Re: [techtalk] Re: techtalk digest, Vol 1 #447 - 11 msgs

[James Sutherland]

On Tue, 15 May 2001, Curious wrote:

> In classical security thought.. once someone has physical access to a
> box (router, workstation, etc) they are assumed to "own" the box.. and
> in most cases this is quite true.. so physical security, policy.. grr
> ARRRGGHH.. must stop security babble! okok.. moving on..  Additional
> steps(keeping additional switches from being used in lilo): - add
> password= to lilo add restricted keyword if you
> only want to use the password to send additional options

For that to be effective, you *MUST* also have a BIOS password set, and
the BIOS configured ONLY to boot from the HDD (if you have a floppy or CD
drive fitted): otherwise, a malicious user can just bring along his/her
own OS and boot with that - game over...

Then you need to secure the box physically (padlocks/alarms) - otherwise
the user can just open the lid, short the CMOS Reset jumper, and then do a
floppy boot as before...


Or just accept that it's much better to lock the box away somewhere
secure, and focus on securing NETWORK access like most Linux users!


James.
-- 
"Our attitude with TCP/IP is, `Hey, we'll do it, but don't make a big
system, because we can't fix it if it breaks -- nobody can.'"

"TCP/IP is OK if you've got a little informal club, and it doesn't make
any difference if it takes a while to fix it."
-- Ken Olson, in Digital News, 1988


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] Physical security example

[Magni Onsoien]

Kai MacTane:
> the point of all this? Sometimes, you don't need to consider what the worst 
> possibility is; you just need to consider what will actually be going on 
> under real-world conditions. Sure, there's a half-dozen sysadmin friends 
> who come over on a regular basis who *could*, the next time I leave them 
> unattended in the kitchen for five minutes, stick a boot floppy in the 
> drive, smack Ctrl-Alt-Del twice, and quickly change my root password to 
> whatever they wanted.
> 
> But I know that none of them even _want_ to. In many ways, relying on 
> people's complete lack of desire to harm your system can be a much stronger 
> security method than locking the whole thing up in a steel safe.

I agree so much with you. If I invite someone in, I trust them (or I
would probably not let them into my house). If in doubt I'd at least
never let them fiddle with my computer or be alone with it. Most of my
friends are sysadmins, so I have much the same feelings like you.

And I have one (or three (the other being no smoking and no bowling
(which covers Everything(tm rule in my house: do not reboot any
computers without told so!

One guy - which I didn't know, he was a friend of someone I thought I
could trust (well, I do, I think they just met the same night) - once
was in a party at late night in our room. He was sitting in the living
room with my bf and some friends. Suddenly he went to the computer,
mumbeled something about playing and rebooted it! It had an uptime of
about 300 days so I was pretty serious about not rebooting it (it had a
load of 4 due to some zombie netscape procs that didn't die, but uptime
was more important). When I heard he was rebooting I got FURIOUS!

My friends said they had never ever seen me that furious before. I hit
the guy pretty hard some times and litterarily threw him out of the flat
(rain and cool outside? His problem. No shoes? His problem (even though
I threw them out later).) I could see his balls were in pain - and it
felt GOOD! It couldn't give me my uptime back, but at least he had
learnt that he should NOT reboot computers of other people.

Later I never saw him again, even though he was supposed to have classes
and lab with me. This was 2.5 years ago and last Friday, when I had a
party with friends (they won't reboot computers), someone told me that I
had scared him so much that he never went to classes when he saw I was
attending and he never got an account at the university computer system
because he knew I was an admin there (I follow admin ethics and wouldn't 
really do something to his account, even though I could threaten to do
nasty things with his files).

That actually felt REALLY good :)


Magni :)
-- 
sash is very good for you.

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] Layman's Guides to Computer Security

[jenn]

> but seriously, regarding the titles of books ... i don't understand how
> anyone can really care .. if it's an excellent book, should it matter that
> it's titled "linux for the computer illiterate?"  or how about a terrible
> book with a very sophisticated intelligent sounding title?  maybe i'm
> missing the original point of the thread .. but that's how i feel :)

The original point was that I was not -entirely- comfortable with
the title of a group of articles I'm in the process of writing.

I'd hoped for some feedback on the articles. I got rather more
feedback on the /titles/ than I'd wanted - and not as much on
the articles themselves as I'd hoped for. :)

But people seem to enjoy suggesting titles. And there's been some
good suggestions. Thank you.



Jenn V.
-- 
 "Do you ever wonder if there's a whole section of geek culture
 you miss out on by being a geek?" - Dancer.

[EMAIL PROTECTED] Jenn Vesperman http://www.simegen.com/~jenn/


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] Layman's Guides to Computer Security

[James Sutherland]

On Thu, 17 May 2001 [EMAIL PROTECTED] wrote:

>
> > but seriously, regarding the titles of books ... i don't understand how
> > anyone can really care .. if it's an excellent book, should it matter that
> > it's titled "linux for the computer illiterate?"  or how about a terrible
> > book with a very sophisticated intelligent sounding title?  maybe i'm
> > missing the original point of the thread .. but that's how i feel :)
>
> The original point was that I was not -entirely- comfortable with
> the title of a group of articles I'm in the process of writing.
>
> I'd hoped for some feedback on the articles. I got rather more
> feedback on the /titles/ than I'd wanted - and not as much on
> the articles themselves as I'd hoped for. :)
>
> But people seem to enjoy suggesting titles. And there's been some
> good suggestions. Thank you.

The contents also looks good: you could point out in the security section
that the appropriate actions if a machine is compromised vary widely -
here, for example, the instructions are to keep the machine as-is - don't
shut down, don't reboot, just unplug from the Net if it's still being used
by the culprit (so they can't cover their tracks as easily), then call our
CERT and wait for the forensics ppl to visit...


James.
-- 
"Our attitude with TCP/IP is, `Hey, we'll do it, but don't make a big
system, because we can't fix it if it breaks -- nobody can.'"

"TCP/IP is OK if you've got a little informal club, and it doesn't make
any difference if it takes a while to fix it."
-- Ken Olson, in Digital News, 1988


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

[techtalk] Stand Alone boot floppy

[Phil Savoie]

Hi All,

I know how to make a boot floppy, using mkbootdisk.  This works just fine, 
but requires the system to have the kernel located at the right spots and 
uses the disk based information to get running.  I would like to show them 
how to make a boot disk that does not require a working system to support it. 
Any ideas?

Phil

(The premise is to have a boot disk with fdisk on it, so that machines can
be wiped clean without booting a full operating system to do so)
-- 


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] Layman's Guides to Computer Security

[Conor Daly]

On Tue, May 15, 2001 at 09:20:47PM -0700 or so it is rumoured hereabouts, 
Raven, corporate courtesan thought:
 
>  Yup.  [grimace]  After my third assurance to our new management
> that I didn't need an NT desktop in addition to my Sparc (and once
> actually refusing to accept one they delivered anyway), 

I'd have blown away the disk, installed Linux and, when asked why, explain
that I thought I might as well do something *useful* with it...

>  Next time, I'm going to rename them all to ATMErrors.txt,
> BGPPrimer.txt, etc.  He didn't realize that he could open plaintext
> files with Notepad.  "Right click . . . now pick 'Open With...' and
> choose Notepad."  Gak.  Or I'll just convert them to .docs in
> StarOffice.

Don't bother converting to .doc  Just rename then to .doc and M$ word will
open them as text.  Better still, rename them ti .wri and wordpad will
open them and IIRC will monospace the chars and spaces so they look just
like they do in vi

Conor

PS.  I got a treat today at work.  One of the IT Seniors (He used to be
the MS admin) in conversation with me made reference to "non-linux OS's".
It just feels nice. :-)

PPS.  Another colleague, looking at my linux-only box with staroffice running,
said "OOOHH!  Can I deal with word docs and excel spreadsheets and run my 
marine wave model without rebooting?"  Another convert (well, she's been 
*nixing for years but can now hand back her M$ CDs).

-- 
Conor Daly <[EMAIL PROTECTED]>

Domestic Sysadmin :-)
-
Faenor.cod.ie
  8:49pm  up 15 days, 23:39,  0 users,  load average: 0.00, 0.00, 0.00
Hobbiton.cod.ie
  8:56pm  up 15 days, 23:48,  1 user,  load average: 0.00, 0.00, 0.00

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

[techtalk] message to all

[Linda MacPhee-Cobb]

I would like to address several issues quickly here.

First to the person who thought that it was foolish to have security set at 
medium on a linux box.  rtfm.  That is where security should be set for a 
client machine on line.  High and paranoid are only for servers and render 
the box useless for everything but solitare.

To the owners of ip #211.72.43.234 & #10.91.218.147, if you continue to 
attempt to break into my computer I will take the time to hunt you donw and 
locate your employer/college and I will send appropriate documentation, log 
files, and a letter to your respective employer's/school's and inform them.  
(Same goes for anyother ip numbers that show up in my log files)  It has 
been 4 days you have not gotten in.  You will have to do better than running 
someone else's kiddie scripts.  Get a life.  (and some computer skills while 
you are at it.)

To Jenn who thought using 'pretty' in my email address was inappropriate.  
How about the email you sent to Connie about your triple D tits?  His wife 
is still laughing.  She did ask that I mention to you that insurance will 
cover the surgery necessary to fix your disfigurement. If you deny this she 
will forward the email, with your ip and message number to everyone who ever 
posted here.  She is a very good friend of mine.  She isn't working now and 
might even take the time to send it to everyone in your school/employer's 
office.

To others these links may be useful...
http://www.psionic.com
http://www.bastille-linux.com
http://www.nsa.gov

These are open source firewalls and security tools for linux. These tools 
are painless to set up and use, one not need spend valuable time playing 
mechanic. The new mandrake 8.0 has built in security tools which are 
painless to use.


If you will all kindly stay away from me, and my computer... I'll return the 
favor in kind.





_
Get your FREE download of MSN Explorer at http://explorer.msn.com


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

RE: [techtalk] message to all

[Angela Nash]

Good luck hunting that person down on 10.91.218.147.  That's a private
address block.

Jason

-Original Message-
From: Linda MacPhee-Cobb [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 16, 2001 6:07 PM
To: [EMAIL PROTECTED]
Subject: [techtalk] message to all



To the owners of ip #211.72.43.234 & #10.91.218.147, if you continue to 
attempt to break into my computer I will take the time to hunt you donw and 
locate your employer/college and I will send appropriate documentation, log 
files, and a letter to your respective employer's/school's and inform them.

(Same goes for anyother ip numbers that show up in my log files)  It has 
been 4 days you have not gotten in.  You will have to do better than running

someone else's kiddie scripts.  Get a life.  (and some computer skills while

you are at it.)


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[marisa mack]

I want to apologize for this one, I posted the portscan, and forgot
to remove the IP address from the nmap output. This is my fault, as
anytime an IP is posted anywhere, there are bound to be people who
get curious. If there are people on this list running exploits
against that machine, please stop.

Thanks,
Marisa

On Wed, May 16, 2001 at 06:07:25PM -0400, prettyphysicslady sed:

> If you will all kindly stay away from me, and my computer... I'll return the 
> favor in kind.

-- 
Let reality be the grinding stone upon which you sharpen your hatred.

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[Harry Hoffman]

Ok,
 I didn't want to join in on this thread but... oh, well here goes.
Comments are in-line:

On Wed, 16 May 2001, Linda MacPhee-Cobb wrote:

> I would like to address several issues quickly here.
>
> First to the person who thought that it was foolish to have security set at
> medium on a linux box.  rtfm.  That is where security should be set for a
> client machine on line.  High and paranoid are only for servers and render
> the box useless for everything but solitare.
Medium security, especially for a RedHat box is the wrong way to go. It
leaves your box very insecure. If you've chosen this it's probably because
you're relatively new to Linux, and that's ok. No reason to get into a war
about it. After all we all started using it because it's different,
difficult, and something new to learn.

>
> To the owners of ip #211.72.43.234 & #10.91.218.147, if you continue to
> attempt to break into my computer I will take the time to hunt you donw and
> locate your employer/college and I will send appropriate documentation, log
> files, and a letter to your respective employer's/school's and inform them.
...(edited out)
Portscanning is not illegal, not even really a bad thing. If you using a
cable/DSL connection your ISP does it all the time searching for servers
running. It's not even really the first step to an attack and certainly
doesn't constitute one.

>
> To Jenn who thought using 'pretty' in my email address was inappropriate.
> How about the email you sent to Connie about your triple D tits?  His wife
... (edited)
So because someone else acts so immature you feel the need to return that.
Come on we're not 12 anymore (no offense to any 12yr/olds on the list, you
probably act more grown up than the rest!)

Kind regards,

Harry Hoffman
Security Engineer
Comcast Inc.



___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

[techtalk] Enough!

[Maureen Seller]

Ok, I would like to throw my vote in for calling this officially "over the 
line".  The flamewar spawned by this person's original email was *hardly* 
interesting enough to justify all of the traffic, but now we've sunk to 
PERSONAL THREATS.  This is unacceptable!  Stop this crap now!!

Listmeistress, I hope that you will kick this person from the 
list.  Threatening to ruin someone's academic or professional career by 
forwarding slanderous or inflammatory emails about their "cup size" *ought* 
to be unacceptable behavior on at least *this* list!  (We'd be all over 
this person if we could prove they were a man - the gender of the person 
*making* these not-so-idle-threats ought not to be an issue.)

For those of you who may be attacking this person's network, whether out of 
rancor or curiosity, please demonstrate that you can be more mature than 
she is, and leave her network alone.  Please!






>X-Originating-IP: [24.91.217.176]
>From: "Linda MacPhee-Cobb" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>X-OriginalArrivalTime: 16 May 2001 22:07:25.0969 (UTC) 
>FILETIME=[97146810:01C0DE54]
>Subject: [techtalk] message to all
>Sender: [EMAIL PROTECTED]
>X-BeenThere: [EMAIL PROTECTED]
>X-Mailman-Version: 2.0.3
>List-Help: 
>List-Post: 
>List-Subscribe: ,
> 
>List-Id: LinuxChix technical discussion list. 
>List-Unsubscribe: ,
> 
>List-Archive: 
>Date: Wed, 16 May 2001 18:07:25 -0400
>
>I would like to address several issues quickly here.
>
>First to the person who thought that it was foolish to have security set 
>at medium on a linux box.  rtfm.  That is where security should be set for 
>a client machine on line.  High and paranoid are only for servers and 
>render the box useless for everything but solitare.
>
>To the owners of ip #211.72.43.234 & #10.91.218.147, if you continue to 
>attempt to break into my computer I will take the time to hunt you donw 
>and locate your employer/college and I will send appropriate 
>documentation, log files, and a letter to your respective 
>employer's/school's and inform them.
>(Same goes for anyother ip numbers that show up in my log files)  It has 
>been 4 days you have not gotten in.  You will have to do better than 
>running someone else's kiddie scripts.  Get a life.  (and some computer 
>skills while you are at it.)
>
>To Jenn who thought using 'pretty' in my email address was inappropriate.
>How about the email you sent to Connie about your triple D tits?  His wife 
>is still laughing.  She did ask that I mention to you that insurance will 
>cover the surgery necessary to fix your disfigurement. If you deny this 
>she will forward the email, with your ip and message number to everyone 
>who ever posted here.  She is a very good friend of mine.  She isn't 
>working now and might even take the time to send it to everyone in your 
>school/employer's office.
>
>To others these links may be useful...
>http://www.psionic.com
>http://www.bastille-linux.com
>http://www.nsa.gov
>
>These are open source firewalls and security tools for linux. These tools 
>are painless to set up and use, one not need spend valuable time playing 
>mechanic. The new mandrake 8.0 has built in security tools which are 
>painless to use.
>
>
>If you will all kindly stay away from me, and my computer... I'll return 
>the favor in kind.
>
>
>
>
>
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
>___
>techtalk mailing list
>[EMAIL PROTECTED]
>http://www.linux.org.uk/mailman/listinfo/techtalk




maureen seller [EMAIL PROTECTED]
systems goddess __
www.greatplacetowork.com\/  "free your mind
286 divisadero   \  /and your *ss will follow"
san francisco, ca  94117  \/  - george clinton
(415) 503-1234 x318



___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[Amber]

Pretty Physics Flamer,
I don't care who you are, who offended you, or what has been done, this was
pretty low and nasty, and I see no need for it.
There is a hell of a difference between questioning someone's email addy and
quoting private email.
And then threatening to forward it to someones employer? tsk tsk.
I stayed out of this, and this is where I enter then leave again.This was
just rude.
I would expect anyone, and especially someone who was offended when her
degree of education was questioned, to act much more mature and
self possessed in a situation like this. Instead, threats and accusations
abound.
Even my younger siblings know that intellectual debate makes more of a mark
than threats and agression.
I don't care who you are, after this, I consider you a troll, and will no
longer pay attention to your insulting and inflammatory comments posted
here.
You came seeking help, and have caused nothing but upset and harm.
Get Lost.
~Amber~
>
> To Jenn who thought using 'pretty' in my email address was
inappropriate..{end quote for respectful reasons.



___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[Telsa Gwynne]

On Wed, May 16, 2001 at 06:07:25PM -0400 or thereabouts, Linda MacPhee-Cobb wrote:
> I would like to address several issues quickly here.
> 
> First to the person who thought that it was foolish to have security set at 
> medium on a linux box.  rtfm.  That is where security should be set for a 
> client machine on line.  High and paranoid are only for servers and render 
> the box useless for everything but solitare.

Genuine question. Which manual? The Mandrake install manual, or what? 

The subject of your mail was "message to all". I think at least some
parts of your message should not have been sent to a widely-read list.
I didn't want to have to read some of that. 

Telsa

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[Melissa Plunkett]

So here I am having the worst day I can remember and I read this
horrible
nasty email which just makes me all the more chipper :/  I've seen a
troll or
two in my time but this is really the worst. To our extremely rude
friend I say please read this manual: http://List-Etiquette.com/
Now please take your threatening posts somewhere else.

