KBTAG: kben10000016
URL: http://www.securityportal.com/lskb/10000000/kben10000016.html
Date created: 13/04/2000
Date modified: 11/08/2000
Date removed:
Authors(s): Kurt Seifried seifried@securityportal.com
Topic: Various techniques for preventing
unauthorized access at the console
Keywords: Console
The console (physical terminal, either a monitor and keyboard, or serial terminal) has a great deal of power by default in Linux. You can reboot the machine without access typically (using ctrl-alt-delete), or do any number of other bad things.
Login screens and warning banners
You should then disable ctrl-alt-delete at the console, edit /etc/inittab and look for something like:
# Trap CTRL-ALT-DELETE ca::ctrlaltdel:/sbin/shutdown -t3 -r now
Simply comment out the line, or replace it with something like:
# Trap CTRL-ALT-DELETE ca::ctrlaltdel:/bin/echo "I can't do that Dave"
And then restart init with a "killall -HUP init", or a reboot.