[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <2f6cb7b40611012315h6a27065fjc9e194bdd7af6bd0@mail.gmail.com>
Date: Thu, 2 Nov 2006 01:15:19 -0600
From: nocfed <nocfed@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Putty Proxy login/password discolsure....
> You could use the 'restrict' option, it dosnt ask for a password unless
> you modify this arguments. (if you press enter u boot, if you add init=*
> it asks for a passwd).
>
> Saludos, Juan Pablo.
> >
> --
> Juan Pablo Daniel Borgna <jpdborgna@...llcode.com.ar>
> Development Manager
> SHELLCODE, IT Solutions & Security Research.
> Paraná 264, Piso 4to, Of.46 - C1017AAF
> Ciudad Autónoma de Buenos Aires - Argentina
> Phone: +54 (011) 57.11.52.63
And if you have physical access then you can simply use a floppy, usb
dongle, or any other type of removable media to boot from. Once
physical access is obtained then you pretty much have full access,
barring full disk encryption. Personally I see linux's password for
single user mode to be like a screen door infront of an old door with
a combination lock on it. It takes VERY little effort to punch a
whole through it, even if you only have 1 minute alone with the
server.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists