> > > On Fri, Feb 11, 2005 at 01:42:52PM -0800, Brian Mury wrote: > > > As soon you have any kind of connection and/or physical > situation, where > > > other people could come in touch with this system, I think strong > > > passwords and so on are necessary. > > If people have physical access to the box, no password is going to > > protect it. > > That's not strictly true. Actually opening the box and > setting jumpers or > swapping hardware is a higher bar than just sitting down and > the system and > having access. It's much more likely to be noticed, for example -- > especially if you have a security lock on the case and it > actually involves, > y'know, hacksaws. If you can boot from CD (rescue CD in the Linux case), there is no protection. I have had to do this when system administrators for a box left the company and took the root password with them. On Linux, Solaris (sparc), and HP/UX I have had to do this. If you are familiar with the NT Edit Linux boot diskette, physical access to a windows box will get you in as local admin. If you password protect the bios and lock the case and turn off boot from anything but the hard drive, you can seriously slow someone down. Where there's a wire, there's a way.