Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If someone has physical access to the machine, you can never make it 100% secure from them.
You can take precautions:
1) single user mode should be insecure so it requires a password
2) the bios should be set to only boot from the primary drive
3) the bios should require a password (different from root's) to change settings
These steps alone will prevent the majority of problems. But if they can get at the machine... anything is possible.
You don't need a livecd if you can access your bootloader and tell it to boot to runlevel 1 (single-user mode usually). It'll give you a root login without asking password, so you can use it to change the root password with passwd.
Set a bootloader password, encrypt the filesystem, configure BIOS to prevent you from booting from anywhere else than harddisk, set BIOS password, ... there are many ways (NOTE: taking out the battery for a moment flushes BIOS settings, so it's a goner). But in the end it's just up to who can access and mount your disk - if somebody is eager, s/he'll just take the disk out of your machine, connect it to another pc, mount the disk and either do the change you mentioned or copy off the shadow file, put things back where they were and start cracking the encrypted password against a dictionary ("brute-force attack"). Once cracked, s/he can use regular login.
The only way that works is to remove the media where those passwords are - take the harddisk with you or put it into a safe. As long as it's in your pc, anybody who can access it can easily get into your system. Preventing physical access is pretty difficult, but that's something you must do if you want to be able to sleep well
EDIT: to make you feel better, think about this: cracking a Windows machine is just as easy. Windows2000 had a little flaw where you could easily just replace one executable file that is run at the login screen if you wait for too long, with a command prompt. Result: boot the machine, and when the login window comes up, wait for some time and you'll get a console with system permissions in front of you. Change passwords, replace the already-replaced executable again, and you're set. It's fast and easy with two computers, but doesn't produce much trouble with only one pc either. Luckily somebody told MS and they "fixed the problem" in the newer versions (but that doesn't say there aren't similar holes around..)
I'm still new in this forum, so forgive me if I'm wrong...
My friend told me that he has encountered a problem with a server (handed over to his company by another vendor). The problem is that he didn't know the root password and try to reset it. He manage to boot the server into single user mode but he could not edit the shadow file. How to solve this problem (other than formatting it, of course)?
--For Road Map. I dont understand "There is nothing to edit in /etc/passwd file.". I removed the x after root, like root:x:....
Then saved it and reboot the system as root. It didnt ask for a password.
So, you mean this is not necessary...(clarification needed, please)
--And b0uncer, from your reply I felt that Windows is much secure in this aspect. (parden me, as I didnt crack any Windows machine. But I would like to) Is that true?
--I heard of providing a bootloader password. My bootloader is GRUB. So, how can I set a password in GRUB?
--Can I remove the single user mode from the bootloader. What is your advice...
--Finally, how can I encrypt my file system?
If you want to provide some reasonable boot security on a pc class machine, you have to:
1) edit your bios boot priority settings to remove everything except your hard drive
2) set a bios password so nobody can change that
3) use a cable lock or a good locking computer cabinet to prevent anyone from being able to steal the hard disk or open the case and reset/reflash the bios
4) use a grub password to prevent anyone from booting anything other than the default stanza.
The downside is that if you ever forget your passwords or lose your keys, you have screwed yourself instead.
In addition, or maybe instead, you might seriously consider using LUKS, dm_crypt and a loooong passphrase to provide partition level encryption, so if anyone manages to get physical access to your system or steals your hard drive, they will still be unlikely to find anything useful. The downside is a serious disk i/o performance penalty.
No, normal user accounts cannot reboot a box into runlevel 1.
Only someone with root privileges on your system (via the root password, a local account with sudo access, or by using a local account and cracking some setuid program) could modify your grub config file and reboot the box into runlevel 1. But if they are remote, then they couldn't access it, since single user mode is only accessible from the PC console.
Then again, if someone can get root privs on your system, they don't NEED to boot into runlevel 1. They are already root!
Just encrypt /home and it then becomes completely moot whether they can boot into and access your machine. The data that matters is stored safely in a place they can not easily access.
If you were really paranoid encrypt everything (/ and /home) and set it up to ask for passwords before it boots the main system. Guides are available from google, but its not something i would recommend to the noob element.
I am more of a prevent access to data by method x, person. Physical security can not always be maintained, so falling back to encryption is the only logical step.