LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

July 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS July 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: password for singleuser - benefits?
From:	Nico Kadel-Garcia <[log in to unmask]>
Reply To:	Nico Kadel-Garcia <[log in to unmask]>
Date:	Fri, 29 Jul 2011 15:12:57 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (46 lines)

2011/7/29 夜神　岩男 <[log in to unmask]>:
> On 07/29/2011 11:16 PM, Jeremiah Jahn wrote:
>>
>> On the servers you REALLY care about you can  use luks and encrypted USB

>>    You could consider someone having physical access to your system, to
>>    be able to walk away with the harddisk anyway (encrypted filesystem
>>    not taken into account), but at least that's not something you can
>>    do without being noticed.
>
> Coming originally from secret squirrel land, one of the cardinal security
> rules for us was simply "If the attacker has physical access, you don't have
> security".

Genuine physical security is painful and expensive. And there is so
much remote network vulnerability exploitation and scanning that it's
not an excuse to ignore security whatsoever once they're inside the
network.

I've been through this in contract work, wtith the cry of "if they'e
inside our network, we have much worse problems". This was something
that made me wince every time I heard it, because it's often an excuse
to not bother with SSH key passphrases, not to bother to use HTTPS
instead of HTTP, and not to bother updating or testing passwords for
easy crackability. The result is that a bit of leverage, such a a
poorly secured SSH key or email password from a rootkitted system or
stolen from the mistyped login entries in system logs give tremendous
access to people who attack mail servers, backup systems, and log
servers. The internal network access used to get done acts as a
springboard for attackers.

Yes, I remember the !@#$!#@!$ Morris Worm: it was my first big
security mess to clean up after, and emblazoned  a long-standing
lesson of "keeping your security patches up to date is part of the
job".

> Physical acces to a system is where coded security gives way in absolute
> terms to physical security measures. But again, that is if we're talking
> about serious security environments and almost none of our use cases
> probably represent that -- so we're left simply balancing usability vs
> security like normal people.
>
> -Iwao

Yes, it's an interesting balancing act.

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV