From owner-freebsd-stable  Wed Dec  5  9:54: 6 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from mikea.ath.cx (okc-65-30-192-11.mmcable.com [65.30.192.11])
	by hub.freebsd.org (Postfix) with ESMTP id 8BFCD37B419
	for <freebsd-stable@FreeBSD.ORG>; Wed,  5 Dec 2001 09:54:03 -0800 (PST)
Received: (from mikea@localhost)
	by mikea.ath.cx (8.11.6/8.11.1) id fB5Hrv432878
	for freebsd-stable@FreeBSD.ORG; Wed, 5 Dec 2001 11:53:57 -0600 (CST)
	(envelope-from mikea)
Date: Wed, 5 Dec 2001 11:53:57 -0600
From: mikea <mikea@mikea.ath.cx>
To: freebsd-stable@FreeBSD.ORG
Subject: Re: naive security question
Message-ID: <20011205115357.A32850@mikea.ath.cx>
References: <20011205174654.93719.qmail@web21009.mail.yahoo.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20011205174654.93719.qmail@web21009.mail.yahoo.com>; from mattmsykes@yahoo.co.uk on Wed, Dec 05, 2001 at 05:46:54PM +0000
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Wed, Dec 05, 2001 at 05:46:54PM +0000, Matt Sykes wrote:

> My question is: how confident should I be?  Is it really worthwhile
> for me to spend time setting up tripwire, kernel levels, etc?  How
> many people are that really that paranoid (paranoia being a good
> thing)?  I am a software developer (this box is at work), so the more
> time I spend developing software the better.

Everyone's mileage varies - sometimes a lot.

Is your machine inside a firewall? If so, then P(outside attack)
goes down significantly for a good firewall configuration. If you
are concerned about your co-workers attacking you, then you need
to implement the same protections as for an outside attack -- and
IMHO to go job-junting.

My FreeBSD machine here at work has tripwire installed, and
enough password to keep the honest people out. I certainly don't
worry about kernel security levels.

-- 
Mike Andrews
mikea@mikea.ath.cx
Tired old sysadmin since 1964

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message