ComputerSecurityStudent (CSS) [Login] [Join Now]




|UNIX >> Ubuntu >> Ubuntu 12.04 Desktop >> Current Page |Views: 19671

(Ubuntu: Lesson 7)

{ Enable and Disable the BIOS Power On Password }


Section 0. Background Information
  1. Background information.
    • The following lab will show you how to enable and disable the BIOS Power On Password.
    • Enabling the BIOS Power On Password will prevent an attacker from physically a CD/iso to boot the Server.
    • In Lesson 5, We used a live CD/iso to clear root's password.

  2. Prerequisite
  3. Lab Notes
    • In this lab we will how to do the following:
      1. We will show you how to both enable and disable the BIOS Power On Password.

  4. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2012 No content replication of any kind is allowed without express written permission.

 

Section 1: Start Ubuntu 12.04
  1. Start Ubuntu 12.04
    • Instructions
      1. For Windows 7
        • Start --> All Programs --> VMware Player
      2. For Windows XP
        • Starts --> Programs --> VMware Player

     

  2. Start the Ubuntu 12.04 VM
    • Instructions
      1. Click on Ubuntu 12.04
      2. Click on Play virtual machine

 

Section 2: Boot into BIOS Setup Utility
  1. Access the Boot Menu
    • Instructions
      1. Once you see the below vmware screen, (1) Left Click in the screen and (2) press the <Esc> key.

     

  2. Enter Setup
    • Instructions
      1. Arrow Down to where <Enter Setup> is highlighted
      2. Press <Enter>

     

  3. Navigate to the Security Tab
    • Instructions
      1. Right Arrow over to where Security is highlighted

     

  4. Set Supervisor Password
    • Instructions
      1. Down arrow to where "Set Supervisor Password" is highlighted
      2. Press <Enter>

     

  5. Enter Password
    • Instructions
      1. Enter New Password and press <Enter>
      2. Confirm New Password and press <Enter>

     

  6. Setup Notice
    • Instructions
      1. Press <Enter>

     

  7. Exit and Save
    • Instructions
      1. Arrow right to where Exit is highlighted.
      2. Make sure Exit Saving Changes is highlighted
      3. Press <Enter>

     

  8. Setup Confirmation
    • Instructions
      1. Save configuration changes and exit now?  Yes, press <Enter>

     

  9. Edit the Grub Menu
    • Note
      • You may or may not see the grub menu after exiting the BIOS setup utility.  If you do, then follow this and the next step.  If you are not presented with the grub menu, then continue to the next section.
    • Instructions
      1. Make sure Ubuntu, with Linux 3.2.0-23-generic-pae is highlighted.
      2. Press "e".

     

  10. Boot Machine
    • Instructions
      1. Press <Ctrl> and "x" to boot the machine.

 

Section 3: Login to Ubuntu
  1. Login to Server
    • Instructions
      1. User: Student
      2. Password: Please supply the student password.

     

  2. Start up a Terminal
    • Instructions
      1. Click on the Terminal

     

  3. Become Root
    • Instructions
      1. sudo su -

     

  4. Power off Server
    • Instructions
      1. poweroff
    • Note(FYI):
      • We are powering off the server to test the power on password.

 

Section 4: Test BIOS Power On Password
  1. Start the Ubuntu 12.04 VM
    • Instructions
      1. Click on Ubuntu 12.04
      2. Click on Play virtual machine

     

  2. Access the Boot Menu
    • Instructions
      1. Once you see the below vmware screen, (1) Left Click in the screen and (2) press the <Esc> key.

     

  3. Enter Setup
    • Instructions
      1. Arrow Down to where <Enter Setup> is highlighted
      2. Press <Enter>

     

  4. Supply BIOS Power On Password
    • Instructions
      1. Enter Password: Supply the BIOS Power On Password
        • This is the password that you created in (Section 2, Step 5).
    • Proof of Lab Instructions
      1. Press both the <Ctrl> and <Alt> keys at the same time.
      2. Do a <PrtScn>
      3. Paste into a word document
      4. Upload to Moodle

 

Section 5: Disable Power On Password
  • Note(FYI):
    • This part of the lab is optional.
    • If you lose your power on password, then you will no longer be able to recover the root password by booting from a CD.
  1. Navigate to Security Tab
    • Instructions
      1. From the Main tab, right arrow over to the Security Tab.

     

  2. Supervisor Password
    • Instructions
      1. Down cursor to where Set Supervisor Password is highlighted.
      2. Press <Enter>

     

  3. Disable Supervisor Password
    • Instructions
      1. Enter Current Password: Supply the password, Press <Enter>
      2. Enter New Password: Leave this blank, Press <Enter>
      3. Confirm New Password: Leave this blank, Press <Enter>

     

  4. Setup Notice
    • Instructions
      1. Press <Enter>

     

  5. Exit and Save
    • Instructions
      1. Arrow right to where Exit is highlighted.
      2. Make sure Exit Saving Changes is highlighted
      3. Press <Enter>

     

  6. Setup Confirmation
    • Instructions
      1. Save configuration changes and exit now?  Yes

     

  7. Edit the Grub Menu
    • Note
      • You may or may not see the grub menu after exiting the BIOS setup utility.  If you do, then follow this and the next step.  If you are not presented with the grub menu, then continue to the next section.
    • Instructions
      1. Make sure Ubuntu, with Linux 3.2.0-23-generic-pae is highlighted.
      2. Press "e".

     

  8. Boot Machine
    • Instructions
      1. Press <Ctrl> and "x" to boot the machine.

     

Section 6: Proof of Lab
  1. Proof of Lab
    • Proof of Lab Instructions
      1. See (Section 4, Step 4)

 



Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth