Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 4 Apr 2000 15:53:59 +0300
From:      Ruslan Ermilov <ru@ucb.crimea.ua>
To:        freebsd-questions@FreeBSD.ORG
Subject:   Re: Disable boot -s
Message-ID:  <20000404155359.A71975@relay.ucb.crimea.ua>
In-Reply-To: <38E9E3E8.359C0F6@sterling.com>; from Alan Edmonds on Tue, Apr 04, 2000 at 07:45:28AM -0500
References:  <86962.954843435@axl.ops.uunet.co.za> <38E9E3E8.359C0F6@sterling.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 04, 2000 at 07:45:28AM -0500, Alan Edmonds wrote:
> Sheldon Hearn wrote:
> > 
> > On Tue, 04 Apr 2000 12:18:13 GMT, Andrew wrote:
> > 
> > > I have FreeBSD mail server in my organisation.  It located in room
> > > with no lock, with free access to the PC's monitor for all. This is my
> > > workbench.
> > >
> > > I'm afraid that anyone, who knows about boot -s, may reboot the
> > > machine and makes me cry.
> > 
> > Okay, I take back my previous advice.  Although what I told you about
> > flagging the console as insecure was sound advice in some circumstances,
> > it's just going to lead you into a false sense of security in this case.
> > 
> > Anyone who knows about boot -s probably also knows how to create boot
> > floppies.  Getting into your PC won't be very difficult.
> > 
> > Removing the floppy drive from your box may help, provided that you have
> > some way of ensuring that nobody opens the box up with a screwdriver or
> > saw.
> 
> I'm not sure if it was on this list, but one security conscious person
> would leave the floppy drive installed, but install it facing into 
> the case.  That way he could remove the system cover if he needed
> access to the floppy and didn't have to carry around an extra floppy
> drive.  As I recall, this was in a classroom situation and he wanted
> to prevent students from stealing software and data from the PCs.
> 
> I apologize if I got the details wrong and for forgetting who
> originally posted this.
> 
Or just set the BIOS to boot from the hard drive first.


-- 
Ruslan Ermilov		Sysadmin and DBA of the
ru@ucb.crimea.ua	United Commercial Bank,
ru@FreeBSD.org		FreeBSD committer,
+380.652.247.647	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000404155359.A71975>