From owner-freebsd-questions@FreeBSD.ORG Fri Feb 12 14:19:31 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B2DBB106566B for ; Fri, 12 Feb 2010 14:19:31 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: from mail-pw0-f54.google.com (mail-pw0-f54.google.com [209.85.160.54]) by mx1.freebsd.org (Postfix) with ESMTP id 8304B8FC17 for ; Fri, 12 Feb 2010 14:19:31 +0000 (UTC) Received: by pwj7 with SMTP id 7so185744pwj.13 for ; Fri, 12 Feb 2010 06:19:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=5kRk5K28Y8XJTFlzDLD8AD7P8ReiwG16f8mCl0zXouE=; b=ONBhUlj1YgihN6IrH2k1IcCxK0nGUXxBlJb+nLNIj0ivCwdZKJWsIN+Q6AADyDhZD+ 5nAaZNaXlylVZMtVfvB9wHg0UzC80BPXskaMlviV6HgSnHzijJkv0Tan8BlELuGkX4Wg Z5OJVxT2FJj6/P41AYpvSI1ThXPFSUisbmZS0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=vtNmUrlQnZRE3Qp3XyIpj6smBb99jeQqbaEMTG+HbTKm45gv7YV8rdOiQbOHBhX1fH 8a2Lpkz3l6j3ZHGiLukaRvjOW9MyUi1brS6aob3Z2N7SoWQhaakPP4UKVU8VjddK639T DbLIr9zdIIXWwyyNs7D2p9/SxESXkZcQT1jEo= MIME-Version: 1.0 Received: by 10.143.25.1 with SMTP id c1mr666047wfj.17.1265984371076; Fri, 12 Feb 2010 06:19:31 -0800 (PST) In-Reply-To: <20100212080524.B67483@starfire.mn.org> References: <0B47F5A9-A603-408F-A727-E81739E539C5@andersonbrothers.biz> <201002091059.27019.mike.jeays@rogers.com> <201002120124.o1C1OS3o015060@banyan.cs.ait.ac.th> <4B751F70.8060402@gmail.com> <20100212080524.B67483@starfire.mn.org> Date: Fri, 12 Feb 2010 08:19:31 -0600 Message-ID: <6201873e1002120619rc40fb34n98bbb2b0db8b6b43@mail.gmail.com> From: Adam Vande More To: John Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Julien Gormotte , freebsd-questions@freebsd.org Subject: Re: PASSWORD LOST!! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Feb 2010 14:19:31 -0000 On Fri, Feb 12, 2010 at 8:05 AM, John wrote: > People, people - be careful that we are not creating a formula to > break into FreeBSD servers around the world... > > The only acceptable solution is for someone in Eric's organization > to secure physical access to the server. It may be in a co-lo > situation, but if that's true, they must have a contract open and, > if nothing else, they terminate the contract and get the machine > back, though more likely, the contract allows them supervised > access. Machines are not perfect - even without losing the root > password, they break and need maintenance - this is a MAINTENANCE > event and should be treated as such, just like a hard drive failure > or a NIC failure. > > Creating a scheme for someone to break into FreeBSD systems remotely > or to publicize schemes people have created to remotely manage their > systems in ways that could be used to compromise them is foolishness! > > Regardless of the purity of his intention, Eric is asking us to > tell him how to break into our homes or steal our cars. ;) > Security through obscurity is no security, hence it is a good exercise. -- Adam Vande More