326 lines
5.3 KiB
HTML
326 lines
5.3 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Security</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="HOME"
|
|
TITLE="Remote Serial Console HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Where to next from here?"
|
|
HREF="end.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Use good passwords"
|
|
HREF="security-password.html"></HEAD
|
|
><BODY
|
|
CLASS="CHAPTER"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Remote Serial Console HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="end.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
></TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="security-password.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="CHAPTER"
|
|
><H1
|
|
><A
|
|
NAME="SECURITY"
|
|
></A
|
|
>Chapter 9. Security</H1
|
|
><DIV
|
|
CLASS="TOC"
|
|
><DL
|
|
><DT
|
|
><B
|
|
>Table of Contents</B
|
|
></DT
|
|
><DT
|
|
>9.1. <A
|
|
HREF="security-password.html"
|
|
>Use good passwords</A
|
|
></DT
|
|
><DT
|
|
>9.2. <A
|
|
HREF="security-dtr.html"
|
|
>Obey Data Terminal Ready and Data Carrier Detect</A
|
|
></DT
|
|
><DT
|
|
>9.3. <A
|
|
HREF="security-dumb.html"
|
|
>Use or configure a dumb modem</A
|
|
></DT
|
|
><DT
|
|
>9.4. <A
|
|
HREF="security-messages.html"
|
|
>Restrict console messages</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>9.4.1. <A
|
|
HREF="security-messages.html#SECURITY-MESSAGES-LOG"
|
|
>Restrict console messages from the system log</A
|
|
></DT
|
|
><DT
|
|
>9.4.2. <A
|
|
HREF="security-messages.html#SECURITY-MESASGES-WALL"
|
|
>Restrict broadcast messages to the console</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>9.5. <A
|
|
HREF="security-modem.html"
|
|
>Modem features to restrict usage</A
|
|
></DT
|
|
><DT
|
|
>9.6. <A
|
|
HREF="security-bios.html"
|
|
><SPAN
|
|
CLASS="ACRONYM"
|
|
>BIOS</SPAN
|
|
> features</A
|
|
></DT
|
|
><DT
|
|
>9.7. <A
|
|
HREF="security-bootloader.html"
|
|
>Use a boot loader password</A
|
|
></DT
|
|
><DT
|
|
>9.8. <A
|
|
HREF="security-rhl-prompt.html"
|
|
>Non-interactive boot sequence</A
|
|
></DT
|
|
><DT
|
|
>9.9. <A
|
|
HREF="security-sysrq.html"
|
|
>Magic <B
|
|
CLASS="KEYCAP"
|
|
>SysRq</B
|
|
> key</A
|
|
></DT
|
|
><DT
|
|
>9.10. <A
|
|
HREF="security-ctrlaltdel.html"
|
|
>Adjust behaviour of <B
|
|
CLASS="KEYCAP"
|
|
>Ctrl</B
|
|
>-<B
|
|
CLASS="KEYCAP"
|
|
>Alt</B
|
|
>-<B
|
|
CLASS="KEYCAP"
|
|
>Delete</B
|
|
></A
|
|
></DT
|
|
><DT
|
|
>9.11. <A
|
|
HREF="security-log.html"
|
|
>Log attempted access</A
|
|
></DT
|
|
><DT
|
|
>9.12. <A
|
|
HREF="security-interception.html"
|
|
>Countering interception of telephony links</A
|
|
></DT
|
|
></DL
|
|
></DIV
|
|
><P
|
|
>Using a serial console with a modem gives anyone the
|
|
opportunity to connect to the console port. This connection is not
|
|
mediated by firewalls or intrusion detection sniffers. It is
|
|
important to prevent the misuse of the serial console by
|
|
unauthorized people.</P
|
|
><P
|
|
>The resurgence of the <SPAN
|
|
CLASS="ACRONYM"
|
|
>BBS</SPAN
|
|
>-era technique of
|
|
<SPAN
|
|
CLASS="QUOTE"
|
|
>"war dialling"</SPAN
|
|
> is described in @Stake's <A
|
|
HREF="http://www.atstake.com/research/reports/acrobat/wardialling_brief.pdf"
|
|
TARGET="_top"
|
|
><I
|
|
CLASS="CITETITLE"
|
|
>Wardialling
|
|
Brief</I
|
|
></A
|
|
> and reported upon by <I
|
|
CLASS="CITETITLE"
|
|
>The
|
|
Register</I
|
|
>, see an extract in <A
|
|
HREF="security.html#SECURITY-LEYDEN"
|
|
>Figure 9-1</A
|
|
>.</P
|
|
><DIV
|
|
CLASS="FIGURE"
|
|
><A
|
|
NAME="SECURITY-LEYDEN"
|
|
></A
|
|
><P
|
|
><B
|
|
>Figure 9-1. Extract from <I
|
|
CLASS="CITETITLE"
|
|
>Crackers favour war dialling and
|
|
weak passwords</I
|
|
></B
|
|
></P
|
|
><A
|
|
NAME="AEN2171"
|
|
></A
|
|
><BLOCKQUOTE
|
|
CLASS="BLOCKQUOTE"
|
|
><P
|
|
>With all the talk about zero day exploits and sometimes
|
|
esoteric vulnerabilities its easy to lose sight of the role of
|
|
older, less sophisticated techniques as a mainstay of cracker
|
|
activity.</P
|
|
><P
|
|
>During a hacking debate at InfoSecurity Europe yesterday
|
|
[2002-04-25], black hat hacker KP said that when he broke into a
|
|
network he did so 90 per cent of the time through an unprotected
|
|
modem, often through war dialling.</P
|
|
><P
|
|
>War dialling involves systematically trying to locate the
|
|
numbers associated with corporate modems through testing each
|
|
extension of a corporate phone system in turn.</P
|
|
><P
|
|
><SPAN
|
|
CLASS="QUOTE"
|
|
>"Intrusion detection systems are no real deterrent for
|
|
me because I get in through the back door,"</SPAN
|
|
> he
|
|
said. <SPAN
|
|
CLASS="QUOTE"
|
|
>"Many networks are constructed like Baked Alaska
|
|
— crunchy on the outside and soft in the
|
|
middle."</SPAN
|
|
></P
|
|
><P
|
|
>KP often takes advantage of weak or default passwords to
|
|
break into networks…</P
|
|
></BLOCKQUOTE
|
|
><P
|
|
CLASS="LITERALLAYOUT"
|
|
><I
|
|
CLASS="CITETITLE"
|
|
>Crackers favour war dialling and weak passwords</I
|
|
><br>
|
|
John Leyden, <A
|
|
HREF="http://www.theregister.co.uk/content/55/25044.html"
|
|
TARGET="_top"
|
|
><I
|
|
CLASS="CITETITLE"
|
|
>The Register</I
|
|
></A
|
|
>, 2002-04-26.</P
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="end.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="security-password.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Where to next from here?</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Use good passwords</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |