[KLUG Advocacy] Re: linux security

Adam Tauno Williams awilliam at whitemice.org
Tue Feb 1 13:20:45 EST 2005


> > it is quite easy to break root password in Linux using GRUB boot loader. On
> > the other hand breaking Administrator password in Windows 200x is very
> > difficult. Does this mean Linux security is weak?

Given physical access I can crack a Windows 2000/XP box is less than a
minute.

> No, it means you forgot to lock the door to your server room.

Yep.

RULES #1, #2, and #3 are to RESTRICT PHYSICAL ACCESS.  You should need
at least two keys to access a server,  and if your data matters you
should have a sensor on the door as well hooked to an alarm system or at
least that raises holy hell if it isn't disarmed first.

> BTW, I, as I'm sure many others here, can break the administrator password 
> in about 2 minutes on a Windows 2K box.

Less!  I've demonstrated it (albeit on a really fast box).  Could take
quite a bit longer on an old box.

> This thread is better suited for the advocacy list. Replies there please.

OK.




More information about the Advocacy mailing list