[Leaplist] Floppy image (or, on a CDROM), Boots installed Linux
or Windows, as root, bypassing all passwords
Kevin Korb
kmk at sanitarium.net
Sat Jun 27 16:48:21 EDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This isn't really a new threat. Anyone with physical access to a
machine has always been able to get into the machine. Even if you
disable floppy and CD booting they can always yank out the disk and plug
it into a system where they control the OS. The only real solutions are
physical security and/or disk encryption.
patrick wrote:
> This can be run from a floppy, or, as a floppy image on the CDrom, to
> alter the installed boot-up in order to log on as Root user, in either a
> Microsoft environment that is on the hard drive, or, into any installed
> Linux system.
>
> This alters the kernel as boot occurs, so you are Root user. Then,
> before exit, you need to run Kon-Fix!
>
> Yes, it has been tested on Linux and Windows Servers.
>
> Securely Lock your machine rooms!
>
> For those of you who haven't seen this yet...
> http://www.piotrbania.com/all/kon-boot/
>
- --
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
Kevin Korb Phone: (407) 252-6853
Systems Administrator Internet:
FutureQuest, Inc. Kevin at FutureQuest.net (work)
Orlando, Florida kmk at sanitarium.net (personal)
Web page: http://www.sanitarium.net/
PGP public key available on web site.
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkpGhZQACgkQVKC1jlbQAQd5+wCgjGPjy6Y7hM8J6xtt3ah2aZY/
uHkAn3qeIhxy93hJsIoN3RIlQ+WMOWgH
=hG1g
-----END PGP SIGNATURE-----
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Leaplist
mailing list