To Jen:  You are one of the most helpful and kind people on the list. 
Please
do not let pathetic human beings with an obvious chip on their shoulder
bother
you.  I for one say you are one of the most valuable people on this
list.

* shaking head *
Melissa...who needs a beer.
 
Telsa Gwynne wrote:
> 
> On Wed, May 16, 2001 at 06:07:25PM -0400 or thereabouts, Linda MacPhee-Cobb wrote:
> > I would like to address several issues quickly here.
> >
> > First to the person who thought that it was foolish to have security set at
> > medium on a linux box.  rtfm.  That is where security should be set for a
> > client machine on line.  High and paranoid are only for servers and render
> > the box useless for everything but solitare.
> 
> Genuine question. Which manual? The Mandrake install manual, or what?
> 
> The subject of your mail was "message to all". I think at least some
> parts of your message should not have been sent to a widely-read list.
> I didn't want to have to read some of that.
> 
> Telsa
> 
> ___
> techtalk mailing list
> [EMAIL PROTECTED]
> http://www.linux.org.uk/mailman/listinfo/techtalk

-- 
/*
/* Melissa Plunkett
/* System/Network Administrator
/* [EMAIL PROTECTED]
/* College of Education
/* University of Missouri - Columbia
/* 111 London Hall
/* Columbia, MO 65211
/* Phone: (573) 884-6835
/* Fax:   (573) 884-5158
*/

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[Kai MacTane]

At 5/16/01 03:07 PM , Linda MacPhee-Cobb wrote:

>If you will all kindly stay away from me, and my computer... I'll return 
>the favor in kind.

Please do. I have done nothing to you, your computer, or anything else 
associated with either of them.

In return, kindly stay away from me and this list. Thank you.

 --Kai MacTane
--
"A spark has passed between us, now
  A momentary recognition..."
 --Oingo Boingo,
  "Skin"


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] Enough! (and a celebration of SSL victory)

[Amy]

Amen to Maureen's post, I lose it at the mention of
of a threat to post personal e-mail to a list. ::grrr:
That's my hot button, right there. But enough of that,
on to actual tech talk  :-) 

I am extremely happy that we solved an SSL
problem today that has been plagueing us for
awhile. I posted some time back, I believe,
about an SSL issue with some buggy versions
of Internet Explorer (versions which most
users of Windows 98 that never update their
systems have, which=ALOT of Windows users)
Anyway, today we installed RH7.1 with Apache 1.3.19
and the problems appear to have vanished. 
(images wouldn't show up in some when in secure mode,
page wouldn't display on others) If anyone else has this
problem with older versions of Redhat, there's the 
solution. I am sure it's actually the combination of
the Apache and the mod_ssl (certificate by Verisign) that 
actually made the difference. I had scoured the net for a 
solution (before 7.1 came out) and found a workaround, but
THAT caused Netscape to give a certicate warning
everytime, and didn't work on any Mac, period. It also 
gave errors in regular IE, but the images did display. 
Everything *seems* to be working now, and we've
tried it on several Mac browsers, Linux, the buggy 
version of IE, regular IE, and Netscape. So I am a 
happy camper today  :-) 


Amy


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[Mary Gardiner]

On Wed, May 16, 2001 at 06:07:25PM -0400, Linda MacPhee-Cobb wrote:
> If you will all kindly stay away from me, and my computer... I'll return the 
> favor in kind.

If there is one thing I really hate, it's extrapolation like that. Makes you
want to ban inductive reasoning, really.

>From someone who claims that personal attacks weaken an argument too.

Mary.

-- 
Mary Gardiner
<[EMAIL PROTECTED]>
GPG Key ID: 77625870

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

RE: [techtalk] message to all

[Davida Schiff]

Title: RE: [techtalk] message to all





Hi Melissa,


Thanks for the URL (http://List-Etiquette.com/). 


Davida


-Original Message-
From: Melissa Plunkett [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 16, 2001 5:13 PM
To: [EMAIL PROTECTED]
Subject: Re: [techtalk] message to all



So here I am having the worst day I can remember and I read this
horrible
nasty email which just makes me all the more chipper :/  I've seen a
troll or
two in my time but this is really the worst. To our extremely rude
friend I say please read this manual: http://List-Etiquette.com/
Now please take your threatening posts somewhere else.


To Jen:  You are one of the most helpful and kind people on the list. 
Please
do not let pathetic human beings with an obvious chip on their shoulder
bother
you.  I for one say you are one of the most valuable people on this
list.


