Tips To Protect Linux Servers Physical Console Access

Posted on in Categories Debian Linux, Hardware, Howto, Kde, Linux, Linux desktop, Linux distribution, package management, RedHat/Fedora Linux, Sys admin, Tips, Ubuntu Linux last updated March 12, 2009

This is an user contributed article.

Linux computer console is a physical device to operate a computer / server. Here are few steps which, if taken, make it more difficult for an attacker to quickly modify a system from its console.

How Do I Secure Grub Boot Loader?

Posted on in Categories Debian Linux, Howto, Linux, Linux desktop, RedHat/Fedora Linux, Security, Sys admin, Tips, Ubuntu Linux last updated October 19, 2005

You can set a password for the GRUB bootloader. This prevents users from entering single user mode or changing settings at boot time.

When your system is rebooted, grub presents the boot option menu. From this menu one can easily login into a single user mode without the password which might result into compromise system security.

For example, anyone can access the data or change the settings. However you can setup a password for grub with password option. This option forces grub to ask for a password before making any changes or entering into single user mode. You need to type p followed by password.

FreeBSD Load Device Driver / Kernel Module

Posted on in Categories FreeBSD, Howto last updated December 1, 2004

Under FreeBSD operating system you need to use the kldload utility to load file.ko into the kernel using the kernel linker. You can find all loadable kernel drivers in in /boot/kernel or /boot/modules/ directory. Some modules (pf, ipfw, ipf, etc.) may be automatically loaded at boot time when the corresponding /etc/rc.conf statement is used. Modules may also be auto-loaded through their addition to loader.conf.

You must login as root user to load or unload modules.

Task: How do I use kldload command to load module

To load smbfs module run command:
# kldload {module-name}
# kldload {driver-name}
# kldload smbfs

# kldload -v smbfs
Sample output:

Loaded smbfs, id=8