3

I've been an Ubuntu user for a while now and not so long ago one of my computers got hijacked and malicious code was installed in it by simply replacing my password using the various password recovery features in the OS.

Please help me. Your assistance will be greatly appreciated.

jokerdino
  • 41,320
Angel Gabriel
  • 31
  • in ubuntu? That's strange. Can you give some details.. screenshot? – Web-E Sep 01 '12 at 05:07
  • Various? Which? Unless we are talking about a user with administrative privileges (which can ofc be removed) or someone with physical access to the computer I don't see how can it happen otherwise. – Bruno Pereira Sep 01 '12 at 05:22
  • "various password recovery features" is not IMO specific. I think, you need to be more specific about methods, otherwise it would not a good fit for this kind of site. – Anwar Sep 01 '12 at 06:15
  • 2
    Disable booting from CDs and USB sticks in your BIOS and set a BIOS password. See this answer to stop grub changes and passowrd protect recovery mode http://askubuntu.com/a/78051/71679 – damien Sep 01 '12 at 06:19

1 Answers1

1

Any PC or server is vulnerable to physical attack, if the attacker has unhindered access to the hardware.

So do one (or more) of the following:

(1.) Physically secure your hardware and data.

(2.) Use keys or BIOS password to discourage alternate methods of booting.

(3.) Store your critical (or confidential) data in an encrypted volume, that requires an additional pass-key (or physical token) to allow access.

david6
  • 14,499
  • 1
    I recommend editing this to include or link to information about how to reconfigure GRUB to lock down both its menu entries and its recovery prompt. Without that, obtaining access is typically trivial (though if important data are encrypted then it will be difficult to discover the sensitive information). – Eliah Kagan Sep 01 '12 at 11:02