Re: Security Practices question

On Wed, 02 Oct 2002 17:48:16 PDT, just me said: In an situation where the team needs root; all per-admin UID 0 accounts add is accountability and personalized shells/environments. Accountability is always good, but you can do even better with sudo (Sorry, I couldn't resist). As far as

Re: Security Practices question

On Wed, Oct 02, 2002 at 05:48:16PM -0700, [EMAIL PROTECTED] said: On Wed, 2 Oct 2002, Scott Francis wrote: Can you back up that statement in /any/ way? What exactly are your reasons why sudo is a worse solution (or even a bad idea)? In an environment where every sysadmin is

Re: Security Practices question

On Thu, 3 Oct 2002, Scott Francis wrote: On Wed, Oct 02, 2002 at 05:48:16PM -0700, [EMAIL PROTECTED] said: In an environment where every sysadmin is interchangable, and any one of them can be woken up at 3am to fix the random problem of the day, you tell me how to manage 'sudoers' on

Re: Security Practices question

On Thu, Oct 03, 2002 at 09:57:10AM -0700, [EMAIL PROTECTED] said: On Thu, 3 Oct 2002, Scott Francis wrote: On Wed, Oct 02, 2002 at 05:48:16PM -0700, [EMAIL PROTECTED] said: In an environment where every sysadmin is interchangable, and any one of them can be woken up at 3am to fix

Re: Security Practices question

You still haven't given me a single example of what these problems are. Just hand-waving and talk about the right way is. It is rather simple and had been addressed lots of times. I really fail to understand why people do keep re-inventing the wheel. Give your admins crypto cards. Make

Re: Security Practices question

Scott == Scott Francis [EMAIL PROTECTED] writes: Scott You don't _have_ logins directly to 4000 machines. You have Scott a central admin host (or five) with user-level Scott accounts. Those user-level accounts can 'sudo ssh target' Scott to accomplish things as

Re: Security Practices question

I was assuming a more complex configuration than the wide-open one advocated by Barb, which seems to add little to no security benefit. I'm sorry I wasn't clear on this point; of course pushing out a single file to n machines shouldn't be a problem. Of course. And a complex sudoers setup can

Re: Security Practices question

On Tue, Oct 01, 2002 at 02:43:41PM -0700, [EMAIL PROTECTED] said: [snip] I have question for the security community on NANOG. What is your learned opinion of having host accounts (unix machines) with UID/GID of 0:0 otherwords jmbrown_r:password:0:0:John M.

Re: Security Practices question

On Wed, Oct 02, 2002 at 11:34:38AM -0700, [EMAIL PROTECTED] said: [snip] This is a really /really/ REALLY bad idea. I had nightmare issues dealing with a network formerly run by a 'sysadmin' who thought every user that might need to do something as root should have a uidzero account.

Re: Security Practices question

On Tue, Oct 01, 2002 at 02:43:41PM -0700, [EMAIL PROTECTED] said: [snip] On Mon, Sep 23, 2002 at 02:44:34PM -0700, Scott Francis wrote: On Sun, Sep 22, 2002 at 03:22:11PM -0700, [EMAIL PROTECTED] said: I have question for the security community on NANOG. What is your learned

Re: Security Practices question

On Wed, Oct 02, 2002 at 04:06:00PM -0400, [EMAIL PROTECTED] said: [ On Wednesday, October 2, 2002 at 11:47:12 (-0700), Scott Francis wrote: ] Subject: Re: Security Practices question Absolutely so - which is why no account should have multiple equally valid passwords, which is what

Re: Security Practices question

On Wed, Oct 02, 2002 at 05:08:05PM -0400, [EMAIL PROTECTED] said: [ On Wednesday, October 2, 2002 at 13:26:15 (-0700), Scott Francis wrote: ] Subject: Re: Security Practices question grr. Please read Barb's post about exactly why multiple aliases for the UID 0 account is a Bad Idea. It's

Re: Security Practices question

On Wed, 2 Oct 2002, Scott Francis wrote: Can you back up that statement in /any/ way? What exactly are your reasons why sudo is a worse solution (or even a bad idea)? In an environment where every sysadmin is interchangable, and any one of them can be woken up at 3am to fix the random

Re: Security Practices question

jm Date: Wed, 2 Oct 2002 17:48:16 -0700 (PDT) jm From: just me jm In an environment where every sysadmin is interchangable, and jm any one of them can be woken up at 3am to fix the random jm problem of the day, you tell me how to manage 'sudoers' on jm 4000 machines. krb5/ksu Eddy --

Re: Security Practices question

On Wed, 2 Oct 2002, just me wrote: In an environment where every sysadmin is interchangable, and any one of them can be woken up at 3am to fix the random problem of the day, you tell me how to manage 'sudoers' on 4000 machines. In an situation where the team needs root; all per-admin UID 0

Re: Security Practices question

On Wed, Oct 02, 2002 at 05:48:16PM -0700, just me wrote: On Wed, 2 Oct 2002, Scott Francis wrote: Can you back up that statement in /any/ way? What exactly are your reasons why sudo is a worse solution (or even a bad idea)? In an environment where every sysadmin is interchangable,

Re: Security Practices question

At 05:48 PM 10/2/02 -0700, just me wrote: In an environment where every sysadmin is interchangable, and any one of them can be woken up at 3am to fix the random problem of the day, you tell me how to manage 'sudoers' on 4000 machines. Sudo provides for one master sudoers file that you can copy

Re: Security Practices question

could use scp also. Altho not as secure you'd need null keys. But could also have the same issues with rdist. Joel Baker wrote: On Wed, Oct 02, 2002 at 05:48:16PM -0700, just me wrote: On Wed, 2 Oct 2002, Scott Francis wrote: Can you back up that statement in /any/ way? What exactly

Re: Security Practices question

eddy == E B Dreger [EMAIL PROTECTED] writes: jm Date: Wed, 2 Oct 2002 17:48:16 -0700 (PDT) jm From: just me jm In an environment where every sysadmin is interchangable, and any jm one of them can be woken up at 3am to fix the random problem of jm the day, you tell me how to manage 'sudoers'

Re: Security Practices question

On Sun, Sep 22, 2002 at 03:22:11PM -0700, [EMAIL PROTECTED] said: I have question for the security community on NANOG. What is your learned opinion of having host accounts (unix machines) with UID/GID of 0:0 otherwords jmbrown_r:password:0:0:John M.

Security Practices question

I have question for the security community on NANOG. What is your learned opinion of having host accounts (unix machines) with UID/GID of 0:0 otherwords jmbrown_r:password:0:0:John M. Brown:/export/home/jmbrown:/bin/mysh The argument is that way you don't hav to give out the root

Re: Security Practices question

On Sun, 22 Sep 2002, John M. Brown wrote: What is your learned opinion of having host accounts (unix machines) with UID/GID of 0:0 otherwords jmbrown_r:password:0:0:John M. Brown:/export/home/jmbrown:/bin/mysh The argument is that way you don't hav to give out the root password,

Really, really, really off topic, but (was Re: Security Practices question)

John M. Brown wrote: I have question for the security community on NANOG. I confess that I think of NANOG as not being a security community, rather it is a group of north american network operators. That said, you can find all sorts of info for the somewhat naive question below by a slightly

Re: Really, really, really off topic, but (was Re: Security Practices question)

see below On Sun, Sep 22, 2002 at 03:47:56PM -0700, Etaoin Shrdlu wrote: John M. Brown wrote: I have question for the security community on NANOG. I confess that I think of NANOG as not being a security community, rather it is a group of north american network operators. That said,

Re: Security Practices question

JMB Date: Sun, 22 Sep 2002 15:22:11 -0700 JMB From: John M. Brown JMB jmbrown_r:password:0:0:John M. Brown:/export/home/jmbrown:/bin/mysh Kerberos. ksu is a good thing. Ignoring physical ttys on home machines, insecure is the way to go on all ttys in /etc/ttys (BSD). Eddy -- Brotsman