Date: Thu, 21 Dec 2000 16:50:35 -0500 From: "Passki, Jonathan P" <jpasski@kpmg.com> To: freebsd-security@freebsd.org Subject: RE: Read-Only Filesystems Message-ID: <7799D023E51ED311BFB50008C75DD7B402881BCC@uschiexc05.kweb.us.kpmg.com>
next in thread | raw e-mail | index | archive | help
> > Nope, that's the one. Once the attacker breaks root on a high > > securelevel machine they can arrange it so that the next time the > > system boots it does their dirty work for them prior to raising the > > securelevel (e.g. load a KLD which allows them backdoor > access around > > the securelevel restrictions, so the system appears to be running > > normally). > > > > Kris > > > To be truly, anal. Couldn't one just put a bios boot password > on every > server reboot (really how often do we need to reboot). And > have a serial > console hooked up to the server. > > That way if the attacker drops the security level and > reboots, he can't > modify anything as the server never boots up. It's major downtime, but > better then a comprimise. > > K.J. > <sarcasm> Why not just unplug it, lock the computer in a safe, and seal the safe? </sarcasm> Security is usually a compromise determined from user requirements and system requirements. The number of levels of controls in place help (onion layer effect), but at some time it will hinder. I guess it's all just a rhetorical argument, since every environment is different, and objective views on security controls are hard to make, unless you can analysis the environment. If one person is running a FreeBSD box behind a decent firewall, most attacks out there won't succeed, but perhaps that sk1ll3d h4x0r might be able to compromise your box. If you're a corporation, the more layers and controls involved. yada yada yada Jon My $.02 in this non-technical, red herring rant ;) ***************************************************************************** The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. ***************************************************************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7799D023E51ED311BFB50008C75DD7B402881BCC>