Login or Register to Ask a Question and Join Our Community


Cybersecurity

How to protect system from cloning?

 
Thread Tools Search this Thread
Special Forums Cybersecurity How to protect system from cloning?
Prev   Next
# 1  
Old 09-07-2014
How to protect system from cloning?
Hello there,

I would like to protect a Linux system from cloning, I don't mind if the cloned hard drive works in the same computer, but I need to avoid it to work in other one, even if it uses exactly same mainboard model and rest of computer parts. I want the cloned system to get frozen or simply restart continously if it's used in another computer.

I found a thread in other forum that talks about a test of the NIC interface's MAC. It could be a good solution.

The issue is that I have no information at all about how to do it, nor the software to use. Of course, I would like it to be as "unbreakable" as possible.

Many regards in advance
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Archiveadm system cloning - Solaris 11.4

Hi all, I am trying to use archiveadm to backup/clone an existing Solaris11.4 system. However, i failed at media creation with the error -> "Media can only be created from archives containing root-only data" root@xxx:/mnt/opt/software# zpool list NAME SIZE ALLOC FREE CAP DEDUP ... (6 Replies)
Discussion started by: javanoob
6 Replies

2. AIX

Cloning a system via mksysb backup from one system and restore to new system

Hello All, I am trying to clone an entire AIX virtual machine to a new virtual machine including all partitions and OS.Can anyone help me on the procedure to follow? I am not really sure on how it can be done.Thanks in advance. Please use CODE tags for sample input, sample output, and for code... (4 Replies)
Discussion started by: gull05
4 Replies

3. UNIX for Advanced & Expert Users

protect process

how to protect my process from others to kill?? Double post, continued here, thread closed (0 Replies)
Discussion started by: samrintu
0 Replies

4. UNIX for Advanced & Expert Users

Cloning a solaris system

I have several Solaris 8,9 and 10 servers. I need to refresh them and avoid doing any OS upgrades. I may have to apply patches when I am done due to the new hardware. My current servers have internal disk and my new target servers (same processor types) will have only SAN storage. Once the... (0 Replies)
Discussion started by: zzqv9p
0 Replies

5. UNIX for Dummies Questions & Answers

Full System Backup / Cloning HPUX

I am new to UNIX and need help in cloning a HPUX 10.2 Ace 5, can anybody please guide me in making a full system backup. Real Chess (0 Replies)
Discussion started by: real-chess
0 Replies

6. AIX

Problem cloning system

Hi everyone, I want to clone a AIX 5.2 system from a machine to another one. So i modified bosinst.data and image.data files (according to future platform) before making mksysb on old platform. After booting on CD and restoring system using mksysb tape, the installation is launched but ever... (2 Replies)
Discussion started by: fgaulois
2 Replies

7. UNIX for Advanced & Expert Users

Protect from rm /

We recently had an accidental delete from /. I hold the root password but others are allowed to sudo over to root to perform admin tasks. The only way I want to permit deletion from / is by physically being root (su -). I'd like to add a line to the sudoers file which would permit all commands... (1 Reply)
Discussion started by: scottsl
1 Replies

8. UNIX for Dummies Questions & Answers

Password protect a file

I have created a PHP page that I use to clean files on my machine. I would like to leave the file there but I want to password protect it so that I am the only one that can run it from the shell. Does anyone know how to do this? Thanks. -Cam (2 Replies)
Discussion started by: perryl7
2 Replies

9. UNIX for Dummies Questions & Answers

protect dtterm

we have an hp-ux and a user requested me if i can password protect the dtterm. i know that this is possible but can you give me some hints in making this happen? thanks :cool: (2 Replies)
Discussion started by: inquirer
2 Replies
Login or Register to Ask a Question

LEARN ABOUT REDHAT

snmpusm

SNMPUSM(1)							     Net-SNMP								SNMPUSM(1)

NAME

       snmpusm - creates and maintains SNMPv3 users on a remote entity.

SYNOPSIS

       snmpusm [COMMON OPTIONS] create USER [CLONEFROM-USER]
       snmpusm [COMMON OPTIONS] delete USER
       snmpusm [COMMON OPTIONS] cloneFrom USER CLONEFROM-USER
       snmpusm [COMMON OPTIONS] [-Co] [-Ca] [-Cx] passwd OLD-PASSPHRASE NEW-PASSPHRASE

DESCRIPTION

       snmpusm is an SNMP application that can be used to do simple maintenance on a SNMP agent's User-based Security Module (USM) table.  You can
       create, delete, clone, and change the passphrase of users configured on a running SNMP agent.

       The SNMPv3 USM specifications (see RFC2574) dictate that users are created and maintained by adding and modifying rows to the  usmUserTable
       MIB  table.  To create a new user you simply create the row using snmpset.  User's profiles contain private keys that are never transmitted
       over the wire in clear text (regardless of whether the administration requests are encrypted or not).

       The secret key for a user is initially set by cloning another user in the table, so that a new user inherits the cloned user's secret  key.
       A  user	can only be cloned once, however, after which they must be deleted and re-created to be re-cloned.  The authentication and privacy
       security types are also inherited during this cloning (e.g., MD5 vs. SHA1).  To change the secret key for a user, you must know the  user's
       old  passphrase	as well as the new one.  The passwd sub-command of the snmpusm command, therefore, requires both the new and the old pass-
       phrases to be supplied.	After cloning from the appropriate template, you should immediately change the new users passphrase.

       The Net-SNMP agent must first be initialized so that at least one user is setup in it before you can use this command to  clone	new  ones.
       See the snmpd.conf(5) manual page on the createUser configuration parameter.

EXAMPLES

       Let's assume for our examples that the following VACM and USM configurations lines were in the snmpd.conf file for a Net-SNMP agent.  These
       lines set up a default user called "initial" with the authentication passphrase "setup_passphrase" so that we can perform the initial setup
       of an agent:

	      # VACM configuration entries
	      rwuser initial
	      # lets add the new user we'll create too:
	      rwuser wes
	      # USM configuration entries
	      createUser initial MD5 setup_passphrase DES

       Note:  the  "initial"  user's setup should be removed after creating a real user that you grant administrative privileges to (like the user
       "wes" we'll be creating in this example.

       Note: passphrases must be 8 characters minimum in length.

   Create a new user
       snmpusm -v3 -u initial -n "" -l authNoPriv -a MD5 -A setup_passphrase localhost create wes initial

	      Creates a new user, here named "wes" using the user "initial" to do it.  "wes" is cloned from "initial" in the process, so he inher-
	      its that user's passphrase ("setup_passphrase").

   Change the user's passphrase
       snmpusm -v 3 -u wes -n "" -l authNoPriv -a MD5 -A setup_passphrase localhost passwd setup_passphrase new_passphrase

	      After  creating  the user "wes" with the same passphrase as the "initial" user, we need to change his passphrase for him.  The above
	      command changes it from "setup_passphrase", which was inherited from the initial user, to "new_passphrase".

   Test the new user
       snmpget -v 3 -u wes -n "" -l authNoPriv -a MD5 -A new_passphrase localhost sysUpTime.0

	      If the above commands were successful, this command should have properly performed an authenticated SNMPv3 GET request to the agent.

       Now, go remove the vacm "group" snmpd.conf entry for the "initial" user and you have a valid user 'wes' that you can use for future  trans-
       actions instead of initial.

SEE ALSO

       snmpd.conf(5), snmp.conf(5), RFC 2574

4th Berkeley Distribution					    08 Feb 2002 							SNMPUSM(1)