BIOS Security
Source: Dave Wreski - Posted by Dave Wreski   
Learn tips and tricks The BIOS is the lowest level of software that configures or manipulates your x86-based hardware.

LILO and other Linux boot methods access the BIOS to determine how to boot up your Linux machine. Other hardware that Linux runs on has similar software (OpenFirmware on Macs and new Suns, Sun boot PROM, etc...). You can use your BIOS to prevent attackers from rebooting your machine and manipulating your Linux system.

Most PC BIOSs let you set a boot password. This doesn't provide all that much security (the BIOS can be reset, or removed if someone can get into the case), but might be a good deterrent (i.e. it will take time and leave traces of tampering). Similarly, on SPARC/Linux (Linux for SPARC(tm) processor machines), your EEPROM can be set to require a boot-up password. This might slow attackers down.

Many PC BIOSs also allow you to specify various other good security settings. Check your BIOS manual or look at it the next time you boot up. For example, most BIOSs disallow booting from floppy drives and some require passwords to access some BIOS features.

Note: If you have a server machine, and you set up a boot password, your machine will not boot up unattended. Keep in mind that you will need to come in and supply the password in the event of a power failure. ;(

Only registered users can write comments.
Please login or register.

Powered by AkoComment!