RussianFirm tapped away at the keyboard with:

one of our workers complained that someone hacked into his Win 2000 machine, which is double password protected. They got into his email account, and placed his private mail into a text file. I was surprised. I didn't even know it was possible to break into someones email account. Cookies???

Just how good would a bank safe be if it had windows? :-)

Now I'm concerned. I use SuSE Linux. What stops someone from popping in the SuSE CD, go into rescue mode, deleting my root password, then enter into my computer as root!?! From what I've read on the thread, this does not seem too difficult. And our company has more than a few top notch Russian programmers.

The lock on the door? The shotgun in the armed guard's lap? :-) The locked BIOS would slow them down after that - prevent booting from floppy and CD. Once somebody has physical access to your hardware, there is little that will prevent them from breaking into your system. An encrypted root filesystem might help - but please don't ask me how to do that. Somebody with malicious intent might just take to your computer with a fire axe if they can break in the soft way. Then steal your hard drive. -- Bernd Felsche - Innovative Reckoning Perth, Western Australia -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq

Hello, George. Approximately 85% of successful hacks ("cracks" for the purists out there) come from people on the inside. Physical security is very important when dealing with servers, but is much harder to implement for workstations. For example, if I have access to an NT Server, I can switch it off, power it back up, boot it off a DOS diskette, run NTFSDOS and have full access to the file system. Next I strip out the SAM database, since NT is not running, I can get the live version, and then run it through something like L0phtCrack and I will have the current user list and their passwords in no time at all. On a Linux box, I can walk up to your machine, reboot it, and at the LILO prompt type "linux single". Some of the more lax distributions will not prompt you for a password at all, but simply log you straight on as root with full privileges. If security is such a big issue, you need to start using some sort of encrypting file system on your hard drive, and IPSec for network traffic. Of course, these are not the only options, I'm sure others on the list will add more. Maybe something as simple as a BIOS password will save you a lot of worries. IMHO, if your own staff are giving you such trouble, you need to find some new ones. If they work for you, it's time to lay down the law that this sort of behaviour will not be tolerated. Bye for now, Stuart.

-----Original Message----- From: RussianFirm [mailto:russianfirm@yahoo.com] Sent: Sunday, August 27, 2000 10:38 AM To: suse-linux-e@suse.com Subject: [SLE] I don't feel secure with SuSE Linux

Hello, one of our workers complained that someone hacked into his Win 2000 machine, which is double password protected. They got into his email account, and placed his private mail into a text file. I was surprised. I didn't even know it was possible to break into someones email account. Cookies???

Now I'm concerned. I use SuSE Linux. What stops someone from popping in the SuSE CD, go into rescue mode, deleting my root password, then enter into my computer as root!?! From what I've read on the thread, this does not seem too difficult. And our company has more than a few top notch Russian programmers.

George

__________________________________________________ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/

-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com

Also check the FAQ at http://www.suse.com/support/faq

-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq

RussianFirm wrote:

Hello, one of our workers complained that someone hacked into his Win 2000 machine, which is double password protected. They got into his email account, and placed his private mail into a text file. I was surprised. I didn't even know it was possible to break into someones email account. Cookies???

Now I'm concerned. I use SuSE Linux. What stops someone from popping in the SuSE CD, go into rescue mode, deleting my root password, then enter into my computer as root!?! From what I've read on the thread, this does not seem too difficult. And our company has more than a few top notch Russian programmers.

Nothing will stop anybody that gains physical access to a whats-o-ever machine. To make it harder, disable CDROM / DISK boot, use the lilo password, use a boot password / password BIOS protection and if possible get a solid lock to prevent people from unscrewing the case. While you on it, fix the machine (like laptops sometimes) with a solid steel cable and lock to a solid place in the building. This will not prevent anything, but make it harder. Juergen PS: Since I discussed the theft of an laptop last weekend we raised the question about encrypted file systems. How far are these projects progressed?? anybody??

George

-- =========================================== __ _ Juergen Braukmann juergen.braukmann@gmx.de| -o)/ / (_)__ __ ____ __ Tel: 0201-743648 dk4jb@db0qs.#nrw.deu.eu | /\\ /__/ / _ \/ // /\ \/ / ===========================================_\_v __/_/_//_/\_,_/ /_/\_\ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq