Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-01-2006, 05:57 PM
|
#1
|
Member
Registered: Sep 2003
Location: Canada
Distribution: Slackware 9
Posts: 243
Rep:
|
Fun new security project
I've had this idea, and I'd like to get an impression from the community on whether or not it would be feasable, and how I'd go about doing it.
I'd like to create a script that, every time someone logs in (or returns from screensaver), it will begin a countdown, and if it doesnt recieve a certain message, it will log the user back out again.
So, for example, if I wiggled the mouse and the screensaver went away, I'd have to type.. authenticate or something into a terminal, and enter my password, or else be logged out. I figure this way, if someone ever Does get remote access to my computer, they'll be kicked out in 30 seconds since they wouldnt know the command. Or, if one of the numerous kids running around my office decide they want to delete everything on my desktop, they'll only get to have 30 seconds of fun before being kicked out.
This means I'd need some way to execute a script and start a countdown everytime a user logs on. Any ideas on how to go about doing this? Any help/comments/suggestions are appreciated.
|
|
|
10-01-2006, 06:21 PM
|
#2
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
Maybe I'm confused about what you are planning, but both KDE and Gnome have screensaver programs that can be set to require authentication before a user can return to the desktop session from the screensaver. Also, what would requiring a user to enter a password immediately after logging in accomplish, wouldn't they need to know the password to have logged in already?
If you are thinking about requiring some action, like 'user must play beethoven mp3 within 30 sec of logging in or get logged out', then you could probably rig something to work. To be honest though, if you are concerned about password security I think you'd be better off looking into implementing an additional security measure like a biometric authentication or RSA token. I like the RSAsecurID and they already have PAM intergration.
|
|
|
10-01-2006, 08:16 PM
|
#3
|
Member
Registered: Sep 2003
Location: Canada
Distribution: Slackware 9
Posts: 243
Original Poster
Rep:
|
I'm aware of the screensaver password protection, but I was going to try for something a little more subtle. Theres a few things I would like to try, but I really just think it would provide an unbeatable level of security. The computer is used as an ssh/squid/http/ftp server, and so I get a lot of malicious activity. I think that if somebody Did gain access to the box, and then was kicked out promptly afterwards, it would be a much better security measure than just extra password strength. Plus I figured I'd add a counter, so two failed logins would temporarily turn off the nic, reboot, send a message to my email, or something like that.
|
|
|
All times are GMT -5. The time now is 05:41 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|