Date: Tue, 01 Aug 2006 19:44:37 +0200 From: =?ISO-8859-1?Q?Erik_N=F8rgaard?= <norgaard@locolomo.org> To: Freminlins <freminlins@gmail.com> Cc: freebsd-questions@freebsd.org, Tyler Spivey <tspivey@pcdesk.net> Subject: Re: switching from linux to freebsd Message-ID: <44CF9305.7050907@locolomo.org> In-Reply-To: <eeef1a4c0608010854g77eb05abl6305e359294f9a88@mail.gmail.com> References: <20060801053719.GA6735@fast> <44CEF9EB.3080807@locolomo.org> <eeef1a4c0608010518x28f5d82bw416dff78a99a603f@mail.gmail.com> <44CF7279.5040504@locolomo.org> <eeef1a4c0608010854g77eb05abl6305e359294f9a88@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format. --------------ms030207080402030607070802 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Freminlins wrote: > You made the point with reference to security, not system recovery. That > is what I am contradicting. Security is often misunderstood to mean protecting against unauthorized access. But this is only part of information security. You need to protect your information assets such as to ensure continuity of business operations, and this covers: * Confidentiality * Integrity * Availability The last two evidently have to do with data and system recovery, and this was the question being raised in OP. Which is more important depends on the data. In some cases unauthorized disclosure is less costly than downtime. The security professional evaluates the potential losses for each breach against the cost of protecting against that breach. Integrity of the base installation is important because it ensures integrity of the base system against the most common failures - say power out, and provides for faster recovery of systems hence addressing availability - and not to mention it is cheap! If you configure your server using LDAP or NIS for user management then you only need to mount the root file system rw when updating the base system or changing root password. Add the MAC and you will likely be able to protect further against the attack you mention. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 --------------ms030207080402030607070802 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIL5jCC Be8wggPXoAMCAQICCQCNA1Uf/OBPDDANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCRVMx GDAWBgNVBAoTD0RhZW1vbiBTZWN1cml0eTEeMBwGA1UECxMVQ2VydGlmaWNhdGUgQXV0aG9y aXR5MR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxJDAiBgkqhkiG9w0BCQEWFWNh QGRhZW1vbnNlY3VyaXR5LmNvbTEKMAgGA1UEBRMBMDAeFw0wNjA0MjAxMzE2NTBaFw0wNzA0 MjAxMzE2NTBaMGIxCzAJBgNVBAYTAkVTMRUwEwYDVQQKEwxMb2NvTG9tby5PcmcxFjAUBgNV BAMTDUVyaWsgTm9yZ2FhcmQxJDAiBgkqhkiG9w0BCQEWFW5vcmdhYXJkQGxvY29sb21vLm9y ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPmPk5QnkyvR4ZNS/jYCYEk6/x/ mqSIqM7XXmikYX4AmbS4AbgJg7tY150ti87oYIjH4pnt1ReYWV4P2lDE2w0Db73Fk3TGpYcq XNUu4uRl8eoMX6Mh5I34tzJc+ZJqXW0pQtzP7JDgPvLddh0roY/ongaqpnrA6dDh0QfEC+ky z1abx9xmp776RPfRnbzjUht9VGPohiZFLyNfLgw5x4Q5/efDtx3tKDMJP67UnVd1tbclKbOs +HaqxYXNr1TJ9HIpRpfb4IhBFCvBDiiHUjbGtpi2EXeHuwoQ8cp7mjl6j1BfGaoFHvqzA1GD +156qJ9waxEvx/0XGudqWJeFTVkCAwEAAaOCAW4wggFqMA8GA1UdEwEB/wQFMAMCAQAwCwYD VR0PBAQDAgO4MB0GA1UdDgQWBBRpebgs44/nvl3Dw7F0Yrg/nx9puTCBzgYDVR0jBIHGMIHD gBSOYakm6rz5V4h0qO3QlbBuYT3ipaGBn6SBnDCBmTELMAkGA1UEBhMCRVMxGDAWBgNVBAoT D0RhZW1vbiBTZWN1cml0eTEeMBwGA1UECxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR4wHAYD VQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxJDAiBgkqhkiG9w0BCQEWFWNhQGRhZW1vbnNl Y3VyaXR5LmNvbTEKMAgGA1UEBRMBMIIJAI0DVR/84E8BMCAGA1UdEQQZMBeBFW5vcmdhYXJk QGxvY29sb21vLm9yZzA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vd3d3LmRhZW1vbnNlY3Vy aXR5LmNvbS9jYS9kcy5jcmwwDQYJKoZIhvcNAQEFBQADggIBAMefA0DXBeUmPG353ldj4jQP TKusU49AGPtH0gI0W7gnc8L6NQb7/lzpF1xW3fVOXmDBSQrSzdsmPoUiQBOv8/GTPiJbktbr eHGPDDi7xTmNgGCh/gv9EECEc0casKs778FMhJxQDIKUrBpdxpxUVHxzR9m2MgCaiOPi0oru o5ZjdNh4PyfSrYkkMJmp9w7ouulyf7wSOwwyIxZixWHVIo0lJBZCFQqIcCXzmnLUhlUKqMGb 0sOsPh7GITecrfGAM8iBpLuRjGe3yDa8Xx2riflJLjKxqcSg0OIhibS3xkGTgoJhtAJBB21G CkcnHmLXmnXYZvfE/D4twmSGo3j4D79xFA5xMJU5IwNYT+agU2srRq11eZvtVK3p2sF2rgSK 99cbCHL0K3AhhiF9z+1uLjZO8UgnvB81rQG+Kzn/nvZgQ1bvxKnrtzs3UuKPyAXflNVSiMwO vUv04tBJcIGrdiav64BTQFBgguY7JWWkrsaTeEMUHXW6aUyGCfngQ2LR6McfDeZZLM0BKXiv pjozutGTR76khWqSsttSZQoGoNbMRcHodFCZ2RHSsM1rPKINY1w7vTnr8oEVD3D+pY1UrM/o vDkvS8ypr+gg66pMC0gXl7cReoFNiE118sHKlAEGKNlka3Pga2r+AL6KrjwCZHMwOFDheFoN k9rxTruKV0O0MIIF7zCCA9egAwIBAgIJAI0DVR/84E8MMA0GCSqGSIb3DQEBBQUAMIGZMQsw CQYDVQQGEwJFUzEYMBYGA1UEChMPRGFlbW9uIFNlY3VyaXR5MR4wHAYDVQQLExVDZXJ0aWZp Y2F0ZSBBdXRob3JpdHkxHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEkMCIGCSqG SIb3DQEJARYVY2FAZGFlbW9uc2VjdXJpdHkuY29tMQowCAYDVQQFEwEwMB4XDTA2MDQyMDEz MTY1MFoXDTA3MDQyMDEzMTY1MFowYjELMAkGA1UEBhMCRVMxFTATBgNVBAoTDExvY29Mb21v Lk9yZzEWMBQGA1UEAxMNRXJpayBOb3JnYWFyZDEkMCIGCSqGSIb3DQEJARYVbm9yZ2FhcmRA bG9jb2xvbW8ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+Y+TlCeTK9H hk1L+NgJgSTr/H+apIioztdeaKRhfgCZtLgBuAmDu1jXnS2LzuhgiMfime3VF5hZXg/aUMTb DQNvvcWTdMalhypc1S7i5GXx6gxfoyHkjfi3Mlz5kmpdbSlC3M/skOA+8t12HSuhj+ieBqqm esDp0OHRB8QL6TLPVpvH3GanvvpE99GdvONSG31UY+iGJkUvI18uDDnHhDn958O3He0oMwk/ rtSdV3W1tyUps6z4dqrFhc2vVMn0cilGl9vgiEEUK8EOKIdSNsa2mLYRd4e7ChDxynuaOXqP UF8ZqgUe+rMDUYP7Xnqon3BrES/H/Rca52pYl4VNWQIDAQABo4IBbjCCAWowDwYDVR0TAQH/ BAUwAwIBADALBgNVHQ8EBAMCA7gwHQYDVR0OBBYEFGl5uCzjj+e+XcPDsXRiuD+fH2m5MIHO BgNVHSMEgcYwgcOAFI5hqSbqvPlXiHSo7dCVsG5hPeKloYGfpIGcMIGZMQswCQYDVQQGEwJF