Security Basics mailing list archives
RE: security scenario
From: "s7726" <s7726 () yahoo com>
Date: Wed, 29 Jan 2003 14:59:50 -0800
If you set the bios pass you can simply disable the floppy and cd drives as boot media. No this does not fix having the person open the case and reset the bios, but I have seen a few cases (mostly from OEM) with places to put a master lock so the case can't be opened without some hardware which would almost definitely draw some attention - "Hey Jim what're the bolt cutters for." Gavin S. -----Original Message----- From: Chris Berry [mailto:compjma () hotmail com] Sent: Tuesday, January 28, 2003 1:40 PM To: security-basics () securityfocus com Subject: Re: security scenario
From: Gene Cronk <gene () hacktek com> No CD Rom/Floppy in the server? :-D
He specified workstation, but to answer your question I have a locking server case to prevent unauthorized access. In addition we're installing cypherlocks on the server room door (can't afford a smartcard system right now) However, it would be pretty easy to remove the cd-rom and floppy from the server once it is initially set up, and just do everything over the network. <bad humor> Of course then you have the situation where you're hanging upside down in the dark trying to install a floppy drive while the sprinklers are going and the power strips are shorting out so that you can use your ten year old copy of emacs to try and repair the files that got corrupted by the bosses son pushing his cookies through the fan grills and starting an electrical fire, but I consider that an acceptable trade off. </bad humor> Chris Berry compjma () hotmail com Systems Administrator JM Associates "For Sys Admins paranoia isn't a mental health problem, its a marketable job skill." _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
Current thread:
- Re: security scenario Jonathan Bowman (Jan 27)
- <Possible follow-ups>
- Re: security scenario ATD (Jan 27)
- Re: security scenario Gene Cronk (Jan 28)
- Re: security scenario Richard Arends (Jan 28)
- Re: security scenario Chris Berry (Jan 29)
- RE: security scenario s7726 (Jan 30)
- RE: security scenario MacFerrin, Ken (Jan 29)
- Re: security scenario Chris Berry (Jan 30)
- RE: security scenario pasi.kivikangas (Jan 30)