| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri Mar 31 19:02:26 2006 From: gboyce at badbelly.com (gboyce) Subject: Root password change On Fri, 31 Mar 2006, Valdis.Kletnieks@...edu wrote: > On Fri, 31 Mar 2006 12:33:28 EST, gboyce said: >> In which case the person needs to remove the hard drive, and put it into a >> different system for the modifications (or mirroring). > > Time constraints. The amount of time needed to pop in a disk and hit reboot > is (or should be, in this case) a lot shorter than the amount of time it takes > to pull a rack-mount box out and pop the lid and play with the drives. > > And if your server has a lockable faceplate like most Dell rack-mounts, that > can add a lot to the challenge right there (as it stops any quick "snarf a > hot-swap drive and run" scheme). > >> For the most part, if an attacker has physical access to the hardware >> itself, you just lose. > > Almost, but not quite right. If the attacker has physical access *for long enough*, > you lose. I wasn't quite clear enough I think. By "Physical Access to the hardware", I meant unencoumbered physical access. If a system is in a locked rack, safe, or has a locking case then it is indeed much more difficult. Good point about the time though. Even an unlocked rack mount server without hot swappable drives will take some time to unrack and disassemble in order to ge the drives out and back in again. -- Greg
Powered by blists - more mailing lists