I couldn't just do this to any machine
running Linux.
Other than to, say, change the boot sequence,
and eliminate booting from anything other
than the hard drive, to prevent someone from
booting a live CD, what are some ways to prevent
this?
Of course someone could still just steal the
hard drive and get in.
-- Bob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shinobu.grlug.org/pipermail/grlug/attachments/20090102/6033c43f/attachment-0001.htm
More information about the grlug
mailing list