On Tue, 29 May 2001 [EMAIL PROTECTED] wrote:
I see it as more than this. I see it as ensuring that the data on the disk does
not get accessed by anyone never intended to see it. (physically, of course).
I guess this would mostly be cool for thwarting things like police raids,
Although in
On Wed, May 30, 2001 at 03:01:17AM +0200, clemens wrote:
SAWFASP^*
as laws around the globe are forged to weak personal privacy,
police knocking on one's door, because of portscanning a
previously hacked website, and - i don't have to tell those
of you, which are reading slashdot - as
Couldn't you say something like I'm so sorry, I can't remember the pass
phrase, my mind has failed me...etc?
Are there real truth serums?
hehe,
Paul
Ethan Benson wrote:
On Wed, May 30, 2001 at 03:01:17AM +0200, clemens wrote:
SAWFASP^*
as laws around the globe are forged to weak
On Wed, May 30, 2001 at 01:08:21AM -0700, [EMAIL PROTECTED] wrote:
Couldn't you say something like I'm so sorry, I can't remember the pass
phrase, my mind has failed me...etc?
What about a more provable approach:
The passphrase could be changed automatically on every system
boot, and the new
On Wed, May 30, 2001 at 10:46:19AM +0200, Jan Niehusmann wrote:
On Wed, May 30, 2001 at 01:08:21AM -0700, [EMAIL PROTECTED] wrote:
Couldn't you say something like I'm so sorry, I can't remember the pass
phrase, my mind has failed me...etc?
What about a more provable approach:
The
On Wed, 30 May 2001, Jon Leonard wrote:
I'm not aware of any actual implementations, unfortunately.
http://www.mcdonald.org.uk/StegFS/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Wed, May 30, 2001 at 10:46:19AM +0200, Jan Niehusmann wrote:
On Wed, May 30, 2001 at 01:08:21AM -0700, [EMAIL PROTECTED] wrote:
Couldn't you say something like I'm so sorry, I can't remember the pass
phrase, my mind has failed me...etc?
What about a more provable approach:
The
On Wed, May 30, 2001 at 12:17:35PM +0900, Curt Howland wrote:
[cut]
but that only works at startup. if the system is running,
having the entire disk encrypted is no different than the
fact it's all in hex already. an individual user based
encryption means all you have to do is logout, not
On Wed, May 30, 2001 at 02:30:48AM -0700, Jon Leonard wrote:
I'm not aware of any actual implementations, unfortunately.
Rubberhose, www.rubberhose.org, implements deniable crypto,
exactly as you described.
--Jim
--
Jim Zajkowski
System Administrator
ITCS Contract Services
--
To
Sounds like you've almost everything covered. About the only things I
could recommend would be to run nessus against yourself and install
snort in IDS mode.
I could try that, I'd have to look up some info on the program. I assume
nessus checks for known vulnerabilities? Sounds ok, never
On Tue, May 29, 2001 at 11:54:29PM -0800, Ethan Benson wrote:
trouble is when your dealing with corrupt/fascist/evil
government/regimes encryption isn't going to do you much good, either
they will throw you in prison for refusing to disclose the decryption
key or worse they will use methods
On Wed, May 30, 2001 at 11:55:33AM +0200, kjfsgjks ksjgkfhfd wrote:
- use things like tripwire (but that?s only 100% safe if you set it up
before the machine?s connected to the net the first time)
Yeah I wanted to do that, but unfortunately I already had it connected for
like 24h or so.
On Wed, 30 May 2001, Zak Kipling wrote:
Although in some countries (eg Britain) you can be required by law to
disclose the decryption keys, and imprisoned if you fail to do so. The
only way around this is to use a steganographic approach where, in the
absence of the passphrase for a given
Having a crypto install option (even if it's a little more complex to
get) is still better than not having one.
At this point, all one can do is encrypt a filesystem off of a non-
encrypted root partition. Like removable media or something else that
is mounted by hand. There are some
I have some problems on one server.
Some times bind doesn't respond any more until it is restarted.
Then I only see domain traffic outgoing, not incoming and no reponses from
others servers.
It is the bind 1:8.2.3-0.potato.1
Is there any fixes/know problems to this version?
--
Carlos
It is the bind 1:8.2.3-0.potato.1
Is there any fixes/know problems to this version?
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=bind
From a security standpoint there are always problems with bind, but no
matter, there are much better DNS servers out there. I believe I saw
maradns enter
On Tue, 29 May 2001 [EMAIL PROTECTED] wrote:
I see it as more than this. I see it as ensuring that the data on the disk
does
not get accessed by anyone never intended to see it. (physically, of course).
I guess this would mostly be cool for thwarting things like police raids,
Although in
On Wed, May 30, 2001 at 03:01:17AM +0200, clemens wrote:
SAWFASP^*
as laws around the globe are forged to weak personal privacy,
police knocking on one's door, because of portscanning a
previously hacked website, and - i don't have to tell those
of you, which are reading slashdot - as
Couldn't you say something like I'm so sorry, I can't remember the pass
phrase, my mind has failed me...etc?
