Return to BSD News archive
Newsgroups: comp.os.386bsd.questions Path: sserve!newshost.anu.edu.au!munnari.oz.au!bunyip.cc.uq.oz.au!harbinger.cc.monash.edu.au!msuinfo!agate!tfs.com!zodiac.tfs.com!shipley From: shipley@oak.dis.org (Peter Shipley) Subject: Re: Security question In-Reply-To: stever@csuohio.edu's message of Sat, 4 Dec 1993 06:57:00 GMT Message-ID: <SHIPLEY.93Dec7131343@oak.dis.org> Sender: usenet@tfs.com Organization: Processed People for a Processed America References: <2dodgn$s9s@bigboote.WPI.EDU> <1993Dec4.065700.11472@news.csuohio.edu> Date: Tue, 7 Dec 1993 21:13:43 GMT Lines: 30 In article <1993Dec4.065700.11472@news.csuohio.edu> stever@csuohio.edu (Steve Ratliff) writes: > Basically, with the PC architecture you can't win. Even if you > could prevent single user booting somebody could boot off a floppy and > do whatever they like. The key point is that you have to ensure that > nobody has physical access to the console. You put the FreeBSD system > into a locked room and only allow access over the wire from for example > tecktronix Xwindow terminals in another room. You could also setup > diskless bootp systems that nfs mount from a secured server. All I can add is there is no such thing as a totaly secure system but if you take enough precautions you should be fairly safe. If someone wants in they will get in (no matter what hardware/OS you have) the trick is that you have to make it not worth it. the three bests ways to make it not worth it are: 1) make it difficult to break in 2) take away the "reward", that is dont make it tempting to illeagly access your system 3) make the punichment to violating security suffent enough that the reprocautions for doing so out way the "rewards" -- --------------- Pete Shipley: email: shipley@berkeley.edu Flames: cimarron@postgres.berkeley.edu Spelling corections: /dev/null Quote: "Anger is an energy"