At 05:01 PM 6/24/2000 -0400, Brian Chabot wrote:
read below :-)
>On Sat, 24 Jun 2000, Derek Martin wrote:
>
> > > The classified machines are generally protected by alarms, combination
> > > locks, badge magnetic strip readers, and 4-digit PIN electric locks
> > > (yes, all four - and you thought your procedures were a PITA?). The
> > > classified and unclassified nets are kept apart by physical separation
> > > and/or NSA-approved crypto. Still vulnerable to an inside job, of
> > > course - but it would require someone with a security clearance.
>
>Mission Impossible (the first one)?
>
> > Note that none of what you said says much about how the systems are
> > connected, and what kinds of security measures are taken to secure the
> > trusted hosts from eachother... from what you said, we could assume that
> > once you had access to one via your PIN, card, rectal scan, what have
rectal scan? hrm....sounds embarrassing to me :-)
> ^^^^^^^^^^^
>
>Eew. I'll pass, thanks.
>
>
> > you, that you had free reign across the network. I doubt that's the case,
> > but you've left it to our imagination.
> >
> >
>
>I remember having heard that the most secure system would have to be
>unplugged, locked in a reinforced vault, under 24/7 trusted (AKA well
>paid with families held hostage) guards, and even then may be.
>
>On my own systems, it is a matter of trust. Three people have root in
>case any two of us get in close with a large object with too much
>inertia. Soon that may change, as the system stabilizes, and one person
>takes on responsibility for the box.
>
>Of course, our system mostly just handles regular email and web traffic,
>so it doesn't have to be fort knox. But our billing system will
>be. Even I don't have sudo on that one... and I keep the paper backups.
>
>
>Brian
>
>---------------------------------------------------------------
>| [EMAIL PROTECTED] Spam me and DIE! |
>| http://www.datasquire.net |
>| Co-Founder & Co-Owner of |
>| Data Squire Internet Services |
>---------------------------------------------------------------
>
>
>**********************************************************
>To unsubscribe from this list, send mail to
>[EMAIL PROTECTED] with the following text in the
>*body* (*not* the subject line) of the letter:
>unsubscribe gnhlug
>**********************************************************
Kurth Bemis - Senior Linux Network/Systems Administrator, USAExpress.net
[EMAIL PROTECTED]
http://www.usaexpress.net/kurth
ICQ - 6624050
Call Sign - N1TYW
PGP key available - http://www.usaexpress.net/kurth/pgp
Fight Weak Encryption! Donate your wasted CPU cycles to Distributed.net
(http://www.distributed.net)
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
