Physical Security
| The most secure system in the world can always be compromised if there's a possibility that an unauthorized person can gain physical access to the server machine itself, because no amount of software security can defend against a guy with a screwdriver. Secure co-location facilities are vital for a commercial or otherwise high-profile Internet server. Such a facility provides locked server cabinets in locked machine rooms, and only employees of the facility are generally allowed to open the cabinets and physically access the machines. Your system might itself be in a rack-mounted case with a locked front panel and BIOS security measures that warn you if the panel has been removed. In the best case scenario, the co-location facility is specifically dedicated to physical security, as are companies such as InfoBunker (http://www.infobunker.com). Naturally, though, such services come at a price. Anybody with physical access to the machine can reboot it into single-user mode, which doesn't prompt for the root password in the default configuration. You can change this so that it does prompt for a password by telling /etc/ttys that the console is "insecure," meaning that you can't guarantee that anybody accessing it is authorized: console none unknown off insecureHowever, this doesn't stop an intruder from being able to boot from a floppy disk or CD to compromise your system. Other devices attached to the machine can also be used to gain unauthorized access: modems, for example, or wireless networks, which should not be a part of any machine from which you're trying to restrict physical access. You can configure your machine's BIOS not to allow the machine to boot from any device other than the primary hard disk, and then lock the BIOS with a password, but these measures are just part of an arms race that a determined attacker with physical access is bound to win. The bottom line is that you cannot totally secure your system unless you control all physical access to it. |
