Date: Wed, 19 Jun 2002 09:55:07 -0700 (PDT) From: twig les <twigles@yahoo.com> To: Maxlor <mail@maxlor.com>, "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: preventing tampering with tripwire Message-ID: <20020619165507.43204.qmail@web10103.mail.yahoo.com> In-Reply-To: <2799555.1024487443@[10.0.0.16]>
next in thread | previous in thread | raw e-mail | index | archive | help
- Change kern.securelevel to 1. This prevents > modifying any file which has > the schg flag set. The securelevel cannot be lowered > without a reboot. I've > got to think a bit about how preventing a lowering > through rebooting... > maybe schg'ing /etc/rc and /etc/rc.conf? > I bet an attacker would be pretty annoyed if he rooted your box, knew FreeBSD well enough to know the schg trick, rebooted, then found out that you had set a BIOS passwd. He'd have to be local and have a screwdriver :). Of course your remote admin would take a hit so it's up to circumstances whether you can do that or not. ===== ----------------------------------------------------------- Only fools have all the answers. ----------------------------------------------------------- __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020619165507.43204.qmail>