Hi Michael, >Someone with physical access to the server (Cobalt RaQ, E15K, Pentium box ... >doesn't matter) can do anything with it. That's an eventuality which you have >to live with when you can't guard the server yourself and have it colocation >somewhere. Preferably in the hands of a colo-center you trust. ;o)
Luckily, I 'somewhat' trust my colo provider, although I am always supicious. ;-) I just wonder... What good would physical access to any 'standard' (ie. no RaQ or equivalent with all kinds of nifty buttons on the front) server do without any or all of the following: - serial cable connected to laptop/desktop - ethernet connected to laptop/desktop - screwdriver - axe - etc... as far as "changing software specifications" on that server is concerned? With that, I mean: load a different kernel, install software (rootkits, trojans, etc.); you know the drill. Of course, you can unplug a standard server, reboot it, shut it down and all that, but you can't make it load another kernel by just pushing a couple of buttons on the front or back of the machine, IIRC. If you can have me stand corrected, please do. I will gladly publicly announce that I then "stand corrected". :-) What you said (or rather: my interpretation of what you said), is that *anyone* with physical access to a RaQ[*] can make it reboot and load a different kernel (ROM kernel). To me, that is scary, however small the chance may be that someone illegally can get physical access to my RaQ. >I'd be surprised if it hasn't. The hacked site (see begining of this topic) >seems to online even with the ROM kernel, so it must have network support. It probably has. I wonder if this ROM kernel is updateable, like a BIOS. Thanks... Nico _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
