From owner-freebsd-questions Thu Nov 8 7:29:58 2001 Delivered-To: freebsd-questions@freebsd.org Received: from pr0n.kutulu.org (pr0n.kutulu.org [151.196.107.157]) by hub.freebsd.org (Postfix) with ESMTP id F28E237B421 for ; Thu, 8 Nov 2001 07:29:55 -0800 (PST) Received: (from kutulu@localhost) by pr0n.kutulu.org (8.11.6/8.11.6) id fA8FTiS10388; Thu, 8 Nov 2001 10:29:44 -0500 (EST) (envelope-from kutulu) Date: Thu, 8 Nov 2001 10:29:44 -0500 From: Kutulu To: Anthony Atkielski Cc: Giorgos Keramidas , questions@FreeBSD.ORG Subject: Re: Lockdown of FreeBSD machine directly on Net Message-ID: <20011108102944.C10218@pr0n.kutulu.org> References: <15330.23714.263323.466739@guru.mired.org> <00b501c1637b$1cd2f880$0a00000a@atkielski.com> <20011102095554.A38169@student.uu.se> <00d801c1637c$d3264640$0a00000a@atkielski.com> <20011102055416.B67495@klatsch.org> <012101c16391$3f31ca80$0a00000a@atkielski.com> <20011108045340.A2965@hades.hell.gr> <003401c1682d$7a623cc0$0a00000a@atkielski.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <003401c1682d$7a623cc0$0a00000a@atkielski.com>; from anthony@atkielski.com on Thu, Nov 08, 2001 at 09:15:06AM +0100 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Nov 08, 2001 at 09:15:06AM +0100, Anthony Atkielski wrote: > Giorgos writes: > > > Think of the damage that someone can do, if > > they come with a floppy and steal the keypair > > that you use to SSH as root. > > An important prerequisite to good security is physical security of the server. > If you allow direct physical access to the machine, all bets are off. Some Exactly. To address the specific case Giorgos presents: if someone with a floppy can get the keypair you use to SSH as root, they can already read files that should only be root-readable, which means they've either: 1) Already logged on as root, or 2) Bypassed the file security. In this case, they can also get a copy of master.password and run it through a password decryption program, and possibly even replace system binaries. To say that a particular security measure is useless because someone with physical access to the machine can bypass it, makes pretty much ALL security measures useless. All you can do is take every precaution to physically secure the machine, then work on securing it more from those who can't get to it physically (which is hopefully, everyone else). --K To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message