Configure your system so it cannot be booted from a floppy or from CD, either by removing the drives entirely or by setting a BIOS password and configuring the BIOS to allow booting from a hard disk only.
Normally, a Linux system will be started by a boot loader, allowing you to pass additional options to the booted kernel. This is crucial to your system's security. Not only does the kernel itself run with root permissions, but it is also the first authority to grant root permissions at system start-up. Prevent others from using such parameters during boot by using the options "restricted" and "pass-word=your_own_password" in /etc/lilo.conf. Execute the command lilo after making any changes to /etc/lilo.conf andlookfor any unusual output the command might produce. If you forget this password, you will have to know the BIOS password and boot from CD to read the entry in /etc/lilo.conf from a rescue system.
Was this article helpful?