UzEYMBYGA1UEChMPRGFlbW9uIFNlY3VyaXR5MR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBBdXRo b3JpdHkxHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEkMCIGCSqGSIb3DQEJARYV Y2FAZGFlbW9uc2VjdXJpdHkuY29tMQowCAYDVQQFEwEwggkAjQNVH/zgTwEwIAYDVR0RBBkw F4EVbm9yZ2FhcmRAbG9jb2xvbW8ub3JnMDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly93d3cu ZGFlbW9uc2VjdXJpdHkuY29tL2NhL2RzLmNybDANBgkqhkiG9w0BAQUFAAOCAgEAx58DQNcF 5SY8bfneV2PiNA9Mq6xTj0AY+0fSAjRbuCdzwvo1Bvv+XOkXXFbd9U5eYMFJCtLN2yY+hSJA E6/z8ZM+IluS1ut4cY8MOLvFOY2AYKH+C/0QQIRzRxqwqzvvwUyEnFAMgpSsGl3GnFRUfHNH 2bYyAJqI4+LSiu6jlmN02Hg/J9KtiSQwman3Dui66XJ/vBI7DDIjFmLFYdUijSUkFkIVCohw JfOactSGVQqowZvSw6w+HsYhN5yt8YAzyIGku5GMZ7fINrxfHauJ+UkuMrGpxKDQ4iGJtLfG QZOCgmG0AkEHbUYKRyceYteaddhm98T8Pi3CZIajePgPv3EUDnEwlTkjA1hP5qBTaytGrXV5 m+1UrenawXauBIr31xsIcvQrcCGGIX3P7W4uNk7xSCe8HzWtAb4rOf+e9mBDVu/Eqeu3OzdS 4o/IBd+U1VKIzA69S/Ti0Elwgat2Jq/rgFNAUGCC5jslZaSuxpN4QxQddbppTIYJ+eBDYtHo xx8N5lkszQEpeK+mOjO60ZNHvqSFapKy21JlCgag1sxFweh0UJnZEdKwzWs8og1jXDu9Oevy gRUPcP6ljVSsz+i8OS9LzKmv6CDrqkwLSBeXtxF6gU2ITXXywcqUAQYo2WRrc+Brav4Avoqu PAJkczA4UOF4Wg2T2vFOu4pXQ7QxggP8MIID+AIBATCBpzCBmTELMAkGA1UEBhMCRVMxGDAW BgNVBAoTD0RhZW1vbiBTZWN1cml0eTEeMBwGA1UECxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5 MR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxJDAiBgkqhkiG9w0BCQEWFWNhQGRh ZW1vbnNlY3VyaXR5LmNvbTEKMAgGA1UEBRMBMAIJAI0DVR/84E8MMAkGBSsOAwIaBQCgggIp MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA2MDgwMTE3NDQz N1owIwYJKoZIhvcNAQkEMRYEFLaSIT2n2eQYmNs7aH+IMkopDpHUMFIGCSqGSIb3DQEJDzFF MEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIH MA0GCCqGSIb3DQMCAgEoMIG4BgkrBgEEAYI3EAQxgaowgacwgZkxCzAJBgNVBAYTAkVTMRgw FgYDVQQKEw9EYWVtb24gU2VjdXJpdHkxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0 eTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSQwIgYJKoZIhvcNAQkBFhVjYUBk YWVtb25zZWN1cml0eS5jb20xCjAIBgNVBAUTATACCQCNA1Uf/OBPDDCBugYLKoZIhvcNAQkQ AgsxgaqggacwgZkxCzAJBgNVBAYTAkVTMRgwFgYDVQQKEw9EYWVtb24gU2VjdXJpdHkxHjAc BgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0 aG9yaXR5MSQwIgYJKoZIhvcNAQkBFhVjYUBkYWVtb25zZWN1cml0eS5jb20xCjAIBgNVBAUT ATACCQCNA1Uf/OBPDDANBgkqhkiG9w0BAQEFAASCAQAAAI58ifDCdbx+ZgJiMWP28lWpvcR7 qPEtN+Rs/oFxGwQRi6yMeZAKD8Zgwg4tH3w+BCWk/75HuKbK20M8apCVN12LkJRB3/EfiIOu pFdIWwvs8y667PTeCLalmmHo8s8yKS1Z4cS7Xtn4RPTEqZvxqJnNQcpNQCwfpGey9IXlwy+g F6F8pp5gnulR7vIXdOO2KHGo/DoMsBCX5rM3R1zfoiNQpY7tWXxZWLKkHd5T37ItRQy9wCz8 cudnuzHycj10mp1KIn4x8NUDTRBw7zH12lTW3xyiJoX7hGwMrJuBlmL5DB5uh3kYzoOhr8/y Q8CB/bo6XNhWJYdWp+4Wf0DOAAAAAAAA --------------ms030207080402030607070802--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44CF9305.7050907>