Is dual-booting safe? - Forums Linux |
- Is dual-booting safe?
- how to avoid BIOS during boot?
- LILO giving 01 01 01 01 error
- Firewall software.
- pam, ssh, user account vulnerability
Posted: 29 Sep 2005 06:33 PM PDT Charlie Gibbs wrote: ..... That's not their business. Not to mention the different flavors of unix/linux filesystems. "Spying" on windows partitions and the registry will suffice for a long time. In the worst case (of paranoia that is) you can use encrypted partitions. But then, just for fun, see my .sig :) Never had a unsolvable problem installing linux for dual-boot. One has to expect some difficulties and bios flaws, though, and never attempt to do it without either enough faith and a knoppix cd (because unlike most linux install cds in rescue mode, it can handle linux raid just fine) handy, or (better) a good working backup - at least of the mbr which easily fits on a floppy. -- Longhorn error#4711: TCPA / NGSCP VIOLATION: Microsoft optical mouse detected penguin patterns on mousepad. Partition scan in progress to remove offending incompatible products. Reactivate MS software. Linux woodpecker.fdns.net 2.6.13-mm3[LinuxCounter#295241,ICQ#4918962] |
how to avoid BIOS during boot? Posted: 29 Sep 2005 03:04 PM PDT com wrote: No problem - misformatted partition (contents) or bios that cannot read the contents. Msdos uses the bios for disk access. Since you have already deterined that your bios cannot read much of your disk, that is no surprise. No problem - correctly formatted partition table. The partition table is on sector zero and thus is perfectly within range of the bios, which is what fdisk via msdos or notis talking to there. No - that is NOTHING TO DO WITH LILO. IT IS A BIOS error (screams). No it isn't. Please stop this. It's like watching a clown claiming that people are only happy when he wears his red shoes. It is mistaking cause and effect in a horribly muddled way. Peter |
Posted: 29 Sep 2005 01:31 PM PDT <com> wrote in message news:googlegroups.com... First: *IGNORE PETER*, he will snark at you to make himself feel like a manly man, and his suggestions will contain no usable data as he pokes his nose in the air and says "You're too stupid to know what I know", then he handwaves soem argument that is usually (though not always) completely irrelevant. Second. For certain boot situations, grub is indeed better than LILO. The key such situation is an old motherboard with certain BIOS limitations, and a / partition that is not contained entirely within the first 1023 cylinders of the disk. You can deal with the limitation with creating a /boot partition at the beginning of that is less than 11023 cylinders long (or 8 Gigabytes with a typical disk layout). So a small 100 Meg /boot directory is just about the right size for multiple kernels, a few grub config files, etc. |
Posted: 28 Sep 2005 05:02 PM PDT [Distribution snipped for follow-ups.] In comp.os.linux.setup Jeffrey Goldberg <org> wrote: The conventional way of doing that on a Unix system is with a security regime that implements a "capabilities" model to allow restricting in advance what each executable is and is not allowed to do -- such as SELinux. None lately. Their heyday on Linux was 2001-2003. Their food was taken off the table by several things: 1. Eclipse of BIND8, wu-ftpd, wu-imapd, qpopper, and lpd/LPRng (horrendously buggy network daemons) by better replacements. 2. An end to the bad habit of distro installers' (mainly Red Hat) defaulting to a ridiculous number of network daemons including NFS/NIS(!) running. 3. Lack of a default IP/port filter. Rundown on all of them to date, here: http://linuxmafia.com/~rick/faq/index.php?page=virus#virus5 -- Cheers, Rick Moen Support your local medical examiner: Die strangely. com |
pam, ssh, user account vulnerability Posted: 27 Sep 2005 01:34 PM PDT Enrique Perez-Terron <no> wrote: Going from memory: The Tripwire binary, when started, calculates its own md5sum and compares it against the one on record in the (signed, encrypted) signatures database. The next in a long series of possible questions you would then want to ask me is how that system defends against an intruder who replaces the Tripwire binary with one that merely pretends to recheck its md5sum hash, and reports that it matches and is thus OK even though it isn't. My recollection of the answer to that is even more vague: At least part of it is a recommendation that you regularly reverify the integrity of _all_ the important files using your private key on a different system (e.g., the place where you receive Tripwire's signed, encrypted reports via e-mail). Plus they recommend that you keep that binary on write-protected storage. The questions and answers go on at considerable length. For instance, one of the obvious attack vectors would be to sabotage the system crontab entry that causes Tripwire to generate, encrypt, sign, and e-mail a report. So, you're admonished that, if you suddenly aren't receiving reports when they're expected, watch out! |
You are subscribed to email updates from TextNData Forums - Linux To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
Google Inc., 20 West Kinzie, Chicago IL USA 60610 |