Alvin Oga wrote:
> ah .. good point ... i make no distinction between "local access"
> vs "physical access" in that if the server is behind the locked
> door, it'd be better than if its on the corp server in the next
> open cubicle on the same cat 5 wires, hubs and switches etc
Physical access mea
Alvin Oga wrote:
> no more telnet, no more pop3, no more wireless, no more
> anything that is insecure
Those are not insecure: using them unwisely is. Telnet over a VPN is just as
secure as ssh with password authentication. The same goes for pop3/pop3s.
Wireless is completely different
s. keeling wrote:
> Isn't it generally accepted that black hats who get local access (ie.,
> a user login account) is _much_ worse than black hats who've been kept
> out? Assuming black hat wants root, taking over a user's account is a
> very big first step.
>
> I would take the security of your u
s. keeling wrote:
> "... should be" != "are." Are you sure no-one there's using telnet,
> ftp, & etc?
If they send their confidential data unencrypted, that's not my fault, and
there's not much I can do to stop them (even if I somehow make it impossible on
my computers, they could still go to a li
s. keeling wrote:
> Do you understand what "anyone can see anything" really means? Have
> you pumped tcpdump output into ethereal lately?
>
> "anyone can see anything" really means "anyone can see anything".
> Think about it. And what's the real reason why you don't want to
> bother with sudo?
I'
gt;
--
-BEGIN GEEK CODE BLOCK-
Version: 3.1
GAT/CM$/CS>$/CC/IT$/M/S/O/U dpu s+:++ !a C++$>C+++$
UB+++>$L$*-- P+>++$ L+++()$ E-(---) W+++>$ N(+) o? K-
w--(---) O? M V? PS++@ PE-@ Y+@ PGP++(+++)>$ t? 5? X? R tv--(-)
b++(+++)@ DI? D? G e-> h* r? z*
--END GEEK CODE BLOCK--
David Mandelberg
[EMAIL PROTECTED]
signature.asc
Description: OpenPGP digital signature
Rick Moen wrote:
> Quoting David Mandelberg ([EMAIL PROTECTED]):
>
>
>>You also asked a question about something I didn't say (I said that
>>the person had to open it).
>
>
> Actually, no, you didn't. (Presumably you intended to, though.)
>
> Y
N(+) o? K-
w--(---) O? M V? PS++@ PE-@ Y+@ PGP++(+++)>$ t? 5? X? R tv--(-)
b++(+++)@ DI? D? G e-> h* r? z*
--END GEEK CODE BLOCK--
David Mandelberg
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Rick Moen wrote:
> Quoting David Mandelberg ([EMAIL PROTECTED]):
>
>
>>Attached.
>>
>>Save to your GNOME/KDE desktop (like many newbies do) and double click
>>the new icon. .desktop files (currently) don't need the x bit set to
>>work, so no chmod&
Rick Moen wrote:
> Quoting David Mandelberg ([EMAIL PROTECTED]):
>>Do you mean to say that opening "message.txt\t\t\t.desktop" which
>>happens to be a freedesktop.org compliant launcher for the program "rm
>>-rf $HOME" is safe because it's designed
+++$L$*-- P+>++$ L+++()$ E-(---) W+++>$ N(+) o? K-
w--(---) O? M V? PS++@ PE-@ Y+@ PGP++(+++)>$ t? 5? X? R tv--(-)
b++(+++)@ DI? D? G e-> h* r? z*
--END GEEK CODE BLOCK--
David Mandelberg
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
R tv--(-)
b++(+++)@ DI? D? G e->++++ h* r? z*
--END GEEK CODE BLOCK--
David Mandelberg
[EMAIL PROTECTED]
signature.asc
Description: OpenPGP digital signature
12 matches
Mail list logo
