Don’t forget your hardware

Hard Hacks


Now that your networks are secure and you’ve convinced your users to secure their passwords and software, it’s time to turn your attention to your hardware to keep it from being attacked.

This month, it’s back to the physical world – specifically, hacking systems via hardware. In security, sys admins usually focus on remote attacks (because anyone on the Internet can hit you) and local, shell-level attacks (because you can’t trust all users – or trust them to secure their passwords and so forth properly). Rarely do administrators pay much attention to physical attacks because, face it, someone with physical access and time can bypass virtually all security measures or simply modify the system so that, for example, after it boots up, it records your passwords to decrypt the hard drive.