Site Navigation

Date:      Tue, 01 Aug 2006 19:44:37 +0200
From:      =?ISO-8859-1?Q?Erik_N=F8rgaard?= <norgaard@locolomo.org>
To:        Freminlins <freminlins@gmail.com>
Cc:        freebsd-questions@freebsd.org, Tyler Spivey <tspivey@pcdesk.net>
Subject:   Re: switching from linux to freebsd
Message-ID:  <44CF9305.7050907@locolomo.org>
In-Reply-To: <eeef1a4c0608010854g77eb05abl6305e359294f9a88@mail.gmail.com>
References:  <20060801053719.GA6735@fast> <44CEF9EB.3080807@locolomo.org>	 <eeef1a4c0608010518x28f5d82bw416dff78a99a603f@mail.gmail.com>	 <44CF7279.5040504@locolomo.org> <eeef1a4c0608010854g77eb05abl6305e359294f9a88@mail.gmail.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
Freminlins wrote:

> You made the point with reference to security, not system recovery. That
> is what I am contradicting.

Security is often misunderstood to mean protecting against unauthorized
access. But this is only part of information security.

You need to protect your information assets such as to ensure continuity
of business operations, and this covers:

* Confidentiality
* Integrity
* Availability

The last two evidently have to do with data and system recovery, and
this was the question being raised in OP.

Which is more important depends on the data. In some cases unauthorized
disclosure is less costly than downtime. The security professional
evaluates the potential losses for each breach against the cost of
protecting against that breach.

Integrity of the base installation is important because it ensures
integrity of the base system against the most common failures - say
power out, and provides for faster recovery of systems hence addressing
availability - and not to mention it is cheap!

If you configure your server using LDAP or NIS for user management then
you only need to mount the root file system rw when updating the base
system or changing root password. Add the MAC and you will likely be
able to protect further against the attack you mention.

Cheers, Erik
-- 
Ph: +34.666334818                      web: http://www.locolomo.org
X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt
Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9

[-- Attachment #2 --]
0�	*�H��

��0�

10	+0�	*�H��


���0��0�נ
	�U��O0
	*�H��


0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
00
060420131650Z
070420131650Z0b10	UES10U
LocoLomo.Org10U
Erik Norgaard1$0"	*�H��

	
norgaard@locolomo.org0�
"0
	*�H��



�
0�

�

��>NP�L�G�MK��	�$��������^h�a~���
�	��Xם-���`������Y^�P��
o�œtƥ�*\�.��e��_�!���2\��j]m)B����>��v+�����z�������2�V���f���D�ѝ��R}Tc�&E/#_.9DŽ9��÷�(3	?�ԝWu��%)���v�ŅͯT��r)F����A+�(�R6ƶ��w��
��{�9z�P_���Q��^z��pk/���jX��MY

��
n0�
j0U

�0
0U�0Uiy�,��]�ñtb�?�i�0��U#��0�À�a�&��W�t��Е�na=⥡�����0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0�	�U��O
0 U0�norgaard@locolomo.org08U10/0-�+�)�'http://www.daemonsecurity.com/ca/ds.crl0
	*�H��


�
ǟ@��&<m��Wc�4L��S�@�G�4[�'s��5��\�\V��N^`�I
���&>�"@���>"[���xq�8��9��`���@�sG��;��L��P���]ƜTT|sGٶ2����Ҋct�x?'ҭ�$0�����r�;2#b�a�"�%$B
�p%�rԆU
����ì>�!7���3ȁ����g��6�_���I.2��Ġ��!����A���a�AmF
G'bךu�f���>-�d��x��qq0�9#XO�Sk+F�uy��T����v����r�+p!�!}��n.6N�H'�5�
�+9���`CV�ĩ�;7R��ߔ�R���K���Ip��v&��S@P`��;%e��ƓxCu�iL�	��Cb���
�Y,�
)x��:3�ѓG���j���Re
���E��tP��Ұ�k<�
c\;�9��p���T���9/K̩�� �LH��z�M�Mu��ʔ
(�dks�kj����<ds08P�xZ
���N��WC�0��0�נ
	�U��O0
	*�H��


0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
00
060420131650Z
070420131650Z0b10	UES10U
LocoLomo.Org10U
Erik Norgaard1$0"	*�H��

	
norgaard@locolomo.org0�
"0
	*�H��



�
0�

�

��>NP�L�G�MK��	�$��������^h�a~���
�	��Xם-���`������Y^�P��
o�œtƥ�*\�.��e��_�!���2\��j]m)B����>��v+�����z�������2�V���f���D�ѝ��R}Tc�&E/#_.9DŽ9��÷�(3	?�ԝWu��%)���v�ŅͯT��r)F����A+�(�R6ƶ��w��
��{�9z�P_���Q��^z��pk/���jX��MY

��
n0�
j0U

�0
0U�0Uiy�,��]�ñtb�?�i�0��U#��0�À�a�&��W�t��Е�na=⥡�����0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0�	�U��O
0 U0�norgaard@locolomo.org08U10/0-�+�)�'http://www.daemonsecurity.com/ca/ds.crl0
	*�H��


�
ǟ@��&<m��Wc�4L��S�@�G�4[�'s��5��\�\V��N^`�I
���&>�"@���>"[���xq�8��9��`���@�sG��;��L��P���]ƜTT|sGٶ2����Ҋct�x?'ҭ�$0�����r�;2#b�a�"�%$B
�p%�rԆU
����ì>�!7���3ȁ����g��6�_���I.2��Ġ��!����A���a�AmF
G'bךu�f���>-�d��x��qq0�9#XO�Sk+F�uy��T����v����r�+p!�!}��n.6N�H'�5�
�+9���`CV�ĩ�;7R��ߔ�R���K���Ip��v&��S@P`��;%e��ƓxCu�iL�	��Cb���
�Y,�
)x��:3�ѓG���j���Re
���E��tP��Ұ�k<�
c\;�9��p���T���9/K̩�� �LH��z�M�Mu��ʔ
(�dks�kj����<ds08P�xZ
���N��WC�1��0��

0��0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0	�U��O0	+��)0	*�H��

	1	*�H��


0	*�H��

	1
060801174437Z0#	*�H��

	1��!=�����;h�2J)��0R	*�H��

	1E0C0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0��	+

�71��0��0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0	�U��O0��*�H��

	1�����0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0	�U��O0
	*�H��



�
�|���u�~fb1c��U���{��-7�l��q���y�
�`�-|>%���G����C<j��7]���A������WH[��.�������a���2)-Y�Ļ^��D�ĩ���A�M@,�g����/��|��`��Q��t�(q��:���7G\ߢ#P���Y|YX���S߲-E��,�r�g�1�r=t��J"~1��Mp�1��T���&���l����b�n�y΃����C����:\�V%�V��@�

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44CF9305.7050907>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact