Single mode user ISE

AK002 · ‎03-03-2020

Hi Team,

All Linux versions has a built-in single-user mode derived from the old unix days. Although rarely used, it still exists. The security team has run security scans agains all devices within our network and has detected that the CentOS operating system used for ISE has no password assigned to the single-user mode and we need to be able to configure a password for this.

Regards,

Arun

Cristian Matei · ‎03-03-2020

Hi,

In order to get root access to ISE Linux (which is basically ADE-OS on top of RHEL/CentOS), you would first need to install the root patch, which means you need access to the CLI to begin with. Single-user mode requires to have physical/boot level access in order to boot in Single Mode. So even though this can be seen as a vulnerability, in the case of ISE, i don't see how it can be done without first having access to the CLI.

Regards,

Cristian Matei.

Arne Bier · ‎03-04-2020

Yeah it's probably a moot point - but here is a good explanation of this topic. BTW I thought ISE runs on RHEL (Redhat Enterprise Linux) and not CentOS - although they are closely related, yet the RHEL should be more "Enterprise" than the community CentOS edition.

Cristian Matei · ‎03-05-2020

Hi,

Yes, it runs on top of RHEL, which is EnterPrise CentOS :) I added both for clarification.

Regards,

Cristian Matei.

AK002 · ‎03-05-2020

Thanks for the help..