Home page logo

bugtraq logo Bugtraq mailing list archives

Re: password backdoors
From: tfs () vampire science gmu edu (Tim Scanlon)
Date: Thu, 11 May 95 18:06:16 -0400

|I have also heard that the hardware password (and all the other ROM settings) |will get wiped if you remove the 
battery for a while, but I haven't tried |it.(Haven't had the need... :>)
|Does anyone know?

Yes, this is correct. The way I was taught to do it to pull the battery, wait
30 seconds, pop the battery in backwards for 5 seconds, and then wait another
minute & reinstall it normaly. I don't know wether that's 'spec' for absolute
certain,  but it does work, and has no ill effects that I've seen.

Also, on NeXT's, if the /etc/netinfo directory is set with read permissions
for other (the default), you can go in and look at the netinfo database as
it is set up in the files. it's not "plain text" but isn't unparseable
either. Obviously, if you're smart you reset these perms in a multi-user
environment to make the stuff unreadable by g & o. In a situation where
you've lost the root password or whatever, you obviously have console
access, so there's no problem with them only having root permissions.


tfs () vampire science gmu edu (NeXTmail, MIME)  Tim Scanlon
George Mason University     (PGP key avail.)  Public Affairs
I speak for myself, but often claim demonic possession

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]