At 05:01 PM 6/24/2000 -0400, Brian Chabot wrote:

read below :-)

>On Sat, 24 Jun 2000, Derek Martin wrote:
>
> > > The classified machines are generally protected by alarms, combination
> > > locks, badge magnetic strip readers, and 4-digit PIN electric locks
> > > (yes, all four - and you thought your procedures were a PITA?).  The
> > > classified and unclassified nets are kept apart by physical separation
> > > and/or NSA-approved crypto.  Still vulnerable to an inside job, of
> > > course - but it would require someone with a security clearance.
>
>Mission Impossible (the first one)?
>
> > Note that none of what you said says much about how the systems are
> > connected, and what kinds of security measures are taken to secure the
> > trusted hosts from eachother... from what you said, we could assume that
> > once you had access to one via your PIN, card, rectal scan, what have

rectal scan?  hrm....sounds embarrassing to me :-)

>                                                  ^^^^^^^^^^^
>
>Eew.  I'll pass, thanks.
>
>
> > you, that you had free reign across the network.  I doubt that's the case,
> > but you've left it to our imagination.
> >
> >
>
>I remember having heard that the most secure system would have to be
>unplugged, locked in a reinforced vault, under 24/7 trusted (AKA well
>paid with families held hostage) guards, and even then may be.
>
>On my own systems, it is a matter of trust.  Three people have root in
>case any two of us get in close with a large object with too much
>inertia.  Soon that may change, as the system stabilizes, and one person
>takes on responsibility for the box.
>
>Of course, our system mostly just handles regular email and web traffic,
>so it doesn't have to be fort knox.  But our billing system will
>be.  Even I don't have sudo on that one... and I keep the paper backups.
>
>
>Brian
>
>---------------------------------------------------------------
>|  [EMAIL PROTECTED]                Spam me and DIE!       |
>|                 http://www.datasquire.net                   |
>|                 Co-Founder & Co-Owner of                    |
>|              Data Squire Internet Services                  |
>---------------------------------------------------------------
>
>
>**********************************************************
>To unsubscribe from this list, send mail to
>[EMAIL PROTECTED] with the following text in the
>*body* (*not* the subject line) of the letter:
>unsubscribe gnhlug
>**********************************************************

Kurth Bemis - Senior Linux Network/Systems Administrator, USAExpress.net

[EMAIL PROTECTED]
http://www.usaexpress.net/kurth
ICQ - 6624050
Call Sign - N1TYW
PGP key available - http://www.usaexpress.net/kurth/pgp

Fight Weak Encryption!  Donate your wasted CPU cycles to Distributed.net 
(http://www.distributed.net)


**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************

Reply via email to