Physical access

Physical access is a term in computer security that refers to the ability of people to physically gain access to a computer system. According to Gregory White, "Given physical access to an office, the knowledgeable attacker will quickly be able to find the information needed to gain access to the organization's computer systems and network."[1]

Attacks and countermeasures

Attacks

Physical access opens up a variety of avenues for hacking.[2] Michael Meyers notes that "the best network software security measures can be rendered useless if you fail to physically protect your systems," since an intruder could simply walk off with a server and crack the password at his leisure.[3] Physical access also allows hardware keyloggers to be installed. An intruder may be able to boot from a CD or other external media and then read unencrypted data on the hard drive.[4] They may also exploit a lack of access control in the boot loader; for instance, pressing F8 while certain versions of Microsoft Windows are booting, specifying 'init=/bin/sh' as a boot parameter to Linux (usually done by editing the command line in GRUB), etc. One could also use a rogue device to access a poorly secured wireless network; if the signal were sufficiently strong, one might not even need to breach the perimeter.[5]

Countermeasures

IT security standards in the United States typically call for physical access to be limited by locked server rooms, sign-in sheets, etc. Physical access systems and IT security systems have historically been administered by separate departments of organizations, but are increasingly being seen as having interdependent functions needing a single, converged security policy.[6] An IT department could, for instance, check security log entries for suspicious logons occurring after business hours, and then use keycard swipe records from a building access control system to narrow down the list of suspects to those who were in the building at that time. Surveillance cameras might also be used to deter or detect unauthorized access[5]

gollark: That sounds like something which would improve* and not worsen** the situation.
gollark: You could do it both ways I guess, perhaps with a switch.
gollark: If you tracked clicks on each internal link you could estimate connection importance that way. Or manually specify importance levels. Or have something to emphasise links between big clusters.
gollark: > it seems like you're talking more about an API?Yes, I think the ability to do that might be more useful to (some) external services than having UI in Athens itself.> Dokuwiki does seem interesting thoughIt's a pretty good selfhosted wiki engine. It doesn't have knowledge-graph-y features because it was mostly made before that became a topic of interest, but does have... search, links, somewhat okay formatting, and many plugins. I currently run an instance because it seemed the best available stable thing when I was setting up things and it is quite hard to migrate now.
gollark: Sorry if I'm explaining this somewhat badly. I can probably clarify. I mean something like this (https://www.dokuwiki.org/plugin:struct) but without necessarily having to define a schema somewhere. I think this would be good for a few categories of thing, such as, say, exporting a list of cards (defined in notes) into a spaced repetition system. Possibly calendar events/reminders too, but you'd probably want a way to remove expired ones.

References
  1. White, Gregory: Security+ Certification All-in-One Exam Guide, McGraw-Hill, 2003, p. 388.
  2. An attacker with physical access to a computer may be able to access files and other data, Microsoft.
  3. Network+ Certification All-in-One Exam Guide, Michael Meyers, Third Edition, Chapter 17, p. 551, McGraw-Hill Companies, 2004.
  4. Cracking Windows 2000 And XP Passwords With Only Physical Access, Irongeek.
  5. Threats to Physical Security
  6. Bridging Physical Access Systems and IT Networks, David Ting, TechNewsWorld, November 10, 2006.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.