Don Gaffney said: > Date: Tue, 30 Apr 1996 14:11:28 -0400 (EDT) > From: Don Gaffney <[EMAIL PROTECTED]> > Subject: Re: Hardware advice: seeking echoes of running Linux-PC clusters > To: Neil Turton <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED], debian-user@lists.debian.org > > On Tue, 30 Apr 1996, Neil Turton wrote: > > > Lukas Nellen <[EMAIL PROTECTED]> wrote: > > > >From the point of view of security, do you really need a diskless > > > system? If you set a bios password, set the bios to boot only from C > > > and make sure that a password is required to enter single user mode, > > > wouldn't that be just as secure? Or is there a loophole which I > > > missed (not having tried this type of setup)? > > > > There are programs available on the net which will cause a BIOS checksum > error. At bootup this error will allow the intruder into the BIOS setup > without a password (BIOS defaults are taken). > This is a solvable problem. Igel Ltd. [See ad in Linux Journal] has a diskless PC running Linux they call an "Etherminal". It doesn't have regular BIOS installed - embedded Linux kernel in EEPROMs instead.
> The intruder can then boot off of a floppy and access the machine regardless > of any OS security. NT, which is heralded as "C2 secure", and its NTFS > file systems are just as susceptible as any Linux or DOS/Windows box. > Etherminal also doesn't have a floppy drive, either. > If you can't secure the machine, you can't secure the system. You can > still secure information through encryption however. > The only secure house is one with no doors or windows. Having systems in userland is inevitable - though I've never seen the logic of giving floppy drives to every user. Especially in the virus-ridden world of DOS and Windows. Just doesn't make sense. > Our own Senator Leahy (D-VT) has recently proposed that almost everything > be encrypted; S.1587 is sort of an encryption "Bill of Rights." Maybe > someday (soon?) we will be able to put all this export/import munitions > ban garbage behind us. > Don't hold your breath. We'd need to get a Libertarian in the White-house first, and that's going to take us a few more years. > _____________________________________________________________________ > Don Gaffney (http://www.emba.uvm.edu/~gaffney) > Engineering, Mathematics & Business Administration Computer Facility > University of Vermont - 237 Votey Building - Burlington, VT 05405 > (802) 656-8490 - Fax: (802) 656-8802 > Chuck -- Chuck Stickelman, Owner E-Mail: <[EMAIL PROTECTED]> Practical Network Design Voice: (419) 529-3841 9 Chambers Road FAX: (419) 529-3625 Mansfield, OH 44906-1302 USA --
