From owner-freebsd-questions@FreeBSD.ORG Fri Feb 12 17:19:43 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8454A10656A5 for ; Fri, 12 Feb 2010 17:19:43 +0000 (UTC) (envelope-from jon@radel.com) Received: from wave.radel.com (wave.radel.com [216.143.151.4]) by mx1.freebsd.org (Postfix) with ESMTP id 305C08FC25 for ; Fri, 12 Feb 2010 17:19:42 +0000 (UTC) Received: by wave.radel.com (CommuniGate Pro PIPE 4.1.6) with PIPE id 9422748; Fri, 12 Feb 2010 12:19:41 -0500 Received: from [192.168.43.221] (account jon@radel.com HELO braeburn.local) by wave.radel.com (CommuniGate Pro SMTP 4.1.6) with ESMTP-TLS id 9422745 for freebsd-questions@freebsd.org; Fri, 12 Feb 2010 12:19:24 -0500 Message-ID: <4B758D9C.3030708@radel.com> Date: Fri, 12 Feb 2010 12:19:24 -0500 From: Jon Radel User-Agent: Thunderbird 2.0.0.19 (Macintosh/20081209) MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <0B47F5A9-A603-408F-A727-E81739E539C5@andersonbrothers.biz> <201002091059.27019.mike.jeays@rogers.com> <201002120124.o1C1OS3o015060@banyan.cs.ait.ac.th> <4B751F70.8060402@gmail.com> <20100212080524.B67483@starfire.mn.org> <6201873e1002120619rc40fb34n98bbb2b0db8b6b43@mail.gmail.com> In-Reply-To: <6201873e1002120619rc40fb34n98bbb2b0db8b6b43@mail.gmail.com> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms090502060902060000070803" X-Radel.com-MailScanner-Information: Please contact Jon for more information X-Radel.com-MailScanner: Found to be clean X-Mailer: CommuniGate Pro CLI mailer Subject: Re: PASSWORD LOST!! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Feb 2010 17:19:43 -0000 This is a cryptographically signed message in MIME format. --------------ms090502060902060000070803 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Adam Vande More wrote: > On Fri, Feb 12, 2010 at 8:05 AM, John wrote: > >> People, people - be careful that we are not creating a formula to >> break into FreeBSD servers around the world... >> >> The only acceptable solution is for someone in Eric's organization >> to secure physical access to the server. It may be in a co-lo >> situation, but if that's true, they must have a contract open and, >> if nothing else, they terminate the contract and get the machine >> back, though more likely, the contract allows them supervised >> access. Machines are not perfect - even without losing the root >> password, they break and need maintenance - this is a MAINTENANCE >> event and should be treated as such, just like a hard drive failure >> or a NIC failure. >> >> Creating a scheme for someone to break into FreeBSD systems remotely >> or to publicize schemes people have created to remotely manage their >> systems in ways that could be used to compromise them is foolishness! >> >> Regardless of the purity of his intention, Eric is asking us to >> tell him how to break into our homes or steal our cars. ;) >> > > Security through obscurity is no security, hence it is a good exercise. > > Quite. In any case, the OP started out by telling us how he had plugged a monitor into the server, so we're several degrees removed from reality by this point. -- --Jon Radel jon@radel.com --------------ms090502060902060000070803 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJMTCC AvMwggJcoAMCAQICEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UE BhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMT I1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA5MDIyNTA0MTMyNloX DTEwMDIyNTA0MTMyNlowXjEOMAwGA1UEBBMFUmFkZWwxEzARBgNVBCoTCkpvbiBUaG9tYXMx GTAXBgNVBAMTEEpvbiBUaG9tYXMgUmFkZWwxHDAaBgkqhkiG9w0BCQEWDWpvbkByYWRlbC5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeT7qtj+euqWr2wXM7OnwrXJe9 