* shaking head *
Melissa...who needs a beer.
 
Telsa Gwynne wrote:
> 
> On Wed, May 16, 2001 at 06:07:25PM -0400 or thereabouts, Linda MacPhee-Cobb wrote:
> > I would like to address several issues quickly here.
> >
> > First to the person who thought that it was foolish to have security set at
> > medium on a linux box.  rtfm.  That is where security should be set for a
> > client machine on line.  High and paranoid are only for servers and render
> > the box useless for everything but solitare.
> 
> Genuine question. Which manual? The Mandrake install manual, or what?
> 
> The subject of your mail was "message to all". I think at least some
> parts of your message should not have been sent to a widely-read list.
> I didn't want to have to read some of that.
> 
> Telsa
> 
> ___
> techtalk mailing list
> [EMAIL PROTECTED]
> http://www.linux.org.uk/mailman/listinfo/techtalk


-- 
/*
/* Melissa Plunkett
/* System/Network Administrator
/* [EMAIL PROTECTED]    
/* College of Education
/* University of Missouri - Columbia
/* 111 London Hall
/* Columbia, MO 65211
/* Phone: (573) 884-6835
/* Fax:   (573) 884-5158
*/


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[jenn]

Melissa Plunkett wrote:


> To Jen:  You are one of the most helpful and kind people on the list. 
> Please
> do not let pathetic human beings with an obvious chip on their shoulder
> bother
> you.  I for one say you are one of the most valuable people on this
> list.

Hm. If being threatened gets me these sorts of compliments.. then
please, people, go ahead and threaten me!

Seriously: thank you, Melissa. And thank you to others who have 
posted concern and nice-things. I truly appreciate it. 

I also suggest that future expressions of concern go to grrltalk,
so we can keep this list for technical matters, not flames and 
their aftermath.
That's not a lack of appreciation, nor a criticism of those who 
have sent it! By any means! Just that techtalk has been offtopic
for a while now, and maybe we should try to move it back to 
ontopic. :)


And yes, so far I'm taking it with equanimity. It bothers me that
she's so upset, and I can't figure out what I've done; unless she
misinterpreted stuff I said.



Jenn V.
-- 
 "Do you ever wonder if there's a whole section of geek culture
 you miss out on by being a geek?" - Dancer.

[EMAIL PROTECTED] Jenn Vesperman http://www.simegen.com/~jenn/


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[Raven, corporate courtesan]

Heya --

Quoth prettyphysicslady:
> First to the person who thought that it was foolish to have security
> set at medium on a linux box.  rtfm.  That is where security should 
> be set for a client machine on line.  High and paranoid are only for 
> servers and render the box useless for everything but solitare.

 In my opinion, security settings like this ought to be taken with
a grain of salt.  "Medium", "High", "Paranoid", etc. provide good
places for newbies to start, but they are by no means canonical.  Nor
are they substitutes for customizing the settings to fit the needs of
your machine.  There are desktops that use ssh and PGP and all sorts of
other encryption/security software, and there are servers out there
serving up anonymous wu-ftp'd files to anyone who wants them.  The
manual gives guidelines only, not Linux Bibles to thump.

> To the owners of ip #211.72.43.234 & #10.91.218.147, if you continue
> to attempt to break into my computer I will take the time to hunt you
> down...

 10.0.0.0/8 is RFC 1918 private address space.  It's not globally
routable.  There are probably 300 machines on the internet with
10.91.218.147 as their IP address.  And unless they're on your same
local network, you'll never see them or be able to track them down.  If
you are unfamiliar with private address space, you can find an
explanation at http://www.geektools.com/rfc/rfc1918.txt

 Personal attacks, flaming, and threatening other listmembers is
completely inappropriate.  Jenn has consistently been one of the most
helpful and interesting posters on the list over the last year and
change.  By attacking her in so petty a manner, you only make yourself
look bad.

 If I wanted stupid hacker wars, there's any number of other lists
for that.  Let's get back on topic.

Cheers,
Raven

=
"Putting God ahead of the company.  Bastards.  Isn't there
 separation between Church and Internet?"
 -- NOC management, trying to get a volunteer to work Sunday

__
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] Physical security example

[coldfire]

> > the point of all this? Sometimes, you don't need to consider what the worst 
> > possibility is; you just need to consider what will actually be going on 
> > under real-world conditions. Sure, there's a half-dozen sysadmin friends 
> > who come over on a regular basis who *could*, the next time I leave them 
> > unattended in the kitchen for five minutes, stick a boot floppy in the 
> > drive, smack Ctrl-Alt-Del twice, and quickly change my root password to 
> > whatever they wanted.

i'm paranoid .. even though i live in the middle of no where and have
very few guests, all of my boxen have bios passwords set with a boot
sequence of  first then other media.  lilo is passworded
on windows partitions and restricted on linux partitions.

