On Fri, 10 Jul 1998, Jericho Nunn wrote: > An easy and quick work-around that avoids granting just anybody at > the console the ability to "Stop-A" and drop into OBP, is to enable the > "security-mode" and "security-password" variables within OBP. Changing > the default value of "security-mode" from 'none' to 'full', forces a > user who tries to halt the system to authenticate against the password > defined in "security-password" before having access to the OBP command > line. On some (older?) OBP versions, you can reset the NVRAM to default values (hence disabling the password) by pressing Stop-N. And of course, a truly dedicated attacker simply has to open the box up and drop in his own NVRAM chip which has no password. -- John W. Temples, III || Providing the first public access Internet Gulfnet Kuwait || site in the Arabian Gulf region
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:03:22 PDT