Thursday, July 10, 2008

Forgot Your root Password?

Breaking Into Your Own System

- 1 -

When the LILO: prompt appears (or boot: prompt if you inserted a boot disk), enter:
linux -s

linux single

- 2 -

When the bash# prompt appears, enter:

...which will then prompt you for a new root password, without asking for the old one!

- 3 -

Press Ctrl+D and startup Linux proper, and log-in to the root account with your new password!

Ok, So How Do I Disable This!

Ok so now you're asking how do I prevent other people doing this (your pesky little brother perhaps?). Simple:

- 1 -

Go into BIOS. (Your BIOS frontend may differ from mine, but whilst steps 2 & 3 might not be exact instructions for you, they will be very similar.)

- 2 -

Select the option "BIOS FEATURES SETUP" and change "Boot Sequence" from "A, C, SCSI" to "C only", to prevent people getting past LILO with a Linux boot disk.

- 3 -

If you haven't password protected BIOS in the past then you've been very silly. Do so now by selecting "SUPERVISORY PASSWORD" from the main menu. Obviously this will prevent people changing the boot sequence back to "A, C, SCSI".

- 4 -

Now boot into Linux, open Linuxconf and password protect LILO to prevent others from using the dreaded "linux -s".

Think Your Safe Now?

Think you're computer's safe now? Well do you punk? Wrong answer. People can still pop your CMOS battery (a.k.a. "the big shiny circle thing on your motherboard") to erase your BIOS password (handy if you ever forget yours!). Solution? My full tower has a bit for a padlock at the back to stop people opening the case, but it's likely your's hasn't. Short of hiding your Linux boot disk, and installing a lock on your door, there's nothing you can do. Although saying that, it's unlikely a mischievious friend, college, partner or sibling is going to go to the trouble of popping the CMOS battery behind your back, and therefore wise to take the above precautions.


Post a Comment


Subscribe in Bloglines Msn bot last visit powered by MyPagerank.Net Yahoo bot last visit powered by MyPagerank.Net
I heart FeedBurner downtime checker The Ubuntu Counter Project - user number # 31290

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Powered by TadPole