Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 7 Feb 2012 13:29:03 +0000
From:      Frank Shute <>
To:        Henry Olyer <>
Cc:        FreeBSD Mailing List <>
Subject:   Re: on hammer's, security, and centrifuges...
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Feb 07, 2012 at 07:03:50AM -0500, Henry Olyer wrote:
> So I was coding along...
> On my laptop, on session #1, and I get a notice that someone did an su.
>  Except I'm the only user and I didn't have an ethernet cord connected.
>  (And no, it wasn't me...)

"someone". Whom? Show us the log.
> I just built this laptop a few days ago.  Fresh.  I did have to get on the
> net to download/make/install a few critical packages.  I do development.
>  And research.
> My guess, not one shred of evidence, is that someone got in while I was
> re-building packages.  Some, (for example Maxima,) take hours.  And becau=
> of problems with gnuplot and pdflib, won't build as packages without
> re-compilation.

Compare times of su to time when you were building.

> Look, I'm going to use FreeBSD as long as both it and I am around, it's
> just the best choice for me, for my user's.  But we need to improve
> security.
> I'm not a security expert, my work is in another area.  But I would like =
> suggest that the FBSD be enhanced so that each load module, each compiled
> program, contain a DSA-based public key.  Yes, this would make installing
> and maintaining systems an all-day run.  But some of us need a higher
> degree of security than is presently available.
> For now, until I remake my laptop, I'm going to disable the ath0 wireless.

Did you use the procedure outlined in the handbook? It uses WAP and is
pretty secure.

> How?  What's the best method to make certain that my wireless chip is
> turned off?

Turn the chip off in the BIOS. But that is overkill. Can probably
ifconfig ath0 down or something of the sort.

> Or is this something best accomplished with a hammer?  Not a pleasant
> thought...
> (Oh, and centrifuges?, well two out of three isn't bad.  About centrifuges
> I got nothing.)
> Is their something I can do that would help the FBSD security people?, or,
> is hacking so routine that it wouldn't help to know the particulars.
>  sigh...

No, it would help to know the particulars.




 Contact info:

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v2.0.16 (FreeBSD)



Want to link to this message? Use this URL: <>