> And I have one (or three (the other being no smoking and no bowling
> (which covers Everything(tm rule in my house: do not reboot any
> computers without told so!
> 
> One guy - which I didn't know, he was a friend of someone I thought I
> could trust (well, I do, I think they just met the same night) - once
> was in a party at late night in our room. He was sitting in the living
> room with my bf and some friends. Suddenly he went to the computer,
> mumbeled something about playing and rebooted it! It had an uptime of
> about 300 days so I was pretty serious about not rebooting it (it had a
> load of 4 due to some zombie netscape procs that didn't die, but uptime
> was more important). When I heard he was rebooting I got FURIOUS!

dude ... i would've killed the !@#$%^.


abe


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] Layman's Guides to Computer Security

[coldfire]

> > but seriously, regarding the titles of books ... i don't understand how
> > anyone can really care .. if it's an excellent book, should it matter that
> > it's titled "linux for the computer illiterate?"  or how about a terrible
> > book with a very sophisticated intelligent sounding title?  maybe i'm
> > missing the original point of the thread .. but that's how i feel :)
> 
> The original point was that I was not -entirely- comfortable with
> the title of a group of articles I'm in the process of writing.
> 
> I'd hoped for some feedback on the articles. I got rather more
> feedback on the /titles/ than I'd wanted - and not as much on
> the articles themselves as I'd hoped for. :)
> 
> But people seem to enjoy suggesting titles. And there's been some
> good suggestions. Thank you.

ahh .. one thing i've noticed is that topics can run rampant here and
often times they end up traversing several tangents :)  but regarding the
articles, just do a kick @$$ job and all will be well (i hope) hehe.
don't judge a book by it's cover ... or a group of articles by their
title.  :)

abe


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[coldfire]

*senses some hostility here*  but it's kinda funny :)

abe

On Wed, 16 May 2001, Linda MacPhee-Cobb wrote:

> I would like to address several issues quickly here.
> 
> First to the person who thought that it was foolish to have security set at 
> medium on a linux box.  rtfm.  That is where security should be set for a 
> client machine on line.  High and paranoid are only for servers and render 
> the box useless for everything but solitare.
> 
> To the owners of ip #211.72.43.234 & #10.91.218.147, if you continue to 
> attempt to break into my computer I will take the time to hunt you donw and 
> locate your employer/college and I will send appropriate documentation, log 
> files, and a letter to your respective employer's/school's and inform them.  
> (Same goes for anyother ip numbers that show up in my log files)  It has 
> been 4 days you have not gotten in.  You will have to do better than running 
> someone else's kiddie scripts.  Get a life.  (and some computer skills while 
> you are at it.)
> 
> To Jenn who thought using 'pretty' in my email address was inappropriate.  
> How about the email you sent to Connie about your triple D tits?  His wife 
> is still laughing.  She did ask that I mention to you that insurance will 
> cover the surgery necessary to fix your disfigurement. If you deny this she 
> will forward the email, with your ip and message number to everyone who ever 
> posted here.  She is a very good friend of mine.  She isn't working now and 
> might even take the time to send it to everyone in your school/employer's 
> office.
> 
> To others these links may be useful...
> http://www.psionic.com
> http://www.bastille-linux.com
> http://www.nsa.gov
> 
> These are open source firewalls and security tools for linux. These tools 
> are painless to set up and use, one not need spend valuable time playing 
> mechanic. The new mandrake 8.0 has built in security tools which are 
> painless to use.
> 
> 
> If you will all kindly stay away from me, and my computer... I'll return the 
> favor in kind.
> 
> 
> 
> 
> 
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com
> 
> 
> ___
> techtalk mailing list
> [EMAIL PROTECTED]
> http://www.linux.org.uk/mailman/listinfo/techtalk
> 


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] message to all

[coldfire]

i was going to ignore the rest myself ... but a few specific examples i'd
like to point out ..

