[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Forgot root

From: Neil Aggarwal <neil JAMMConsulting com>
To: redhat-install-list redhat com
Subject: Re: Forgot root
Date: Fri, 25 Feb 2000 15:10:25 -0600

Everyone:

This whole discussion reminds me of the days when I was
administering a Solaris machine and forgot its root password.

It turned out that I could:
1. Connecting a CD drive to the SCSI port
2. Placing the original Solaris install CD in the drive
3. Killing the running OS
4. Booting from the CD and asking for a shell.
At this point I had complete access to the machine as root.

It amazed me how easy it was.  Needless to say, this was
an eye-opening experience!  

There is NOTHING you can do to protect against physical
access.  This is why it seems to be so simple to do it
from the lilo boot prompt -- it is not worth designing a
more secure way.

Even a BIOS password can be circumvented by opening the 
machine, pulling out the hard drive, and placing it
in another machine without a BIOS password.


	Neil.


 **We pay a 10% finders fee for job referrals that lead to a contract*
 --------------------------------------------------------------------
 |Neil Aggarwal          |JAMM Consulting, Inc. |Custom Programming |
 |President & CEO        |www.JAMMConsulting.com|Java, C, C++, perl,|
 |neil JAMMConsulting com|(972) 612-6056        |HTML, CGI          |
 --------------------------------------------------------------------

References:
- Re: Forgot root
  - From: Paul . Newman
- Re: Forgot root
  - From: Mark Wilson and Sharon Farr

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]