Duncan Simpson wrote:
BTW I think you might be able to detect promiscous mode with a raw
socket (at least on non-switched ethernet). If I send a ping packet to
192.168.1.42 using the wrong ethernet address then a response implies
promiscous mode because otherwise the interface would have dropped th
On Thu, 2005-03-03 at 11:54, David Mandelberg wrote:
> Physical access means they can touch the machine. Local access means they can
> log into the machine. Often local access is further restricted to mean they
> can
> log in and get a real shell (i.e. the shell isn't /usr/sbin/pppd).
I tend to p
On Thu, 3 Mar 2005, David Mandelberg wrote:
> Alvin Oga wrote:
> > ah .. good point ... i make no distinction between "local access"
> > vs "physical access" in that if the server is behind the locked
> > door, it'd be better than if its on the corp server in the next
> > open cubicle on the sam
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Stone escreveu:
:: On Wed, Mar 02, 2005 at 04:19:50PM -0300, Felipe
:: Augusto van de Wiel (faw) wrote:
I don't exactly, but, if you already allow your
users to use sudo/su solutions, why are you trying to
change it and... if
Alvin Oga wrote:
> ah .. good point ... i make no distinction between "local access"
> vs "physical access" in that if the server is behind the locked
> door, it'd be better than if its on the corp server in the next
> open cubicle on the same cat 5 wires, hubs and switches etc
Physical access mea
On Wed, 2 Mar 2005, s. keeling wrote:
> Incoming from Alvin Oga:
> >
> > On Wed, 2 Mar 2005, David Mandelberg wrote:
> >
> > > s. keeling wrote:
> > > > Isn't it generally accepted that black hats who get local access (ie.,
> > > > a user login account) is _much_ worse than black hats who've b
On Wed, 2 Mar 2005, David Mandelberg wrote:
> Alvin Oga wrote:
> > no more telnet, no more pop3, no more wireless, no more
> > anything that is insecure
> Those are not insecure: using them unwisely is. Telnet over a VPN is just as
> secure as ssh with password authentication. The same g
On Wednesday 02 March 2005 18.57, s. keeling wrote:
> Incoming from Brian Kim:
> > [snip]
> > solution, what sorts of security concerns does it present, aside from
> > the obvious "anyone can see anything" sort of concern?
>
> Do you understand what "anyone can see anything" really means? Have
> y
8 matches
Mail list logo
