FC6:How to most common questions I've answered in the last week

[stanjam]

From a security standpoint you have to understand that if you have physical access to a machine it is yours. I don't care what the OS is. The only way to protect the data on your machine and protect it from someone with physical access to the machine is to encrypt the data.

There are too many ways to get into a machine and steal the data if you have physical access. The Fedora way like explained here, with a live cd, taking the drive out and mounting it as a slave in another pc (gets by all the nasty password issues), booting into a live cd and making a dd image of the drive and sending it to your machine via a crossover cable so you can look at it at your leisure. Bios password? No problem, just remove the battery or otherwise clear the CMOS.

In security you have to understand that if you have no decent physical security you have NO security. It's not always about firewalls, IDS, honeypots etc.

[Iron_Mike]

Quote:

Originally Posted by stanjam

From a security standpoint you have to understand that if you have physical access to a machine it is yours. I don't care what the OS is. The only way to protect the data on your machine and protect it from someone with physical access to the machine is to encrypt the data.

There are too many ways to get into a machine and steal the data if you have physical access. The Fedora way like explained here, with a live cd, taking the drive out and mounting it as a slave in another pc (gets by all the nasty password issues), booting into a live cd and making a dd image of the drive and sending it to your machine via a crossover cable so you can look at it at your leisure. Bios password? No problem, just remove the battery or otherwise clear the CMOS.

In security you have to understand that if you have no decent physical security you have NO security. It's not always about firewalls, IDS, honeypots etc.

I think you need re-evaluate your statement concerning physical access to a machine will give you control, this is totally false. I can sit you down in front of a machine that we use and it will be "virtually impossible" for you to gain access to our network. We don't locally encrypt data so much as use a hardware and software access control to said machine.

[stanjam]

How would you accomplish that? I have never seen a machine without encrypted data that I could not completely own by having physical access. You would need to prove it to me. Give me physical access to a machine and it is mine. How do you define "virtually impossible?" Certainly not as impossible. Nothing is absolute in security. No encryption?

There are several tried and true methods to taking control of a machine with physical access. You can take out the hard drive and make it a slave on your own machine. You can use a forensics disc to gain an image of the hard drive and pop it to your machine via a network crossover cable. Or if you haven't installed a grub password just boot to init 1 (if you have just install your own grub boot loader, but there are simpler ways. Don't haveit set p to do that by passwording the Bios? Reset the CMOS (or simply remove the battery, does the same thing).

If you have other ways of securing a computer so someone who has physical access can't own it I would love to hear the theory. Always looking for good security methods.
If you have some way to stop these methods of taking over a system I would be glad to hear it.

[Iron_Mike]

It's called "BioMetrics" which in our case uses a combination of hardware and software for access. The 1st being a fingerprint scanner which is used to enable the boot sequence, the 2nd being "Certificate Authority Credential"" CAC card identification which is used for login. The 3rd being the root user has been removed. Then the 4th being, a electrical continuity security system that should continuity be removed from the NIC, the computer will go into non boot state.

Some of us might work in an environment where security is paramount to safeguarding national secrets and where computer security goes well beyond a simple password.

If you think you can get past these security procedures, send me your Resume' we might have a position available......

[jjthomas]

Quote:

Originally Posted by Nickisgod1

OK I seem to be answering the same question over and over again, which I dont mind.
#4
madwifi drivers from source/ network manager cant see my madwifi chipset

I purchased a Linksys WMP55AG only to discover that it had no drivers for XP 64bit. A seach pointed me to an old how-to that gave me the drivers I needed to get it to work. That also gave me a clue on what to look for in Linux. Your message gave me the step by step to get it working in FC6.

Thanks for posting the answer... again and again

-JJ I don't just use google, it is my browsers home page.

[Quimbob]

Quote:

Originally Posted by Nickisgod1

make a symbolic link /lib/modules/2.6.20-1.2944.fc6/build /usr/src/your_kernel

thanks. I could tell "build" was some kind of link but I was fumbling around with alias commands. I had never heard of a symbolic link.
Now I can only get to the next step, tho, as /sbin/modprobe ath_pci gives me:

WARNING: Error inserting ath_hal (/lib/modules/2.6.20-1.2944.fc6/net/ath_hal.ko): Operation not permitted
WARNING: Error inserting wlan (/lib/modules/2.6.20-1.2944.fc6/net/wlan.ko): Operation not permitted
FATAL: Error inserting ath_pci (/lib/modules/2.6.20-1.2944.fc6/net/ath_pci.ko): Operation not permitted

I edited the modprobe.conf file & still got the same error.
Is this a permissions thing ?

thanks

[nick.stumpos]

are you root?

[Quimbob]

hm, no I was not
As root it still fails saying Invalid module format

[nick.stumpos]

odd did you make the symbolic link to the correct kernel headers? uname -r to see what kernel your currently booting

[Quimbob]

Quote:

Originally Posted by Nickisgod1

odd did you make the symbolic link to the correct kernel headers? uname -r to see what kernel your currently booting

yes
/lib/modules/2.6.20-1.2944.fc6/build
was linked to
../../../usr/src/kernels/2.6.20-1.2944.fc6-i586
I deleted that symbolic link and recreated it to link to
../../../usr/src/kernels/2.6.20-1.2944.fc6-i686
That allowed the make and make install commands to work.
uname -r gives me
2.6.20-1.2944.fc6
and uname -a gives me
2.6.20-1.2944.fc6 #1 SMP Tue Apr 10 17:27:49 EDT 2007 i686 i686 i386 GNU/Linux
I have been poking around on the internet but frequently solutions are in bits and pieces and for different distributions and people cite files and folders not in fc6. But a modinfo ath_pci gives me (edited)
filename: /lib/modules/2.6.20-1.2944.fc6/net/ath_pci.ko
version: svn r2289
depends: ath_hal,wlan
vermagic: 2.6.20-1.2944.fc6 SMP mod_unload 686 4KSTACKS

Should the vermagic listing be telling me what version of gcc was used to compile this ? Is 4KSTACKS right ?

thanks a lot

[nick.stumpos]

quimbob what does
rpm -qa 'kernel*' --queryformat "%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n"|sort
say i think you may have the i586 bug
and
landonmkelsey
what are you talking about?

[Quimbob]

Quote:

Originally Posted by Nickisgod1

quimbob what does
rpm -qa 'kernel*' --queryformat "%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n"|sort

jeez - ok
kernel-2.6.18-1.2798.fc6.i586
kernel-2.6.20-1.2944.fc6.i586
kernel-devel-2.6.20-1.2944.fc6.i686
kernel-headers-2.6.20-1.2944.fc6.i386

[Firewing1]

Try:

Code:

yum remove kernel-2.6.18-1.2798.fc6.i586 kernel-2.6.20-1.2944.fc6.i586
yum install kernel

[nick.stumpos]

yup and after you do what firewing says do a make clean on your madwifi soure and start over

[Quimbob]

ok
Removed the old stuff & installed the new stuff.
Still no go
New kernel is 2.6.20-1.2948.fc6
So I used yum to update kernel headers and kernel devel & then used yum to remove the 2944 kernel-devel
The rpm query showed everybody was at the same version so I rebooted.
Now the OS will not load.
There is not much on the machine. I am thinking of just re installing the whole mess with the wireless card already installed & see if it gets recognized that way.
Research project is right. :-)