LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Fun new security project (https://www.linuxquestions.org/questions/linux-security-4/fun-new-security-project-488553/)

LinuxBlackBox 10-01-2006 04:57 PM
Fun new security project
 
I've had this idea, and I'd like to get an impression from the community on whether or not it would be feasable, and how I'd go about doing it.

I'd like to create a script that, every time someone logs in (or returns from screensaver), it will begin a countdown, and if it doesnt recieve a certain message, it will log the user back out again.

So, for example, if I wiggled the mouse and the screensaver went away, I'd have to type.. authenticate or something into a terminal, and enter my password, or else be logged out. I figure this way, if someone ever Does get remote access to my computer, they'll be kicked out in 30 seconds since they wouldnt know the command. Or, if one of the numerous kids running around my office decide they want to delete everything on my desktop, they'll only get to have 30 seconds of fun before being kicked out.

This means I'd need some way to execute a script and start a countdown everytime a user logs on. Any ideas on how to go about doing this? Any help/comments/suggestions are appreciated.

Capt_Caveman 10-01-2006 05:21 PM
Maybe I'm confused about what you are planning, but both KDE and Gnome have screensaver programs that can be set to require authentication before a user can return to the desktop session from the screensaver. Also, what would requiring a user to enter a password immediately after logging in accomplish, wouldn't they need to know the password to have logged in already?

If you are thinking about requiring some action, like 'user must play beethoven mp3 within 30 sec of logging in or get logged out', then you could probably rig something to work. To be honest though, if you are concerned about password security I think you'd be better off looking into implementing an additional security measure like a biometric authentication or RSA token. I like the RSAsecurID and they already have PAM intergration.

LinuxBlackBox 10-01-2006 07:16 PM
I'm aware of the screensaver password protection, but I was going to try for something a little more subtle. Theres a few things I would like to try, but I really just think it would provide an unbeatable level of security. The computer is used as an ssh/squid/http/ftp server, and so I get a lot of malicious activity. I think that if somebody Did gain access to the box, and then was kicked out promptly afterwards, it would be a much better security measure than just extra password strength. Plus I figured I'd add a counter, so two failed logins would temporarily turn off the nic, reboot, send a message to my email, or something like that.


All times are GMT -5. The time now is 05:43 AM.