Jlc0CGaM69AcTWOFakRY7MUXrqcmF5WjrqrMoagfGjS362eb6787x313ZdLoGuQPh/o2Mqp4 BbSgcnGZRj82SxkUmSN6+2q5ZOOYA6JmfvJwmBuRQ8sHki4GnoSwbIc11a70/z4at5qRi8bb /RtmJYewnpwXErfuuq0hhVSsYKFPXELzSahlpyC+lUfIdgvLJGxc7eU5QuvtYmuohNjn4k9C SJinvfjFbkvgbIgtvZxxmcE74NsKTeW2bEwgoCjZlcAD/QMgLE9KGSVn4/LzC/OZwkPKcWKO CPTNIZK1P+HxaIW4BvvYtjLu2Qx5AgMBAAGjKjAoMBgGA1UdEQQRMA+BDWpvbkByYWRlbC5j b20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQBT+qFXV8sexrNOJuK8rhVpnCNF iFslD9Kelhon5Tt1tlTsw+B9F9B8ys9tfV559tzVqE+ULcqnjX2rsaJCwFmn6gyucCN0yGML h1O4ddsNQmoTOILyBCv/rkfO4tbXJM3si2JDNPZnL/0Rf3FpDTc3U3SnAdqE1a/8PGBTTmay VDCCAvMwggJcoAMCAQICEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEFBQAwYjELMAkG A1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNV BAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA5MDIyNTA0MTMy NloXDTEwMDIyNTA0MTMyNlowXjEOMAwGA1UEBBMFUmFkZWwxEzARBgNVBCoTCkpvbiBUaG9t YXMxGTAXBgNVBAMTEEpvbiBUaG9tYXMgUmFkZWwxHDAaBgkqhkiG9w0BCQEWDWpvbkByYWRl bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeT7qtj+euqWr2wXM7Onwr XJe9Jlc0CGaM69AcTWOFakRY7MUXrqcmF5WjrqrMoagfGjS362eb6787x313ZdLoGuQPh/o2 Mqp4BbSgcnGZRj82SxkUmSN6+2q5ZOOYA6JmfvJwmBuRQ8sHki4GnoSwbIc11a70/z4at5qR i8bb/RtmJYewnpwXErfuuq0hhVSsYKFPXELzSahlpyC+lUfIdgvLJGxc7eU5QuvtYmuohNjn 4k9CSJinvfjFbkvgbIgtvZxxmcE74NsKTeW2bEwgoCjZlcAD/QMgLE9KGSVn4/LzC/OZwkPK cWKOCPTNIZK1P+HxaIW4BvvYtjLu2Qx5AgMBAAGjKjAoMBgGA1UdEQQRMA+BDWpvbkByYWRl bC5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQBT+qFXV8sexrNOJuK8rhVp nCNFiFslD9Kelhon5Tt1tlTsw+B9F9B8ys9tfV559tzVqE+ULcqnjX2rsaJCwFmn6gyucCN0 yGMLh1O4ddsNQmoTOILyBCv/rkfO4tbXJM3si2JDNPZnL/0Rf3FpDTc3U3SnAdqE1a/8PGBT TmayVDCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhh d3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNp b24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJ ARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3 MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAo UHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBD QTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me 7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQq E88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEA AaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9j cmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIB BjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcN AQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNw PP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq72 6jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8xggNkMIIDYAIBATB2MGIxCzAJBgNVBAYT AlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNU aGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQHV4N5VjGEA7f3M4SceIBvDAJ BgUrDgMCGgUAoIIBwzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP Fw0xMDAyMTIxNzE5MjRaMCMGCSqGSIb3DQEJBDEWBBSWOOfgrcs6/C4Wc3LD+21dkzXP5jBS BgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0D AgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBhQYJKwYBBAGCNxAEMXgwdjBiMQswCQYD VQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UE AxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEB1eDeVYxhAO39zOEnHi AbwwgYcGCyqGSIb3DQEJEAILMXigdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3Rl IENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0ECEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEBBQAEggEAOx6I H2RG9AAJHfsH4COKNptHs7/Ad0w3ujcNT0bLAiSd+Enp8UiJbXZj0ACjIixiqHxpE7DkWv2j Ud6Qj7nB3e6hDHWbu8Kyj7QfxrtsVjxNa3Jsb/2vsgqrM/m1nQjyHGpr/3mE4RZixNy71QZ8 8YHUKdYih81V4AVHFpt1gwuw4UrMdPz6XpeXOccDv1gRLVQVvJJuLUa7eE6VxsI1qd+rXm2+ 01HJ584pe6BHKcV+4j5fHbdtyPYT8kwpzVMAHUOT7piJXbbnzY0oPOuQrRFKNEyGhYzy3MJH bbvnT0TID6yXr+EevnhyqQ44dKOc8EivZImsAB7U98W7Oo4LVQAAAAAAAA== --------------ms090502060902060000070803--