Password protect single user mode

You forget your root password and get locked out of your own box. What do you do? Typically, you would reboot into single user mode and change the password there.

When booting into single user mode you will not be prompted for the root password. This is something every attacker knows and prays on once he has gained physical access to you box. So what do you do?
Firstly, a good sys admin knows not to forget the root password. Login in as root is never a good idea so using sudo is always advised.
This still leaves the single user mode vulnerable, to secure it you will have to append the following line “su:S:wait:/sbin/sulogin” to your “/etc/inittab” file.
Now, every time you boot into single user mode you will be prompted for the root password.

# password protect single user mode
su:S:wait:/sbin/sulogin

PS: Always remember you password, if you can’t then write in down in a safe place.

Wireless Security – The Basics

People use wireless networks on a daily basis and are growing concerned about the possible threats. Taking the following precautions significantly mitigates security risks associated with mobile wireless access.

1. Install a firewall
2. Enter passwords only into websites that include an SSL key on the bottom right. If the hotspot is not working properly, assume your password has been compromised, report to hotspot service provider and change your password at the next immediate opportunity
3. Disable/remove the wireless card if you are not actively using the hotspot
4. Ensure that your laptop is updated with the latest security patches
5. Avoid hotspots where it is difficult to tell who’s connected (hotels, airport clubs, conferences)
6. Use hotspots only for internet surfing
7. Read all pop-up windows in their entirety
8. Do not use insecure applications such as non-encrypted email or instant messaging while at hotspots
9. Explicitly disable municipal WiFi access from within the enterprise
10. Install AirDefense Personal