Thanks everyone! I sent the checklist off to the team. With a little "something" extra for the attackers :-)
LOSPA-NJ members see you tomorrow. --Joseph Kern On Wed, Feb 3, 2010 at 11:04 AM, Joseph Kern <joseph.a.k...@gmail.com> wrote: > And ... the Linux is Red Hat. > > On Wed, Feb 3, 2010 at 6:43 AM, Joseph Kern <joseph.a.k...@gmail.com> wrote: >> OTP in 5 minutes? I think it would take at least 10 to explain how they work >> ... >> In this case. If only servers are "in-play" then the keys are secure >> on the laptops "out-of-play". >> Yeah I'm splitting hairs, but rules are rules :-) >> >> And the instructor (not me) who's running this mis-heard the >> requirements. It's not "Zen Linux" it's "Zen Cart running on Linux". >> Anyone have tips on securing Zen Cart? I have a bad feeling about this ... >> >> >> On Wed, Feb 3, 2010 at 12:42 AM, John H. Robinson, IV <jh...@ucsd.edu> wrote: >>> da...@lang.hm wrote: >>>> >>>> The real answer in production is to use a token authentication that is not >>>> accessable to someone who hacks the client machine, but this is a game >>>> where such infrastructure is not feasible. >>> >>> But OTP via OPIE is certainly doable. >>> >>> -- >>> John H. Robinson, IV jh...@ucsd.edu >>> http (((( >>> WARNING: I cannot be held responsible for the above, sbih.org ( )(:[ >>> as apparently my cats have learned how to type. spiders.html (((( >>> _______________________________________________ >>> Discuss mailing list >>> Discuss@lopsa.org >>> http://lopsa.org/cgi-bin/mailman/listinfo/discuss >>> This list provided by the League of Professional System Administrators >>> http://lopsa.org/ >>> >> > _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
