Password Security
Norberto Meijome
freebsd at meijome.net
Thu Nov 23 21:37:59 PST 2006
On Thu, 23 Nov 2006 08:25:20 -0500
Bill Moran <wmoran at collaborativefusion.com> wrote:
> > So, does it mean that Windows 2003 Server provides more Password Level
> > Security with Unauthorized Access?
>
> Where is this presumption coming from? Windows OS suffer from the same
> difficulty protecting from physical intrusion that any other OS does.
Precisely - MS makes a very strong (and valid) point of saying that once 'the
bad guys' have physical access to your box, the machine is owned.
The was a (very cool) presentation in Ruxcon (ruxcon.org) this year about
hacking into someone's machine via Firewire. And even if it was an exploit,
neither the researcher/hacker nor MS would consider it "security issue", because
to use this FW attack you need physical access... ie, you've lost the battle
already, it's just a matter of picking your method of breaking in.
In short, secure the box both physically and network / services-wise as much as
possible.
Best,
_________________________
{Beto|Norberto|Numard} Meijome
UFOs are for real: the Air Force doesn't exist.
I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
More information about the freebsd-questions
mailing list