Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 08-12-2003, 09:57 AM   #1
LQ Newbie
Registered: Aug 2003
Location: Hyderabad , India
Posts: 5

Rep: Reputation: 0
Question Urgent help needed

hi everyone

I have RH-9 installed n also have a guest login in my allocated system in the institution and some body is entering the root bypassing the password .

I know one way is to password protect the "boot loader" by specifing a password in /etc/lilo.conf but that was all in vain he is again working in the root

Is there any other way to bypass the root password and if so please specify the security measure


Old 08-12-2003, 10:11 AM   #2
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983Reputation: 1983
- please use useful thread titles
- please fdo not mark threads as urgent, questions are answered on a voluntary basis, and it is not fair to demand preferential treatment.

Old 08-12-2003, 08:09 PM   #3
Registered: May 2003
Location: S.W. Ohio
Distribution: Ubuntu, OS X
Posts: 760

Rep: Reputation: 30
Urgent reply needed

the_twister, does this person have access to your computer? How is he gaining root? Are there any logs? Need more info on what is happening.
Old 08-13-2003, 02:42 AM   #4
LQ Newbie
Registered: Aug 2003
Location: Hyderabad , India
Posts: 5

Original Poster
Rep: Reputation: 0
no no it is not my personal computer but a computer alloted to me in the lab

so every body is allowed to sit on that computer but not get into the root as it has a "guest" login if u have any suggestions on the seeing the log file please do reply

Old 08-13-2003, 09:58 AM   #5
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
If it's not your personal box at the institute, then the only people who should need the admin pass are the IT dept people, right? I mean, you might be trying to protect the box for the wrong reasons. For instance if it's data you're worried about, use encryption. Besides that, with physical access to the box it wouldn't be too hard to convince the box to boot anything they want or rip out the hd to "change" things. So apart from locking it up in a secure room, heres what I'm thinking of you can do:

- let BIOS have administration passwd
- set BIOS to boot from hd only
- remove cd/fd from the case
- clear out /etc/securetty so root will be denied a login from any tty , and make the file immutable,
- dont allow runlevel 1, single mode, rescue mode or whatever its called to the box can't be put down non-network mode. Maybe make rc0.d a symlink to rc6.d (reboot),
- disable the LILO prompt and make it directly boot one kernel,
- remove the CTRL+ALT+DEL sequence (inittab) and make sure sysctl is disabled (kernel compiletime option) so no one can reboot the box that way,
- set up any PAM service (also sudo) that allows root to make changes to have an extra passwd just to make it a 'lil bit harder,
- make sudo only allow you su root access,
- change yours and the root passwd weekly and and make all shadow passwd file immutable.
- watch out for the "regular" pitfalls wrt hardening the box like remote services allowing root access: read the LQ Security References
- talk to your institutes IT people. If there's need for restrictions, theyre really the ones who should implement those.

Again, since we're talking about a box with unrestricted physical access, these should be considered very, very weak protection measures and they DO NOT enhance security in an absolute way. Please think about what you're actually protecting.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Urgent - Help Needed rigel_kent Linux - General 1 07-21-2005 08:20 AM
Please Urgent Help Needed Here !!! dezeque Linux - General 6 05-26-2005 03:37 PM
urgent help needed on fedora cool_ashwin22 Fedora 7 09-16-2004 05:54 AM
Urgent Help Needed rankxeros Linux - Security 5 03-08-2004 04:32 PM
Urgent help needed J_Szucs Linux - Newbie 7 07-09-2002 09:39 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:39 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration