Date: Tue, 7 Feb 2012 13:29:03 +0000 From: Frank Shute <frank@shute.org.uk> To: Henry Olyer <henry.olyer@gmail.com> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: on hammer's, security, and centrifuges... Message-ID: <20120207132903.GA4616@orange.esperance-linux.co.uk> In-Reply-To: <CAE7N2ke-eEg3QqD3OfD_AJ6Yx78wwhOiApwVYsDQXhxU14JgAQ@mail.gmail.com> References: <CAE7N2ke-eEg3QqD3OfD_AJ6Yx78wwhOiApwVYsDQXhxU14JgAQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Feb 07, 2012 at 07:03:50AM -0500, Henry Olyer wrote: > > So I was coding along... >=20 > On my laptop, on session #1, and I get a notice that someone did an su. > Except I'm the only user and I didn't have an ethernet cord connected. > (And no, it wasn't me...) "someone". Whom? Show us the log. >=20 > I just built this laptop a few days ago. Fresh. I did have to get on the > net to download/make/install a few critical packages. I do development. > And research. >=20 > My guess, not one shred of evidence, is that someone got in while I was > re-building packages. Some, (for example Maxima,) take hours. And becau= se > of problems with gnuplot and pdflib, won't build as packages without > re-compilation. Compare times of su to time when you were building. >=20 > Look, I'm going to use FreeBSD as long as both it and I am around, it's > just the best choice for me, for my user's. But we need to improve > security. >=20 > I'm not a security expert, my work is in another area. But I would like = to > suggest that the FBSD be enhanced so that each load module, each compiled > program, contain a DSA-based public key. Yes, this would make installing > and maintaining systems an all-day run. But some of us need a higher > degree of security than is presently available. >=20 > For now, until I remake my laptop, I'm going to disable the ath0 wireless. Did you use the procedure outlined in the handbook? It uses WAP and is pretty secure. >=20 > How? What's the best method to make certain that my wireless chip is > turned off? Turn the chip off in the BIOS. But that is overkill. Can probably ifconfig ath0 down or something of the sort. >=20 > Or is this something best accomplished with a hammer? Not a pleasant > thought... >=20 > (Oh, and centrifuges?, well two out of three isn't bad. About centrifuges > I got nothing.) >=20 > Is their something I can do that would help the FBSD security people?, or, > is hacking so routine that it wouldn't help to know the particulars. > sigh... No, it would help to know the particulars. Regards, --=20 Frank Contact info: http://www.shute.org.uk/misc/contact.html --9jxsPFA5p3P2qPhR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iEYEARECAAYFAk8xJx4ACgkQHduKvUAgeK7S3QCeN7+y537+SukPADa+/geaI27O 1RUAoIiQg6laelpyPVQ2nYtQLlTBj/oX =uSu3 -----END PGP SIGNATURE----- --9jxsPFA5p3P2qPhR--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120207132903.GA4616>