From owner-freebsd-questions Wed Nov 7 13:40:51 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mtiwmhc21.worldnet.att.net (mtiwmhc21.worldnet.att.net [204.127.131.46]) by hub.freebsd.org (Postfix) with ESMTP id D164A37B419 for ; Wed, 7 Nov 2001 13:40:47 -0800 (PST) Received: from columbia ([12.93.212.216]) by mtiwmhc21.worldnet.att.net (InterMail vM.4.01.03.27 201-229-121-127-20010626) with SMTP id <20011107214042.YAN29594.mtiwmhc21.worldnet.att.net@columbia>; Wed, 7 Nov 2001 21:40:42 +0000 From: "Andrew C. Hornback" To: "Erik Trulsson" , "Anthony Atkielski" Cc: "FreeBSD Questions" Subject: RE: Lockdown of FreeBSD machine directly on Net Date: Wed, 7 Nov 2001 16:36:36 -0500 Message-ID: <00e201c167d4$474ad9e0$6600000a@columbia> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 In-Reply-To: <20011107154930.A7915@student.uu.se> Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Erik Trulsson > Sent: Wednesday, November 07, 2001 9:50 AM > To: Anthony Atkielski > Cc: FreeBSD Questions > Subject: Re: Lockdown of FreeBSD machine directly on Net > > On Wed, Nov 07, 2001 at 02:56:58PM +0100, Anthony Atkielski wrote: > > Erik writes: > > > > > There is no such thing as 100% security. > > > > Sure there is. Shannon proved it. Some spies and spooks implement it. > > No, there is no such thing as 100% security. > I assume your comment about Shannon refers to such things as > unbreakable cryptos of which the One-Time-Pad is the best known. > This is not the same thing as 100% security though. > To get 100% security you also need to protect yourself against attacks > such as: > > a) Somebody breaking into the office and stealing the computers. Using a hardened line to a co-lo with all of the authentication information would fix that. But, we all know how much of a pain it would be to get something like that. > b) Calling the sysadmin and pretending to be his boss and convince him > to open a hole. Most organizations require something like that in writing, or at least as part of a face to face conversation. That negates this loophole. > c) Reading the password from a Post-It note which some careless > legitimate user left around. This will get you every time. The way around it is not to do it, or to go with a "Trusted" system where you have to have triple authentication. > d) Sweettalking the secretary into letting them in. If a secretary does this, they need to be fired, period. > e) Bribing the sysadmin. > f) Kidnapping the person who knows the password and torturing him/her > until he/she reveals it. > g) Blackmail. Wouldn't work under a "Trusted" system, you'd have to bribe, torture or blackmail three people. But, since people are falliable, there would be a possibility. > Unless you are fully protected against all these (and many other > possible attacks) you do not have 100% security. > You might have very good security but not 100%. > > To get a secure system it is not enough to consider things like > cryptography and network protocols although those are important. > It is also necessary to take into account attacks based on social > engineering or physical breakins. One option would be to go to biometrics as a way to authenticate people. I believe Compaq and Unisys were working on ways of doing this, perhaps other companies as well. But, until that technology becomes mainstream, you need to look at the classic duel between the mass of unwashed (i.e. hackers) and the sysadmin in shining armor protecting the installation. Oh, yeah, and what color is the bike shed? *grins from ear to ear* --- Andy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message