Are there real truth serums?
hehe,
Paul
Ethan Benson wrote:
On Wed, May 30, 2001 at 03:01:17AM +0200, clemens wrote:
SAWFASP^*
as laws around the globe are forged to weak
On Wed, May 30, 2001 at 01:08:21AM -0700, [EMAIL PROTECTED] wrote:
Couldn't you say something like I'm so sorry, I can't remember the pass
phrase, my mind has failed me...etc?
What about a more provable approach:
The passphrase could be changed automatically on every system
boot, and the new
On Wed, May 30, 2001 at 10:46:19AM +0200, Jan Niehusmann wrote:
On Wed, May 30, 2001 at 01:08:21AM -0700, [EMAIL PROTECTED] wrote:
Couldn't you say something like I'm so sorry, I can't remember the pass
phrase, my mind has failed me...etc?
What about a more provable approach:
The
On Wed, 30 May 2001, Jon Leonard wrote:
I'm not aware of any actual implementations, unfortunately.
http://www.mcdonald.org.uk/StegFS/
From: Ingmar Schrey [EMAIL PROTECTED]
Real system administrators are a bit paranoid I´m told...
...so that´s ok I think. ;)
hehe they *made* me paranoid!
- use things like tripwire (but that´s only 100% safe if you set it up
before the machine´s connected to the net the first time)
Yeah I
On Wed, May 30, 2001 at 10:46:19AM +0200, Jan Niehusmann wrote:
On Wed, May 30, 2001 at 01:08:21AM -0700, [EMAIL PROTECTED] wrote:
Couldn't you say something like I'm so sorry, I can't remember the pass
phrase, my mind has failed me...etc?
What about a more provable approach:
The
On Tue, May 29, 2001 at 08:02:50PM -0700, Paul Lowe wrote:
I like this. Would it be difficult to modify Debian, so that
upon install, it creates an encrypted root volume and starts
things off the right way?
3 things are needed to that upon installation:
- losetup -e your favourite chiper
On Wed, May 30, 2001 at 12:17:35PM +0900, Curt Howland wrote:
[cut]
but that only works at startup. if the system is running,
having the entire disk encrypted is no different than the
fact it's all in hex already. an individual user based
encryption means all you have to do is logout, not
it should also be possible to include basic network support
into the initrd to enable 'entering' a password remote.
we can't support all methods allowed by /etc/network/interfaces
(ppp/wvdial should be omitted..) but static/dhcp/bootp are
possible.
there authorization process could beneath
On Wed, May 30, 2001 at 02:30:48AM -0700, Jon Leonard wrote:
I'm not aware of any actual implementations, unfortunately.
Rubberhose, www.rubberhose.org, implements deniable crypto,
exactly as you described.
--Jim
--
Jim Zajkowski
System Administrator
ITCS Contract Services
Sounds like you've almost everything covered. About the only things I
could recommend would be to run nessus against yourself and install
snort in IDS mode.
I could try that, I'd have to look up some info on the program. I assume
nessus checks for known vulnerabilities? Sounds ok, never
On Tue, May 29, 2001 at 11:54:29PM -0800, Ethan Benson wrote:
trouble is when your dealing with corrupt/fascist/evil
government/regimes encryption isn't going to do you much good, either
they will throw you in prison for refusing to disclose the decryption
key or worse they will use methods
On Wed, May 30, 2001 at 11:55:33AM +0200, kjfsgjks ksjgkfhfd wrote:
- use things like tripwire (but that?s only 100% safe if you set it up
before the machine?s connected to the net the first time)
Yeah I wanted to do that, but unfortunately I already had it connected for
like 24h or so.
On Wed, 30 May 2001, Zak Kipling wrote:
Although in some countries (eg Britain) you can be required by law to
disclose the decryption keys, and imprisoned if you fail to do so. The
only way around this is to use a steganographic approach where, in the
absence of the passphrase for a given set
On Wed, 30 May 2001, Aaron Dewell wrote:
Having a crypto install option (even if it's a little more complex to
get) is still better than not having one.
I agree. I just wanted to remind people that we would need two sets of
install disks if we were to bundle crypto into the installation
I have some problems on one server.
Some times bind doesn't respond any more until it is restarted.
Then I only see domain traffic outgoing, not incoming and no reponses from
others servers.
It is the bind 1:8.2.3-0.potato.1
Is there any fixes/know problems to this version?
--
Carlos Barros.
It is the bind 1:8.2.3-0.potato.1
Is there any fixes/know problems to this version?
http://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=bind
From a security standpoint there are always problems with bind, but no
matter, there are much better DNS servers out there. I believe I saw
maradns enter
35 matches
Mail list logo