Physical password attacks against Unix-like operating systems
Start: Oct 10, 4:45 p.m.
End: Oct 10, 5:45 p.m.
Location: 108 (map)
Presentation Download(s)

I will be discussing three topics regarding password security on Unix-like machines, including BSD, GNU/Linux and even Mac OS X. This presentation is targeted towards system administrators mainly, but can be of major benefit to end users.

The first topic will be demonstrating the minimal effort it takes to gain root access on a Unix-like machine if you have physical access. I'll be demonstrating some security measures you can take to safe guard yourself against this attack, such as boot loader passwords, bios passwords, physical locks and even encrypted filesystems (which I'll demonstrate an attack against later). I'll show that each of these methods are mere speed bumps, when an attacker is determined.

The second topic will be demonstrating how easy and trivial it is to crack Unix-like shadowed accounts, once root has been obtained. I will be showing the password cracking utility "John the Ripper". We'll walk through a couple examples, showing how to crack weak passwords, the algorithms John uses, and how to secure your password against John.

The third topic will be demonstrating attacking encrypted filesystems, such as dm_crypt with LuksFS and others. This will be done demonstrating the cold boot attack, and reading the contents of RAM after an initial boot from another medium.

The goal of this presentation is to give users and system administrators the knowledge that an attacker would use against their systems, and how to safe-guard themselves against such an attack. With knowledge comes power, and with power comes responsibility. The responsibility of users and system administrators alike, is to keep their data safe. I hope this presentation demonstrates that responsibility.