on hammer's, security, and centrifuges...
Frank Shute
frank at shute.org.uk
Tue Feb 7 14:45:07 UTC 2012
On Tue, Feb 07, 2012 at 07:03:50AM -0500, Henry Olyer wrote:
>
> So I was coding along...
>
> On my laptop, on session #1, and I get a notice that someone did an su.
> Except I'm the only user and I didn't have an ethernet cord connected.
> (And no, it wasn't me...)
"someone". Whom? Show us the log.
>
> I just built this laptop a few days ago. Fresh. I did have to get on the
> net to download/make/install a few critical packages. I do development.
> And research.
>
> My guess, not one shred of evidence, is that someone got in while I was
> re-building packages. Some, (for example Maxima,) take hours. And because
> of problems with gnuplot and pdflib, won't build as packages without
> re-compilation.
Compare times of su to time when you were building.
>
> Look, I'm going to use FreeBSD as long as both it and I am around, it's
> just the best choice for me, for my user's. But we need to improve
> security.
>
> I'm not a security expert, my work is in another area. But I would like to
> suggest that the FBSD be enhanced so that each load module, each compiled
> program, contain a DSA-based public key. Yes, this would make installing
> and maintaining systems an all-day run. But some of us need a higher
> degree of security than is presently available.
>
> For now, until I remake my laptop, I'm going to disable the ath0 wireless.
Did you use the procedure outlined in the handbook? It uses WAP and is
pretty secure.
>
> How? What's the best method to make certain that my wireless chip is
> turned off?
Turn the chip off in the BIOS. But that is overkill. Can probably
ifconfig ath0 down or something of the sort.
>
> Or is this something best accomplished with a hammer? Not a pleasant
> thought...
>
> (Oh, and centrifuges?, well two out of three isn't bad. About centrifuges
> I got nothing.)
>
> Is their something I can do that would help the FBSD security people?, or,
> is hacking so routine that it wouldn't help to know the particulars.
> sigh...
No, it would help to know the particulars.
Regards,
--
Frank
Contact info: http://www.shute.org.uk/misc/contact.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20120207/897e5fec/attachment.pgp
More information about the freebsd-questions
mailing list