On Sat, Jan 26, 2002 at 05:04:45AM +0100, Andreas Leitner wrote: > On every standard Debian install, anybody can gain the root password > within minutes (given the attacker has phyiscal access to the box):
As others have said, if an attacker has unrestricted physical access to the machine, he has already won. Period. > 1) Issue "linux init=/bin/sh" on the lilo promt > 2) Use john to crack the root password > > Should be pretty transparent and thus hard to trace... Neither john nor any other brute-force tool is likely to find any of my root passwords in a reasonable amount of time, if ever. Now, an attacker could certainly edit /etc/shadow to reset the root password, but that's pretty easily detectable. -- When we reduce our own liberties to stop terrorism, the terrorists have already won. - reverius Innocence is no protection when governments go bad. - Tom Swiss
