terrell@musky2.UUCP (Roger Terrell) (07/21/87)
Apologies if this is common knowledge or has been posted before: We have an AT&T 3B2/300 running UNIX System V, version 2.0. There is an undocumented option available when booting the machine from the essential utilites floppies. When the first disk is inserted, a menu is given with options to Install software, Remove software, and something else which slips my mind right now. If you ignore these choices and type 'magic mode' (no quotes), it responds with the word 'POOF!' and then gives you the same choices with one added: 'shell'. Obviously, this is a nice option to have at that point... -- Roger W. Terrell UUCP: ...cbosgd!musky2!terrell (or) terrell@musky2.UUCP CSNet: ccterrell%Muskingum.EDU@relay.cs.net
leonard@acf4.UUCP (shanna leonard) (07/24/87)
In comp.sys.att Roger Terrell writes: >We have an AT&T 3B2/300 running UNIX System V, version 2.0. There is >an undocumented option available when booting the machine from the >essential utilites floppies. When the first disk is inserted, a >menu is given with options to Install software, Remove software, and something >else which slips my mind right now. If you ignore these choices and type >'magic mode' (no quotes), it responds with the word 'POOF!' and then gives >you the same choices with one added: 'shell'. Obviously, this is a nice >option to have at that point... Yep! works with version 3.0 too. Looks like we should all make sure to change that firmware password from the default! Thanks, Roger, I was looking for something like that. I guess it pays to read netnews. Shanna Leonard Systems Group NYU/ACF ARPA:leonard@acf4.nyu.edu
mdb@laidbak.UUCP (Mark Brukhartz) (07/28/87)
In article <13050011@acf4.UUCP>, leonard@acf4.UUCP (shanna leonard) writes: > Yep! works with version 3.0 too. Looks like we should all make sure > to change that firmware password from the default! The 3B2 firmware password may be reset by unplugging the "non-volatile RAM" battery for a moment while the primary power is off. The bootable floppy does not itself cause a computer security problem any more than the #1 Phillips screwdriver which removes the 3B2 cover. They are both tools of knowledgeable attackers. Protection from an attacker with physical access to the machine is a non-trivial problem. The solutions with which I am familiar involve removable media and encryption. Even they often lack protection against Trojan horses in the fixed-media-based software. The 3B2 firmware password is analogous to a lock on a door. They both hinder entry, and both fail against knowledgeable attacks. Mark Brukhartz Lachman Associates, Inc. ..!{ihnp4, sun}!laidbak!mdb
spike@bucsb.bu.edu.UUCP (08/04/87)
In article <1098@laidbak.UUCP> mdb@laidbak.UUCP (Mark Brukhartz) writes: >In article <13050011@acf4.UUCP>, leonard@acf4.UUCP (shanna leonard) writes: > >> Yep! works with version 3.0 too. Looks like we should all make sure >> to change that firmware password from the default! > >The 3B2 firmware password may be reset by unplugging the "non-volatile >RAM" battery for a moment while the primary power is off. Yea? I did this and now I get: FW ERROR 1-02: DISK SANITY FAILURE I say don't try it!!!!! -- ->Spike
jte@psuvax1.psu.edu (Jon Eckhardt) (08/04/87)
>>In article <13050011@acf4.UUCP>, leonard@acf4.UUCP (shanna leonard) writes: >>The 3B2 firmware password may be reset by unplugging the "non-volatile >>RAM" battery for a moment while the primary power is off. > > Yea? I did this and now I get: > > FW ERROR 1-02: DISK SANITY FAILURE >->Spike I have done this many times. In fact, when I was on the phone with the ATT hotline and told them that my floppy key was not working they told me to go ahead and disconnect the battery. It must have just been a flookie that messed up your disk. My guess is that you may have powercycled it a few times rapidly which may have messed up your disk. --Jon I don't get why I can't put less text in then the reply, here I am adding more and more and more text just to make sure that inews is happy. This seams like such a waste. In fact, it seams to be a pain in the next to type this stuff in anyway. I think I have more characters then the reply now, so lets see if it will take the post. ihnp4!psuvax1!jte jte@psuvax1.BITNET jte@psuvax1.psu.edu