-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/21/07 12:25, Greg Folkert wrote: [snip] > > If they have the console, they can and will be able to compromise the > machine NO MATTER the steps you have taken on the machine level. > > Keeping an attacker away from the CONSOLE is the ONLY way to keep them > from compromising the machine through physical attacks. If they can > touch the keyboard and have physical access to the machine's > internals... There is literally no amount of measures you can take to > keep them out of the machine.
I have to *slightly* disagree. Keyboard-only access (where the hardware is in a secure cage) when the attacker does not know the root password leaves you in the same position as if he were telneting in. > There is one measure that (nearly) always works... LOCKED DOORS to a > secure facility. If you have to have people in and out of the facility, > you better have some kind of access control in place with logging (and > cameras). But companies have been doing that forever, no? - -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGKk8sS9HxQb37XmcRAn+uAKCwXORgoaoCwmNZprm5VntyCCiMUQCdFh6z kjJOFw6z2b+FNaa2zruNdrI= =k2GK -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
