Re: [comp.security] Secure computers
On 5 Nov 1998 [EMAIL PROTECTED] wrote: Ben Collins writes: Does this still protect against the popular nuclear bomb DoS attack? Yes. The level of service does not change at all when the site is nuked. -- Unless the lights were mercury vapor lights, in which case there might be some toxicity that affect the armed guards, thereby reducing the security level a tad. Oh, but I guess the guards themselves have already been vaporized. Never mind
[comp.security] Secure computers
Hi, Matt == Matthew Devney [EMAIL PROTECTED] said: Matt Take it off the network, unplug it, lock the case, encase it in Matt 19 feet of concrete, and you can pretty much guarantee it'll be Matt safe. But the security consultant will still worry. Dennis == Dennis [EMAIL PROTECTED] said: Dennis Be careful though ... I've heard some people complain about Dennis marginal network performance with that configuration ... Bachrach == Bachrach V1.0 [EMAIL PROTECTED] said: Bachrach someone could still use some chemical reaction to eat Bachrach through the concrete, and get at the computer. You could Bachrach then take out the hard drive, and examine it under an Bachrach electron microscope to figure out what was on it. (Even if Bachrach it was encrypted, passworded, deleted, etc.) Correct. Eternal vigilance is the key. Take it off the network, unplug it, lock the case, encase it in a cube of concrete 20 feet on a side. Then take the concrete block, and suspend it by a steel-cored hawser, hanging off an Steel A from, such that the cube is at least 20 feet off the ground. Install pressure sensers all around the A frame. Put the A frame and sensors on a fenced concrete compound about a 100 feet on a side, with bright lights on all corners and on each side, including a light at the top of the A fram, and one under neath the cube. Make sure that the hawser and the A frame are electrically secure (i.e., have a noncundoctor in the path). Put manned watch towers all around, with motiton detectors socketed into heavy machine guns. Make sure the guards on site can't turn off the defenses (keep the key in a bank vault offsite). Even then the system is not secure, but you are getting close. manoj -- Beware of a dark-haired man with a loud tie. Manoj Srivastava [EMAIL PROTECTED] http://www.datasync.com/%7Esrivasta/ Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
Re: [comp.security] Secure computers
Does this still protect against the popular nuclear bomb DoS attack? Ben Collins [EMAIL PROTECTED] UnixGroup Admin - NASA LaRC On 5 Nov 1998, Manoj Srivastava wrote: Hi, Matt == Matthew Devney [EMAIL PROTECTED] said: Matt Take it off the network, unplug it, lock the case, encase it in Matt 19 feet of concrete, and you can pretty much guarantee it'll be Matt safe. But the security consultant will still worry. Dennis == Dennis [EMAIL PROTECTED] said: Dennis Be careful though ... I've heard some people complain about Dennis marginal network performance with that configuration ... Bachrach == Bachrach V1.0 [EMAIL PROTECTED] said: Bachrach someone could still use some chemical reaction to eat Bachrach through the concrete, and get at the computer. You could Bachrach then take out the hard drive, and examine it under an Bachrach electron microscope to figure out what was on it. (Even if Bachrach it was encrypted, passworded, deleted, etc.) Correct. Eternal vigilance is the key. Take it off the network, unplug it, lock the case, encase it in a cube of concrete 20 feet on a side. Then take the concrete block, and suspend it by a steel-cored hawser, hanging off an Steel A from, such that the cube is at least 20 feet off the ground. Install pressure sensers all around the A frame. Put the A frame and sensors on a fenced concrete compound about a 100 feet on a side, with bright lights on all corners and on each side, including a light at the top of the A fram, and one under neath the cube. Make sure that the hawser and the A frame are electrically secure (i.e., have a noncundoctor in the path). Put manned watch towers all around, with motiton detectors socketed into heavy machine guns. Make sure the guards on site can't turn off the defenses (keep the key in a bank vault offsite). Even then the system is not secure, but you are getting close. manoj -- Beware of a dark-haired man with a loud tie. Manoj Srivastava [EMAIL PROTECTED] http://www.datasync.com/%7Esrivasta/ Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null
Re: [comp.security] Secure computers
Ben Collins writes: Does this still protect against the popular nuclear bomb DoS attack? Yes. The level of service does not change at all when the site is nuked. -- John HaslerThis posting is in the public domain. [EMAIL PROTECTED] Do with it what you will. Dancing Horse Hill Make money from it if you can; I don't mind. Elmwood, Wisconsin Do not send email advertisements to this address.
Re: [comp.security] Secure computers
Manoj Srivastava writes: [ a pretty good, but still not quite up to snuff, procedure for securing a machine ] I have a better method, though. Gather all matter which has ever come into contact with the machine in question, either through network or disk activity, or which has been bombarded with a single photon which has come into contact with the machine in question. Store all this matter in a nearby black hole. This has two advantages: 1. No information can leak out of your storage area in any way. 2. If someone manages to get into your storage and reconstruct your data, they're still unable to report anything back to HQ. And on the off chance that your nemesis is *in* the storage facility to begin with, you're still okay, since nothing they do can effect you in any way whatsoever. They are effectively non-existant in this case. The creation of a Debian package to implement this mechanism should be our highest priority. (Note: the only possible negative to this approach is the destruction of the earth and all known life. But sometimes, you really need security at any cost.) -- Neale Pickett, propellerhead Contact information in headers Los Alamos National Laboratory, Network Engineering Group (CIC-5)
