On Tue, 30 Apr 1996, Neil Turton wrote: > Lukas Nellen <[EMAIL PROTECTED]> wrote: > > >From the point of view of security, do you really need a diskless > > system? If you set a bios password, set the bios to boot only from C > > and make sure that a password is required to enter single user mode, > > wouldn't that be just as secure? Or is there a loophole which I > > missed (not having tried this type of setup)? >
There are programs available on the net which will cause a BIOS checksum error. At bootup this error will allow the intruder into the BIOS setup without a password (BIOS defaults are taken). The intruder can then boot off of a floppy and access the machine regardless of any OS security. NT, which is heralded as "C2 secure", and its NTFS file systems are just as susceptible as any Linux or DOS/Windows box. If you can't secure the machine, you can't secure the system. You can still secure information through encryption however. Our own Senator Leahy (D-VT) has recently proposed that almost everything be encrypted; S.1587 is sort of an encryption "Bill of Rights." Maybe someday (soon?) we will be able to put all this export/import munitions ban garbage behind us. _____________________________________________________________________ Don Gaffney (http://www.emba.uvm.edu/~gaffney) Engineering, Mathematics & Business Administration Computer Facility University of Vermont - 237 Votey Building - Burlington, VT 05405 (802) 656-8490 - Fax: (802) 656-8802
