Date: Fri, 12 Feb 2010 12:19:24 -0500 From: Jon Radel <jon@radel.com> To: freebsd-questions@freebsd.org Subject: Re: PASSWORD LOST!! Message-ID: <4B758D9C.3030708@radel.com> In-Reply-To: <6201873e1002120619rc40fb34n98bbb2b0db8b6b43@mail.gmail.com> References: <0B47F5A9-A603-408F-A727-E81739E539C5@andersonbrothers.biz> <201002091059.27019.mike.jeays@rogers.com> <b79ecaef1002091144g6014eb0ak75955f63c82a4b4b@mail.gmail.com> <b121fe571002111714l2529f57bndd63d0d6ac404363@mail.gmail.com> <201002120124.o1C1OS3o015060@banyan.cs.ait.ac.th> <4B751F70.8060402@gmail.com> <20100212080524.B67483@starfire.mn.org> <6201873e1002120619rc40fb34n98bbb2b0db8b6b43@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format. --------------ms090502060902060000070803 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Adam Vande More wrote: > On Fri, Feb 12, 2010 at 8:05 AM, John <john@starfire.mn.org> wrote: > >> People, people - be careful that we are not creating a formula to >> break into FreeBSD servers around the world... >> >> The only acceptable solution is for someone in Eric's organization >> to secure physical access to the server. It may be in a co-lo >> situation, but if that's true, they must have a contract open and, >> if nothing else, they terminate the contract and get the machine >> back, though more likely, the contract allows them supervised >> access. Machines are not perfect - even without losing the root >> password, they break and need maintenance - this is a MAINTENANCE >> event and should be treated as such, just like a hard drive failure >> or a NIC failure. >> >> Creating a scheme for someone to break into FreeBSD systems remotely >> or to publicize schemes people have created to remotely manage their >> systems in ways that could be used to compromise them is foolishness! >> >> Regardless of the purity of his intention, Eric is asking us to >> tell him how to break into our homes or steal our cars. ;) >> > > Security through obscurity is no security, hence it is a good exercise. > > Quite. In any case, the OP started out by telling us how he had plugged a monitor into the server, so we're several degrees removed from reality by this point. -- --Jon Radel jon@radel.com --------------ms090502060902060000070803 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJMTCC AvMwggJcoAMCAQICEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UE BhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMT I1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA5MDIyNTA0MTMyNloX DTEwMDIyNTA0MTMyNlowXjEOMAwGA1UEBBMFUmFkZWwxEzARBgNVBCoTCkpvbiBUaG9tYXMx GTAXBgNVBAMTEEpvbiBUaG9tYXMgUmFkZWwxHDAaBgkqhkiG9w0BCQEWDWpvbkByYWRlbC5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeT7qtj+euqWr2wXM7OnwrXJe9 Jlc0CGaM69AcTWOFakRY7MUXrqcmF5WjrqrMoagfGjS362eb6787x313ZdLoGuQPh/o2Mqp4 BbSgcnGZRj82SxkUmSN6+2q5ZOOYA6JmfvJwmBuRQ8sHki4GnoSwbIc11a70/z4at5qRi8bb /RtmJYewnpwXErfuuq0hhVSsYKFPXELzSahlpyC+lUfIdgvLJGxc7eU5QuvtYmuohNjn4k9C SJinvfjFbkvgbIgtvZxxmcE74NsKTeW2bEwgoCjZlcAD/QMgLE9KGSVn4/LzC/OZwkPKcWKO CPTNIZK1P+HxaIW4BvvYtjLu2Qx5AgMBAAGjKjAoMBgGA1UdEQQRMA+BDWpvbkByYWRlbC5j b20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQBT+qFXV8sexrNOJuK8rhVpnCNF iFslD9Kelhon5Tt1tlTsw+B9F9B8ys9tfV559tzVqE+ULcqnjX2rsaJCwFmn6gyucCN0yGML h1O4ddsNQmoTOILyBCv/rkfO4tbXJM3si2JDNPZnL/0Rf3FpDTc3U3SnAdqE1a/8PGBTTmay VDCCAvMwggJcoAMCAQICEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEFBQAwYjELMAkG A1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNV BAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA5MDIyNTA0MTMy NloXDTEwMDIyNTA0MTMyNlowXjEOMAwGA1UEBBMFUmFkZWwxEzARBgNVBCoTCkpvbiBUaG9t YXMxGTAXBgNVBAMTEEpvbiBUaG9tYXMgUmFkZWwxHDAaBgkqhkiG9w0BCQEWDWpvbkByYWRl bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeT7qtj+euqWr2wXM7Onwr XJe9Jlc0CGaM69AcTWOFakRY7MUXrqcmF5WjrqrMoagfGjS362eb6787x313ZdLoGuQPh/o2 Mqp4BbSgcnGZRj82SxkUmSN6+2q5ZOOYA6JmfvJwmBuRQ8sHki4GnoSwbIc11a70/z4at5qR i8bb/RtmJYewnpwXErfuuq0hhVSsYKFPXELzSahlpyC+lUfIdgvLJGxc7eU5QuvtYmuohNjn 4k9CSJinvfjFbkvgbIgtvZxxmcE74NsKTeW2bEwgoCjZlcAD/QMgLE9KGSVn4/LzC/OZwkPK cWKOCPTNIZK1P+HxaIW4BvvYtjLu2Qx5AgMBAAGjKjAoMBgGA1UdEQQRMA+BDWpvbkByYWRl bC5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQBT+qFXV8sexrNOJuK8rhVp nCNFiFslD9Kelhon5Tt1tlTsw+B9F9B8ys9tfV559tzVqE+ULcqnjX2rsaJCwFmn6gyucCN0 yGMLh1O4ddsNQmoTOILyBCv/rkfO4tbXJM3si2JDNPZnL/0Rf3FpDTc3U3SnAdqE1a/8PGBT TmayVDCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhh d3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNp b24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJ ARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3 MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAo UHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBD QTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me 7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQq E88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEA AaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9j cmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIB BjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcN AQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNw PP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq72 6jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8xggNkMIIDYAIBATB2MGIxCzAJBgNVBAYT AlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNU aGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQHV4N5VjGEA7f3M4SceIBvDAJ BgUrDgMCGgUAoIIBwzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP Fw0xMDAyMTIxNzE5MjRaMCMGCSqGSIb3DQEJBDEWBBSWOOfgrcs6/C4Wc3LD+21dkzXP5jBS BgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0D AgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBhQYJKwYBBAGCNxAEMXgwdjBiMQswCQYD VQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UE AxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEB1eDeVYxhAO39zOEnHi AbwwgYcGCyqGSIb3DQEJEAILMXigdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3Rl IENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0ECEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEBBQAEggEAOx6I H2RG9AAJHfsH4COKNptHs7/Ad0w3ujcNT0bLAiSd+Enp8UiJbXZj0ACjIixiqHxpE7DkWv2j Ud6Qj7nB3e6hDHWbu8Kyj7QfxrtsVjxNa3Jsb/2vsgqrM/m1nQjyHGpr/3mE4RZixNy71QZ8 8YHUKdYih81V4AVHFpt1gwuw4UrMdPz6XpeXOccDv1gRLVQVvJJuLUa7eE6VxsI1qd+rXm2+ 01HJ584pe6BHKcV+4j5fHbdtyPYT8kwpzVMAHUOT7piJXbbnzY0oPOuQrRFKNEyGhYzy3MJH bbvnT0TID6yXr+EevnhyqQ44dKOc8EivZImsAB7U98W7Oo4LVQAAAAAAAA== --------------ms090502060902060000070803--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B758D9C.3030708>