Computer Security

Talking about SolydXK, another distribution or totally off-topic but within the Rules ? It's the right place!
User avatar
troypulk
Posts: 192
Joined: 20 Jul 2014 22:43
Location: Washington State, USA

Computer Security

Postby troypulk » 10 Jul 2015 04:11

Is there anything I can do to prevent a person from getting in to my solydX system if it gets stolen?

Can they get past my password?

Thanks


SolydX 10, 4.19.0-9 / Debian 10, 4.19.118-2 (64-bit) / Xfce 4.12.4 (64-bit)

dyfi
Posts: 88
Joined: 15 Mar 2013 17:45

Re: Computer Security

Postby dyfi » 10 Jul 2015 06:55

Password can be changed by someone competent with Linux.

Personally I would encrypt any sensitive files within your
Document folder.

kurotsugi
Posts: 2274
Joined: 09 Jan 2014 00:17

Re: Computer Security

Postby kurotsugi » 10 Jul 2015 08:26

if the goal is to acces the files then a password isn't required. simply plug the HDD as external drive and mount it. done.

you'll need a strong encryption to protect your files.

User avatar
Arjen Balfoort
Site Admin
Posts: 9506
Joined: 26 Jan 2013 19:36
Location: Netherlands
Contact:

Re: Computer Security

Postby Arjen Balfoort » 10 Jul 2015 08:59

Indeed, it's fairly easy to get to someones data (a live ISO and knowledge of chroot is enough) and encrypting your valuable data is the best way to go. I remember a tutorial on that subject: http://forums.solydxk.nl/viewtopic.php?f=9&t=1304


SolydXK needs you!
Development | Testing | Translations

User avatar
troypulk
Posts: 192
Joined: 20 Jul 2014 22:43
Location: Washington State, USA

Re: Computer Security

Postby troypulk » 10 Jul 2015 13:37

kurotsugi wrote:if the goal is to acces the files then a password isn't required. simply plug the HDD as external drive and mount it. done.

you'll need a strong encryption to protect your files.
Thanks,

Would this work for the root password as well not just the user?


SolydX 10, 4.19.0-9 / Debian 10, 4.19.118-2 (64-bit) / Xfce 4.12.4 (64-bit)

User avatar
Zill
Posts: 1850
Joined: 13 Aug 2013 14:28
Location: Lincolnshire, UK

Re: Computer Security

Postby Zill » 10 Jul 2015 16:42

troypulk: "root" is, effectively, just another user and so to obtain access to a root account a hacker already knows the username (root) and so only has to guess the password.

With a user account a hacker has to guess both the username and the password, making this harder to crack.

This is why the sudo model is far more secure than the old idea of logging in to a root account directly.

Having said that, if someone else has physical control of your machine (or its HDD), then they have total access to your data.

As has already been advised, the best defence against this is to use strong encryption, either at file level and/or at disk level.

Of course, a strong cable to secure your machine to a solid fixture is also a good idea... ;-)

See "Kensington lock"

kurotsugi
Posts: 2274
Joined: 09 Jan 2014 00:17

Re: Computer Security

Postby kurotsugi » 10 Jul 2015 17:56

if you encrypt your system at least at partition level then all user is secured.

User avatar
just
Posts: 297
Joined: 07 Nov 2013 08:06
Location: Rovaniemi, Finland

Re: Computer Security

Postby just » 10 Jul 2015 19:21

Zill wrote:..."root" is, effectively, just another user and so to obtain access to a root account a hacker already knows the username (root) and so only has to guess the password...
There's no need for a hacker to guess the root's password. It may be changed/set to everything he wants, without even knowing the current one.

On Debian it is done in eight simple steps.

User avatar
Zill
Posts: 1850
Joined: 13 Aug 2013 14:28
Location: Lincolnshire, UK

Re: Computer Security

Postby Zill » 10 Jul 2015 19:28

just wrote:... There's no need for a hacker to guess the root's password. It may be changed/set to everything he wants, without even knowing the current one.

On Debian it is done in eight simple steps.
With physical access to the machine, yes. But more difficult remotely though. ;-)

User avatar
just
Posts: 297
Joined: 07 Nov 2013 08:06
Location: Rovaniemi, Finland

Re: Computer Security

Postby just » 10 Jul 2015 19:46

Zill wrote:
just wrote:... There's no need for a hacker to guess the root's password. It may be changed/set to everything he wants, without even knowing the current one.

On Debian it is done in eight simple steps.
With physical access to the machine, yes. But more difficult remotely though. ;-)
Most probably you're right. I've never reset root's password remotely. Though the method I follow requires only the access to kernel's boot line on boot. Nothing more.


Return to “Open Chat / General Discussion”

Who is online

Users browsing this forum: No registered users and 3 guests