LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 06-09-2005, 04:50 AM   #1
ssharma_02
LQ Newbie
 
Registered: Aug 2004
Location: Kanpur
Distribution: SuSE
Posts: 12

Rep: Reputation: 0
Arrow password protect pxe installation


hi,
i configured pxe installation system in my network which is working fine along with dhcp, tftp servers.
I find a major security hole when ny body could install a new image , i wanted to know if there exists any password protect mechanism by which i could plug in this gap
i was thinking on lines where one could do such a thing in linux boot init=/bin/bash

any suggestions ?
 
Old 06-09-2005, 04:55 AM   #2
Simon Bridge
Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 197Reputation: 197
You could always remove group/other write access to the image or image location? (setting owner=root) But isn't this done already - in which case, you need to explain how anybody can change this and where from.
 
Old 06-09-2005, 05:05 AM   #3
Simon Bridge
Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 197Reputation: 197
See: http://support.novell.com/techcenter...s/tp10009.html
SECURITY DISCLAIMER: VNC is unencrypted by default, so anyone who has access to the patch between you and the server and a decent packet sniffer can capture your sessions and extract passwords, server settings, or other entered data. Therefore, it is highly recommended that you only perform unsecured VNC installations over a trusted network or in a VMWare environment. There are ways of securing VNC (SSH Tunnels for instance), but those are outside the scope of this document. For more information about securing VNC connections with SSH, see Using SSH with VNC (http://www.uk.research.att.com/archive/vnc/sshvnc.html).

If I guess you mean that someone can insert an image to the pxe part if the remote install?
Nobody should be able to go backwards through this link once the environment is established.
 
Old 06-09-2005, 05:20 AM   #4
ssharma_02
LQ Newbie
 
Registered: Aug 2004
Location: Kanpur
Distribution: SuSE
Posts: 12

Original Poster
Rep: Reputation: 0
Well i guess the problem is a little different, i need to ensure that the installation can only be done by the network administrator where as the other options like boot up's etc be open to all different people with ofcourse their own user login's and passwd's.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Password protect folder? sall Linux - Security 4 07-18-2005 05:57 PM
Password protect directorys? xconspirisist Linux - Security 3 12-31-2004 08:26 PM
how to password protect certain directories? sirpelidor Linux - Security 3 10-06-2004 12:16 PM
how to protect a file with password bobgodwinx Linux - Security 7 07-20-2004 08:47 AM
Password protect souvik Programming 0 05-22-2001 05:28 AM


All times are GMT -5. The time now is 10:17 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration