On Wed, Aug 19, 2015 at 8:22 AM, Vince Coen <vbc...@gmail.com> wrote:
> Err you have to read this a little closer : > > " leaders of the U.S. office of personal management .. explain " > > > So these people experienced it, what exactly ? > > Knowledge of any form of IT !! ? > > There again could have down a simple search on Google and believed what > they read on the internet and even worse via Google. > > > There again when I see the date on Google I double check :) > > This shortly is a case of the blind leading the blind, no ? > > As for the case of mainframes being open to hacking - well any system can > if the user name/password system is not maintained and likewise the front > end concentrator not have its own security fully in place. > > High secure systems only accept user login's from known IP and MAC > addresses that are pre-stored. > > As a remote worked these days I have to declare all computer kit I use to > access client system with: > > My IP addresses > Good, but can be gotten around (with difficulty) if you can mess with the host's ARP cache. > The MAC code for each box > Easy to spool a MAC address using a Linux machine. > My encrypted password if their system can handle it - in my case I use > 1024 byte folded coding . > This is the best. I've not looked at this much, but it may be possible to circumvent by a determined person with an MITM attack. What I use for things such as GMail, GitHub, and Twitter is Two Factor authentication. For GMail & GitHub, there is a Google app which is a "secure keyed time token" generator. For Twitter, they SMS text a 6 digit code to my phone. So for any of those sites, I must have my phone on me. The place where I work _used_ to have a VPN with a dedicated secure token key issued to you. Everybody had their own token key. You could use it only to log on using your assigned id. Your key + other id == no connection. But it was "too expensive". And "not a Microsoft solution". So bye-bye. > > Can't say I have found any one getting though those (so far). > > > > Vince > IT since 1961. > > -- Schrodinger's backup: The condition of any backup is unknown until a restore is attempted. Yoda of Borg, we are. Futile, resistance is, yes. Assimilated, you will be. He's about as useful as a wax frying pan. 10 to the 12th power microphones = 1 Megaphone Maranatha! <>< John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN