I think you missed the point. The previous poster was talking about how with him having PHYSICAL access to YOUR server, he can boot up using a linux floppy or cdrom and have complete access to your files. Infact he could even reset the Administrator password on your server to something he wants and reboot back to windows. Thus being able to setup a trojan or whatever he wanted.

The Linux/*nix folks already KNOW this can be done, as we can boot Linux systems from a floppy and circumvent the root password also. Hell lilo lets you do this WITHOUT any aditional help using "linux single" ( for most distros ). So why would "we" make a big deal of being able to do the same thing on Windows?

The comment about stupid artificial security measures was about requiring any sort of password from a recovery console in the 1st place. Since if you have physical access to the box you can do whatever you want with it anyways.

Infact having a password less recovery console IS DESIRABLE in many many cases. ( As the article states ). If you are concerned about physical security you should install the appropriate physical measures. ( BIOS password, case lock, secured/controlled access )

My concern is that it's the Windows Admin Newbies that are shocked and scared of this "bug/security hole" that are spreading this like it's a big deal. Since us *nux admins have known about this for ages.

On a side note MOUNT is not a "*nix" term. It has been used by all sorts of operating systems ( Including MacOS ) far far longer then the existance of Windows. And it has ALWAYS meant mounting( attaching ) a resource either physical ( like a harddrive ) , or virtual ( like a file share ) to a local directory entry ( mount point ). "Maping" is a MS invented word that specifically means mounting a remote share locally.

---



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/144/18425#18425