Well I have seen some interesting answers and even some helpful ones :-) As for physically cutting off access to the floppy, if I wanted to do that, I would just send out the server without the floppy in it. If it gets to the point where we have clients having to boot off of a floppy, we usually replace the server and fix it when it comes back. So I could secure the floppy by removing it.
I am more concerned with the possibility of booting into single-user mode off of a straight boot process. As we don't ship out servers with boot disks (even thought it is fairly easy to get your hands on one via the net), I am looking at the booting off of a floppy approach. When a box becomes locked to the point that we cannot get in without resorting the single user mode, I can always pull the drive and put it into another box in order to get at the log files. I guess my concerns are more with the casual hacker, not with the person who would rip opened the case and start hacking away from the hardware side of it (like I would). Philippe Troin mentioned something about a password option, >Lilo has a password option (which you probably want to use with the restricted >option too). RTFM. but I have been unable to find anything about this. Where might I find the difinative source of Lilo documentation? Thanks Timm On Wed, 22 Oct 1997 19:14:41 +0100 (BST), David Wright <[EMAIL PROTECTED]> wrote: >On Tue, 21 Oct 1997, Timm Gleason wrote: > >> Does anyone out there know of a way to prevent a Debian box from being >> able to boot into single user mode? We have removed any sort of delay= >> settings from the lilo.conf, and this makes it extremely difficult to >> get into that mode, but does not prevent it. >> >> Any help? > >How do you break into a perfectly secured area when the key just sheared >off in the lock? How do you rescue a Debian box that can't boot into >single-user mode? > >But to answer the question, I guess you'd need to (a) secure the floppy >drive through the CMOS and (b) hack lilo (the source is there). > >But even if you somehow remove the jumper pin that clears the CMOS >password, you can clear the CMOS entirely by temporarily removing its >power source, so I guess you have to cut the tracks to the floppy cable. >How far do you want to go? > >> Timm Gleason >> Hardware Engineer > >Hey, you should find this easy! > >Just out of interest though, how straightforward is it to reset the CMOS >password on laptops that say this is a factory operation? (i.e. is this >just a con?) > >-- >David Wright, Open University, Earth Science Department, Milton Keynes MK7 6AA >U.K. email: [EMAIL PROTECTED] tel: +44 1908 653 739 fax: +44 1908 655 151 > > ************************************************************************** "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." - Rich Cook ************************************************************************** Timm Gleason -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- http://n2h2.com/ N2H2, Creators of Bess -- 1301 Fifth Avenue, Suite 1501--Seattle, WA 98101 ************************************************************************** -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
