From owner-freebsd-questions  Wed Jan  2  7:46:45 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from post.mail.nl.demon.net (post-10.mail.nl.demon.net [194.159.73.20])
	by hub.freebsd.org (Postfix) with ESMTP id 2C35437B405
	for <freebsd-questions@freebsd.org>; Wed,  2 Jan 2002 07:46:42 -0800 (PST)
Received: from [212.238.194.207] (helo=tanya.raggedclown.net)
	by post.mail.nl.demon.net with esmtp (Exim 3.33 #1)
	id 16LnbD-0005H7-00
	for freebsd-questions@FreeBSD.ORG; Wed, 02 Jan 2002 15:46:39 +0000
Received: by tanya.raggedclown.net (Postfix on SuSE Linux 7.3 (i386), from userid 500)
	id CF0171175; Wed,  2 Jan 2002 16:46:38 +0100 (CET)
Date: Wed, 2 Jan 2002 16:46:38 +0100
From: Cliff Sarginson <cliff@raggedclown.net>
To: freebsd-questions@FreeBSD.ORG
Subject: Re: MOTD -- Warning banners
Message-ID: <20020102154638.GC9126@raggedclown.net>
References: <Pine.GSO.4.31.0201021445050.9788-100000@mail.ilrt.bris.ac.uk> <200201021537.g02Fbj658803@lurza.secnetix.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200201021537.g02Fbj658803@lurza.secnetix.de>
User-Agent: Mutt/1.3.24i
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Wed, Jan 02, 2002 at 04:37:45PM +0100, Oliver Fromme wrote:
> Jan Grant <Jan.Grant@bristol.ac.uk> wrote:
>  > On Wed, 2 Jan 2002, Cliff Sarginson wrote:
>  > > Any way if he does
>  > > # cd /
>  > > # rm -rf *
>  > >
>  > > Recording it isn't going to be much of a comfort.
>  > 
>  > That's what securelevels (and/or remote loghosts) are for.
> 
> Furthermore, you can also log to a remote system, so the
> attacker would have to find and hack that one, too, in order
> to remove all traces.
> 
> Finally, if you're _really_ paranoid, you can copy syslog
> onto a hardcopy printer.  One of those fast dotpin line
> printers, so you can easily detect a DoS attack by the
> increased noise level.  ;-)
> 
> Regards
>    Oliver
> 
Glad to see *some* people have a sense of humour :)

I worked somewhere once where we had a login banner that said

"Unauthorized access to this machine is punishable by law"

(Which it probably was, since it was a government department)

In a moment of childish naughtyness I changed this (selectively) to say

"Unauthorized access to this machine is punishable by death"

It was a long time before anyone noticed.

-- 
Regards
Cliff



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message