LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-01-2006, 05:57 PM   #1
LinuxBlackBox
Member
 
Registered: Sep 2003
Location: Canada
Distribution: Slackware 9
Posts: 243

Rep: Reputation: 30
Lightbulb Fun new security project


I've had this idea, and I'd like to get an impression from the community on whether or not it would be feasable, and how I'd go about doing it.

I'd like to create a script that, every time someone logs in (or returns from screensaver), it will begin a countdown, and if it doesnt recieve a certain message, it will log the user back out again.

So, for example, if I wiggled the mouse and the screensaver went away, I'd have to type.. authenticate or something into a terminal, and enter my password, or else be logged out. I figure this way, if someone ever Does get remote access to my computer, they'll be kicked out in 30 seconds since they wouldnt know the command. Or, if one of the numerous kids running around my office decide they want to delete everything on my desktop, they'll only get to have 30 seconds of fun before being kicked out.

This means I'd need some way to execute a script and start a countdown everytime a user logs on. Any ideas on how to go about doing this? Any help/comments/suggestions are appreciated.
 
Old 10-01-2006, 06:21 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Maybe I'm confused about what you are planning, but both KDE and Gnome have screensaver programs that can be set to require authentication before a user can return to the desktop session from the screensaver. Also, what would requiring a user to enter a password immediately after logging in accomplish, wouldn't they need to know the password to have logged in already?

If you are thinking about requiring some action, like 'user must play beethoven mp3 within 30 sec of logging in or get logged out', then you could probably rig something to work. To be honest though, if you are concerned about password security I think you'd be better off looking into implementing an additional security measure like a biometric authentication or RSA token. I like the RSAsecurID and they already have PAM intergration.
 
Old 10-01-2006, 08:16 PM   #3
LinuxBlackBox
Member
 
Registered: Sep 2003
Location: Canada
Distribution: Slackware 9
Posts: 243

Original Poster
Rep: Reputation: 30
I'm aware of the screensaver password protection, but I was going to try for something a little more subtle. Theres a few things I would like to try, but I really just think it would provide an unbeatable level of security. The computer is used as an ssh/squid/http/ftp server, and so I get a lot of malicious activity. I think that if somebody Did gain access to the box, and then was kicked out promptly afterwards, it would be a much better security measure than just extra password strength. Plus I figured I'd add a counter, so two failed logins would temporarily turn off the nic, reboot, send a message to my email, or something like that.
 
  


Reply

Tags
security, timer


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
"Fun" project? Matir General 14 06-26-2005 11:21 AM
Project: Computer Security Portal jedeye General 1 06-09-2004 03:32 PM
Beginning a big project - Need an Good Project Manager gamehack Programming 3 01-15-2004 12:49 PM
Password Security Checker - for project with benchmarks mymojo Programming 3 11-24-2003 12:28 AM
Cannot see Open GL project in KDevelop project wizard SparceMatrix Programming 2 08-08-2002 12:14 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration