Date: Fri, 12 Feb 2010 08:19:31 -0600 From: Adam Vande More <amvandemore@gmail.com> To: John <john@starfire.mn.org> Cc: Julien Gormotte <gormi456@gmail.com>, freebsd-questions@freebsd.org Subject: Re: PASSWORD LOST!! Message-ID: <6201873e1002120619rc40fb34n98bbb2b0db8b6b43@mail.gmail.com> In-Reply-To: <20100212080524.B67483@starfire.mn.org> References: <0B47F5A9-A603-408F-A727-E81739E539C5@andersonbrothers.biz> <201002091059.27019.mike.jeays@rogers.com> <b79ecaef1002091144g6014eb0ak75955f63c82a4b4b@mail.gmail.com> <b121fe571002111714l2529f57bndd63d0d6ac404363@mail.gmail.com> <201002120124.o1C1OS3o015060@banyan.cs.ait.ac.th> <4B751F70.8060402@gmail.com> <20100212080524.B67483@starfire.mn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Feb 12, 2010 at 8:05 AM, John <john@starfire.mn.org> wrote: > People, people - be careful that we are not creating a formula to > break into FreeBSD servers around the world... > > The only acceptable solution is for someone in Eric's organization > to secure physical access to the server. It may be in a co-lo > situation, but if that's true, they must have a contract open and, > if nothing else, they terminate the contract and get the machine > back, though more likely, the contract allows them supervised > access. Machines are not perfect - even without losing the root > password, they break and need maintenance - this is a MAINTENANCE > event and should be treated as such, just like a hard drive failure > or a NIC failure. > > Creating a scheme for someone to break into FreeBSD systems remotely > or to publicize schemes people have created to remotely manage their > systems in ways that could be used to compromise them is foolishness! > > Regardless of the purity of his intention, Eric is asking us to > tell him how to break into our homes or steal our cars. ;) > Security through obscurity is no security, hence it is a good exercise. -- Adam Vande More
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6201873e1002120619rc40fb34n98bbb2b0db8b6b43>