Re: For the security weenies

2004-08-03 Thread Loren Charnley, Jr.
, Inc. [EMAIL PROTECTED] (704) 847-6961 x 2000 -Original Message- From: Alan Altmark [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 03, 2004 12:18 AM To: [EMAIL PROTECTED] Subject: Re: For the security weenies On Monday, 08/02/2004 at 08:55 EST, Adam Thornton <[EMAIL PROTECTED]>

Re: For the security weenies

2004-08-03 Thread Alan Altmark
On Tuesday, 08/03/2004 at 12:09 EST, Adam Thornton <[EMAIL PROTECTED]> wrote: > > SWAPGEN on the 191 is suboptimal. What if you had to update it? Go to > > each server's A-disk? Blech. Of course, you could use SFS and aliases > > for the A-disk before IPLing Linux. > > I guess my question is:

Re: For the security weenies

2004-08-02 Thread Adam Thornton
On Aug 2, 2004, at 11:17 PM, Alan Altmark wrote: Chuckie's busy at the moment, so I'll answer instead. There is nothing inherently evil about modifying the PROFILE EXEC of service machines. It *is* evil (and, to some, a hostile act) to modify the PROFILE EXEC of the set of servers that comprise VM

Re: For the security weenies

2004-08-02 Thread Alan Altmark
On Monday, 08/02/2004 at 08:55 EST, Adam Thornton <[EMAIL PROTECTED]> wrote: > Chuckie: is it merely modifying the PROFILE EXEC of service machines > that's evil, or should I also refrain from putting other stuff on their > 191-disks? That is, hypothetically, if I were implementing a service > th

Re: For the security weenies

2004-08-02 Thread Adam Thornton
On Mon, 2004-08-02 at 18:12, Alan Cox wrote: > Guys if I wanted to read alt.humor.notfunny I'd try usenet. Or can we > have linux-390-ontopic ? Oh, all right. Party pooper. Ontopic: Chuckie: is it merely modifying the PROFILE EXEC of service machines that's evil, or should I also refrain from p

Re: For the security weenies

2004-08-02 Thread Gregg C Levine
- "The Force will be with you...Always." Obi-Wan Kenobi "Use the Force, Luke."  Obi-Wan Kenobi > -Original Message- > From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of > Alan Altmark > Sent: Monday, August 02, 2004 6:46 PM > To: [EMAIL

Re: For the security weenies

2004-08-02 Thread Alan Cox
Guys if I wanted to read alt.humor.notfunny I'd try usenet. Or can we have linux-390-ontopic ? -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or

Re: For the security weenies

2004-08-02 Thread Alan Altmark
On Monday, 08/02/2004 at 05:37 EST, Adam Thornton <[EMAIL PROTECTED]> wrote: > It's really even safer if you just never build the machine at all. > Nonexistent machines are the safest kind. Plus they're easy to brag > about: "My imaginary 75-Petaflop Helium-3-cooled system with 14 > googolplexbyte

Re: For the security weenies

2004-08-02 Thread Adam Thornton
On Mon, 2004-08-02 at 14:47, Daniel P. Martin wrote: > Two words: Bolt Cutters. > >Make sure is unplugged from power supply. Just in case, throw the mains. It's really even safer if you just never build the machine at all. Nonexistent machines are the safest kind. Plus they're easy to brag abou

Re: For the security weenies

2004-08-02 Thread Dennis Wicks
Or a Faraday Cage! Alan Altmark <[EMAIL PROTECTED] To: [EMAIL PROTECTED] s.ibm.com>cc: Sent by: LinuxSubject: Re: For the security weenies on 39

Re: For the security weenies

2004-08-02 Thread Kern, Thomas
> To: [EMAIL PROTECTED] > Subject: Re: For the security weenies > > > On Monday, 08/02/2004 at 02:47 EST, "Daniel P. Martin" > <[EMAIL PROTECTED]> wrote: > > Two words: Bolt Cutters. > > > > Just be sure you unplug it first... > > Youse guys forg

Re: For the security weenies

2004-08-02 Thread Alan Altmark
On Monday, 08/02/2004 at 02:47 EST, "Daniel P. Martin" <[EMAIL PROTECTED]> wrote: > Two words: Bolt Cutters. > > Just be sure you unplug it first... Youse guys forgot about sneaky battery-backup wireless. Encase in lead. Chuckie -

Re: For the security weenies

2004-08-02 Thread Daniel P. Martin
Two words: Bolt Cutters. Just be sure you unplug it first... -dan. Alan Altmark wrote: On Monday, 08/02/2004 at 01:59 EST, Adam Thornton <[EMAIL PROTECTED]> wrote: On Mon, 2004-08-02 at 14:16, Dave Jones wrote: Well, having a server you can't log onto is certainly one way to make it "secure",

Re: For the security weenies

2004-08-02 Thread Alan Altmark
On Monday, 08/02/2004 at 01:59 EST, Adam Thornton <[EMAIL PROTECTED]> wrote: > On Mon, 2004-08-02 at 14:16, Dave Jones wrote: > > Well, having a server you can't log onto is certainly one way to make it > > "secure", I suppose.not connecting it to a network is another...:-) > > Neither is as go

Re: For the security weenies

2004-08-02 Thread Adam Thornton
On Mon, 2004-08-02 at 14:16, Dave Jones wrote: > Well, having a server you can't log onto is certainly one way to make it > "secure", I suppose.not connecting it to a network is another...:-) Neither is as good as not turning it on, though. Adam --

Re: For the security weenies

2004-08-02 Thread Dave Jones
Well, having a server you can't log onto is certainly one way to make it "secure", I suppose.not connecting it to a network is another...:-) DJ Kohrs, Steven wrote: On Mon, 2004-08-02 at 11:29, Ferguson, Neale wrote: Paper: Achieving CAPP/EAL3+ Security Certification for Linux See: http://www-1

Re: For the security weenies

2004-08-02 Thread Kohrs, Steven
On Mon, 2004-08-02 at 11:29, Ferguson, Neale wrote: > Paper: Achieving CAPP/EAL3+ Security Certification for Linux > See: > http://www-124.ibm.com/linux/presentations/ols2004/sec-cert-OLS_04.pdf > I tried 'securing' a server by following the recommendations associated with this paper. Basically,

For the security weenies

2004-08-02 Thread Ferguson, Neale
Paper: Achieving CAPP/EAL3+ Security Certification for Linux See: http://www-124.ibm.com/linux/presentations/ols2004/sec-cert-OLS_04.pdf "As far as we know, no Open Source program has been certified for security-until now. Although some people believed that it was not possible for an Open Source