> Ok,
>  I didn't want to join in on this thread but... oh, well here goes.
> Comments are in-line:
> 
> > I would like to address several issues quickly here.
> >
> > First to the person who thought that it was foolish to have security set at
> > medium on a linux box.  rtfm.  That is where security should be set for a
> > client machine on line.  High and paranoid are only for servers and render
> > the box useless for everything but solitare.
> Medium security, especially for a RedHat box is the wrong way to go. It
> leaves your box very insecure. If you've chosen this it's probably because
> you're relatively new to Linux, and that's ok. No reason to get into a war
> about it. After all we all started using it because it's different,
> difficult, and something new to learn.

medium security on any distro i have seen includes no firewall protection
and by default, services such as 'wu.ftpd,' 'finger,' and 'telnet' are
running.  come on .. a linux newbie has no idea what inetd is or even that
their new linux box is now an ftp server!  without elaborating on any
other specific points, i feel content saying that "medium" security hardly
suffices for a client machine online.

> > To the owners of ip #211.72.43.234 & #10.91.218.147, if you continue to
> > attempt to break into my computer I will take the time to hunt you donw and
> > locate your employer/college and I will send appropriate documentation, log
> > files, and a letter to your respective employer's/school's and inform them.
> ...(edited out)
> Portscanning is not illegal, not even really a bad thing. If you using a
> cable/DSL connection your ISP does it all the time searching for servers
> running. It's not even really the first step to an attack and certainly
> doesn't constitute one.

i don't recall reading that anyone was portscanning .. regardless, it is
illegal to portscan if it violates the contract with your particular ISP
or institution.  otherwise, it's not like it's hard to prevent someone
from portscanning your box.

> > To Jenn who thought using 'pretty' in my email address was inappropriate.
> > How about the email you sent to Connie about your triple D tits?  His wife
> ... (edited)
> So because someone else acts so immature you feel the need to return that.
> Come on we're not 12 anymore (no offense to any 12yr/olds on the list, you
> probably act more grown up than the rest!)

give me a break.


abe



___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

[techtalk] ssh slow login

[David Merrill]

I just set up a new alphaserver on my home network. It is running
Debian testing.

When I ssh into this box, it sometimes takes 20-30 seconds for the
login prompt to come up. Does anyone know why it would take this long
to display a login prompt over a LAN? The machine has almost no load
on it.

Thanks,

-- 
Dr. David C. Merrill http://www.lupercalia.net
Linux Documentation Project   [EMAIL PROTECTED]
Collection Editor & Coordinatorhttp://www.linuxdoc.org
   Finger me for my public key

Mac Airways:
The cashiers, flight attendants and pilots all look the same, feel the same
and act the same. When asked questions about the flight, they reply that you
don't want to know, don't need to know and would you please return to your
seat and watch the movie.

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] ssh slow login

[Mark Foster]

Im going to pipe up, if only because I actually know the answer to this one!
;)

SSH is trying to do nslookups, id guess.  Check you have a valid /etc/hosts
/ c:\windows\hosts / c:\winnt\system32\drivers\etc\hosts file with entries
for both client and server.. that may solve it.

(Waves to Fenchurch, if shes about :) )

-.-. --.-
:-)

- Original Message -
From: "David Merrill" <[EMAIL PROTECTED]>
To: "TechTalk" <[EMAIL PROTECTED]>
Sent: Thursday, May 17, 2001 3:26 PM
Subject: [techtalk] ssh slow login


> I just set up a new alphaserver on my home network. It is running
> Debian testing.
>
> When I ssh into this box, it sometimes takes 20-30 seconds for the
> login prompt to come up. Does anyone know why it would take this long
> to display a login prompt over a LAN? The machine has almost no load
> on it.
>
> Thanks,
>
> --
> Dr. David C. Merrill http://www.lupercalia.net
> Linux Documentation Project   [EMAIL PROTECTED]
> Collection Editor & Coordinatorhttp://www.linuxdoc.org
>Finger me for my public key
>
> Mac Airways:
> The cashiers, flight attendants and pilots all look the same, feel the
same
> and act the same. When asked questions about the flight, they reply that
you
> don't want to know, don't need to know and would you please return to your
> seat and watch the movie.
>
> ___
> techtalk mailing list
> [EMAIL PROTECTED]
> http://www.linux.org.uk/mailman/listinfo/techtalk
>


___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk

Re: [techtalk] ssh slow login

[Jamie Walker]

On Wed, May 16, 2001 at 11:26:36PM -0400, David Merrill wrote:

> When I ssh into this box, it sometimes takes 20-30 seconds for the
> login prompt to come up. Does anyone know why it would take this long
> to display a login prompt over a LAN? The machine has almost no load
> on it.

It's trying and failing to do a DNS lookup on the host you're connecting 
from.

A quick way around it is to add the IP address of that machine to 
/etc/hosts on the machine you're connecting to.

-- 
Phone: +64-9-373-7599 x4679  Room: 2.315, E&EE Dept, School of Eng.
Email: [EMAIL PROTECTED]  or shout loudly

___
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk