Skip to main content

BIOS Security


The BIOS is the lowest level of software that configures or manipulates your x86-based hardware. LILO and other Linux boot methods access the BIOS to determine how to boot up your Linux machine. Other hardware that Linux runs on has similar software (Open Firmware on Macs and new Suns, Sun boot PROM, etc...). You can use your BIOS to prevent attackers from rebooting your machine and manipulating your Linux system.

Many PC BIOSs let you set a boot password. This doesn't provide all that much security (the BIOS can be reset, or removed if someone can get into the case), but might be a good deterrent (i.e. it will take time and leave traces of tampering). Similarly, on S/Linux (Linux for SPARC(tm) processor machines), your EEPROM can be set to require a boot-up password. This might slow attackers down.
Another risk of trusting BIOS passwords to secure your system is the default password problem. Most BIOS makers don't expect people to open up their computer and disconnect batteries if they forget their password and have equipped their BIOSes with default passwords that work regardless of your chosen password.

Some of the more common passwords include:

j262 AWARD_SW AWARD_PW lkwpeter Biostar AMI Award bios BIOS setup cmos AMI!SW1 AMI?SW1 password hewittrand shift + s y x z.


These passwords are quite easily available from manufacturers' websites and http://astalavista.box.sk and as such a BIOS password cannot be considered adequate protection from a knowledgeable attacker.Many x86 BIOSs also allow you to specify various other good security settings. Check your BIOS manual or look at it the next time you boot up. For example, some BIOSs disallow booting from floppy drives and some require passwords to access some BIOS features.

Note: If you have a server machine, and you set up a boot password, your machine will not boot up unattended. Keep in mind that you will need to come in and supply the password in the event of a power failure. ;(

Comments

Post a Comment

Popular posts from this blog

Database Sharding

Collating some of the resources which talks about Database Sharding. https://en.wikipedia.org/wiki/Shard_(database_architecture) [Feb 2019]  http://highscalability.com/blog/2019/2/19/intro-to-redis-cluster-sharding-advantages-limitations-deplo.html Redis Cluster is the Native Sharding implementation available within Redis that allows your to automatically distribute your data across multiple nodes without having to rely on external tools and utilities. Its covers Sharding with Redis Cluster  where Redis Clusters is divided in 16384 slots and these slots are assigned to multiple Redis Nodes. The  Redis Cluster Specification  is the definitive guide to understanding the internals of the technology, while the  Redis Cluster Tutorial  provides deployment and administration guidelines. [ Jan 2019  ]  https://scalegrid.io/blog/scalegrid-hosting-adds-support-for-highly-available-redis-clusters-with-automated-sharding/ ScaleGrid : Fully Manage...
Post a Comment
Read more

Penetration Testing Basics

Penetration testing, often called “pentesting”,“pen testing”, or “security testing”, is the practice of attacking your own or your clients’ IT systems in the same way a hacker would to identify security holes. Of course, you do this without actually harming the network. The person carrying out a penetration test is called a penetration tester or pentester. The difference between Penetration Testing and Hacking is that you have the system owner's permission to do testing and to identfiy security holes. If you want to do penetration testing u should better ask for his/her permission. Basic Security Concepts Vulnerability: It is a security hole in a piece of software, hardware of Operating system that provides a way to attack the system.A vulnerabilty is as simple as weak passwords and as complex as buffer overflows as well as SQL injection. Security Research: Vulnerabilities are typically searched by security researchers who finds the flaws in the system. Security Research can ...
1 comment
Read more