19 January 2007

Linux security again

Yesterday I had to try the same linux hack as before on a smoothwall box. Exactly the same process to get into the smoothwall machine (remove the X between the colons in the /etc/passwd file). Then I found an article on google about resetting the smoothwall admin account. This was new to me as I've not used .ht access files before. However one command is all it takes to reset that user account and here it is for future reference:

htpasswd /var/smoothwall/auth/users admin

One new password later and I'm back into the admin area of the smoothwall box and able to check my dhcp server settings. It just goes to show that no matter how much effort you put into securing your systems from outside attack, restricting physical access is still the most important aspect of security.