How to Prevent someone else from reseting your root password in NIX

If you are an even slightly security-consious sysadmin, the previous sections must have set off alarms while you were reading them. Is it really that easy to hack Linux? Yes and No. It all it comes down to the following: Physical Access is Root Access. Meaning, if you give someone physical access to a system, then you are giving them a very good chance of getting root access on your box. This is true for Windows, Linux, or any other OS out there.

But… you say that you need to give some people physical access to the server? There are some precautions you can take to slow down attackers and stop the noob’s. In this section I will talk about various ways you can make your computer more secure against these types of attacks. So lets get started.
3.1.1 Password protecting GRUB and LILO

First, edit the /etc/inittab file and insert the following line, right after the “initdefault” line: ~~:S:wait:/sbin/sulogin. This will require a password to boot into single-user mode by making init run ‘sulogin’ before dropping the machine to a root shell. ‘sulogin’ requires the user to input the root password before continuing.

Unfortunately, the above step won’t protect us against people who know what they are doing and pass init=/bin/bash to the kernel at the LILO prompt. To prevent unauthorized access I would suggest that you password protect LILO/GRUB by following these steps:

How to Protect LILO:

Open a shell prompt and log in as root
Open /etc/lilo.conf in your favorite text editor
Add the following line before the first image stanza: password=<password> , where <password> is your password.
Run /sbin/lilo -v to let the changes take effect
Type chmod 600 /etc/lilo.conf to give only root access to read and edit the file since all passwords are in plain text
Relax a bit, as your system is a little bit more secure

How to password-protect GRUB

Open a shell prompt and log in as root
Type /sbin/grub-md5-crypt and press enter
Enter the password you chose for GRUB when prompted. This will return an MD5 hash of your password
Open /boot/grub/grub.conf in your favorite text editor
Add password –md5 <password-hash> below the timeout in the main section (Replace <password-hash> with the hash you got in the previous step)
Save and exit
The next time you reboot, the GRUB menu will not let you access the editor or command interface without first pressing [p] followed by the GRUB password.


njoy the simplicity…….
©Victimizeit

Advertisements

Reset passwords by booting into single-user mode in NIX

A) Booting into single-user mode from LILO

Follow these steps to reset the password when using LILO:

Reboot the system. When you see the LILO: prompt, type in linux single and press ‘Enter’. This will log you in as root in single-user mode. If your system requires you to enter your root password to log in, then try linux init=/bin/bash instead.

Once the system finishes booting, you will be logged in as root in single-user mode. Use passwd and choose a new password for root.
Type reboot to reboot the system and then you can login with the new password you just selected.

If you have a new version of LILO which gives you a menu selection of the various kernels available press Tab to get the LILO: prompt and then proceed as shown above.

B) Booting into single user mode from GRUB

Follow these steps to reset the password when using GRUB:

Reboot the system, and when you are at the selection prompt , highlight the line for Linux and press ‘e’. You may only have 2 seconds to do this, so be quick.

This will take you to another screen where you should select the entry that begins with ‘kernel’ and press ‘e’ again.

Append ‘ single’ to the end of that line (without the quotes). Make sure that there is a space between what’s there and ‘single’. If your system requires you to enter your root password to log into single-user mode, then append init=/bin/bash after ‘single’. Hit ‘Enter’ to save the changes.

Press ‘b’ to boot into Single User Mode.
Once the system finishes booting, you will be logged in as root. Use passwd and choose a new password for root.
Type reboot to reboot the system, and you can login with the new password you just selected.

njoy the simplicity…….
©http://linuxgazette.net

Resetting the Password of a user differently

In some of the Linux distributions, including Ubuntu, when you go to recovery mode to reset the password of root or any other user, the user’s current password would be prompted. To circumvent this, boot with a Live CD of the Linux distribution and edit the /etc/passwd file using vi or any editor of convenience.

As you must be aware, the fields in the file are separated by ‘:’ (colon) character and the second field is the password of the user. In Linux this value is set to ‘x’ to indicate that the password is stored in /etc/shadow file in encrypted form. Just remove this ‘x’ character from the file and let the field be empty against the user whose password needs to be reset. Now, reboot this Linux machine and during the booting process hit ‘Alt + F1’ to open up a console. You would be prompted for the user name to login to. Once the username is entered the shell prompt comes up without requiring any password.

Now you can reset the password without the need to the previous password.

I hope this little Tip will create curiosity in your mind to explore Linux more and you will know more about it. See you in the next newsletter. Until then keep exploring Linux.

njoy the simplicity…….
©Victimizeit

XP tweaks…1

Hi friends…
In this series, we’ll work on the XP(windows) tweaks…lets boom it..

1) Make the Columns Fit

Want to quickly see all the column in explorer without having to resize them individually? This tip does it for you.
Simple press CTRL + + (press the plus button twice on the numeric keypad), this will adjust the column width so you can view the info in each column.
This tip may also work with programs based on the Windows explorer interface. Try it out!

2) Setting the Windows Temporary Directory

Depending on which version of Windows you run, temporary files are usually stored in C:\WINDOWS\TEMP. This tweak shows how to move the location of the temporary file directory.

Open up AUTOEXEC.BAT with a text editor, it is normally found at C:\AUTOEXEC.BAT. If you’re run Windows 9x it maybe possible to right-click the file in explorer and choose ‘Edit’.

Add two new lines, or modify the existing lines if they are already there, as follows:

SET TEMP=[directory]
SET TMP=[directory]

e.g. SET TEMP=C:\GARBAGE
Save AUTOEXEC.BAT, create the directory entered above and reboot.

3) Modify the Duration that the Startup List is Displayed

This setting allows you to change the default 30 second timeout for the Startup List which normally allows you time to choose and boot an alternative operating system.

Using Windows explorer find the file called BOOT.INI on your system drive. Change the attributes of the file from read-only, by right clicking on it and choosing Properties, and then under Attributes, uncheck ‘Read-only’. Then double-click on BOOT.INI and it should open in Notepad.

Under the [boot loader] section is a value called “timeout=”. The number after the “=” sign is the time in seconds Windows will wait for a selection. Change the value according to the options below.

Set the value to the number of seconds between 1 and 999.
To make Windows boot instantly change this value to “0” (i.e. timeout=0).
To make Windows wait indefinitely change this value to “-1” (i.e. timeout=-1).
Save the file, and restart Windows for the change to take effect.

4) Change the Default Operating System

This setting in the BOOT.INI file controls which operating system the NT Boot Loader launches by default if none is selected.

Change the attributes for BOOT.INI so it is not ‘Read Only’, BOOT.INI is found in the root directory of the first partition. Then open the file using Notepad or another text editor (not Microsoft Word or any word processor).

Under the [boot loader] section change the ‘default=’ option to one of the operating systems listed under the [operating systems] section that you wish to use as the default.

For example, to load Windows NT from the first partition on the first IDE hard drive in the /WINNT directory the option would look like:

default=multi(0)disk(0)rdisk(0)partition(1)\WINNT

njoy the simplicity…….
©Victimizeit