From owner-freebsd-security Fri Jul 21 14: 6:14 2000 Delivered-To: freebsd-security@freebsd.org Received: from exchange.lightrealm.com (exchange.lightrealm.com [216.122.95.4]) by hub.freebsd.org (Postfix) with ESMTP id C41BD37BCFC for ; Fri, 21 Jul 2000 14:06:09 -0700 (PDT) (envelope-from rcarskadden@lightrealm.com) Received: by EXCHANGE with Internet Mail Service (5.5.2650.21) id ; Fri, 21 Jul 2000 14:12:14 -0700 Message-ID: From: Rush Carskadden To: 'Garrett Wollman' , Leif Neland Cc: security@FreeBSD.ORG Subject: RE: randomdev entropy gathering is really weak Date: Fri, 21 Jul 2000 14:12:13 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org It is somewhat troubling to me to think that you may assume the only time you need security is when you are connected to the Internet. Picture a large corporation (or government) with a substantial private network that, though it is not connected to the Internet, provides a number of critical services to it's users on a day to day basis. Is this network any less worth protecting because it is not connected to the Internet? Assuming that there are a large number of users on the network, is risk nonexistant? The fact of the matter is, it is bad form to rely on any system that you do not control for a security solution, and it is even worse form when communicating with this system requires you to be on the Internet. But that's just my opinion. ok, Rush Carskadden -----Original Message----- From: Garrett Wollman [mailto:wollman@khavrinen.lcs.mit.edu] Sent: Monday, July 17, 2000 8:54 AM To: Leif Neland Cc: security@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak < said: > If you can't reach a NTP server, you are not connected to the internet. In > that case you don't need to worry so much about security... Unless, of course, the reason your machine is not connected to the Internet is in order that it be able to provide some critical security functionality. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message