Protecting against attacks
Disabling Control Alt Delete
The course is part of this learning path
In this course, you'll learn about the importance of physical security and the threats posed by attackers who gain unauthorized physical access to your Linux system. We'll cover a range of points to consider when securing your Linux systems and the best strategies to take.
- Understand the security challenges you'll face both when in direct control of your physical systems and when you use a third party to host them
- Understand what to look for when choosing a third-party provider
- Understand the physical security implications of using cloud environments
- Learn specific strategies for mitigating physical security risks and protecting your Linux systems against the most common physical attacks
- Learn about data encryption and how to implement it on new Linux systems, as well as those that are already in service
This course is intended for anyone who wants a solid grasp of physical security considerations for their Linux system.
To get the most out of this course, you should already have a good working knowledge of Linux. If you want to brush up on your Linux skills, consider taking our Learn Linux in 5 Days learning path first.
By default, Ubuntu doesn't set a password on the root account. If you were to manually install Ubuntu, it'll ask you to create an account to use for administration purposes. It won't let you set a root password. This is fine because root logins are disabled by default in Ubuntu, but when you boot into single user mode, you will get a root prompt, even if you've configured the system to prompt for a root password. There is no password, so it can't ask for one. To make this work, you must set a root password. Here's an Ubuntu system and I'm going to boot it into single user mode. Here we are at a root prompt and we weren't prompted for a password. I'm gonna show you that the SU login process was actually executed versus the SU shell. The SU login is the one that should prompt you for a password. So we'll just look at our current PID, which is dollar dollar. It's PID 583, we'll look at that. PID 58- Oops, 583. And its parent PID is 581, so we'll look at its parent. PID 581. And you can see that as you log in, was indeed executed and that spawned our Bash shell. I can also show you that as you log in is configured for system D as well. So we'll just get into the lib, system D. System directory here. And then we'll grab a, as you log in for our emergency.target. Oops, I'm sorry, emergency.service. And then we'll grab that for rescue.service as well. So you can see that system D is configured to execute as you log in. But again, it didn't prompt us for a password. So the root password is not set on this system. I can show you that by doing a head dash one on etc shadow. And you can see where the encrypted password would be, there's an exclamation mark there. So I'll go ahead and set the root password using the passwd command. All right, there's the root password, it's been set. So now that a password is set, when we boot into a single user mode it will prompt us for that password. Let's do this real quick. I'll just go ahead and reboot it. And we're going to boot into single user mode. And now that we're using SU log in and a password is set for the root account, we're being prompted for that password. If I didn't touch on this specific distro you're using, just look for all instances of SU shell and the Buddha process for your distro and replace them with SU log in. If you think about this conceptually, you know that the bootloader starts the kernel and the kernel then starts some other process. Typically that process is a net or an a net replacement. Just think about how the boot process works and it will lead you to where you need to make any changes.
Jason is the founder of the Linux Training Academy as well as the author of "Linux for Beginners" and "Command Line Kung Fu." He has over 20 years of professional Linux experience, having worked for industry leaders such as Hewlett-Packard, Xerox, UPS, FireEye, and Amazon.com. Nothing gives him more satisfaction than knowing he has helped thousands of IT professionals level up their careers through his many books and courses.