From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss-
bounces+blu=nedharvey@blu.org] On Behalf Of Matthew Gillen
This is not without new attack vectors: you can only trust DNS responses
as far as DNS-SEC goes, which unfortunately ends one-hop before
end-systems (unless you
On 11/25/2014 06:28 AM, Edward Ned Harvey (blu) wrote:
From: discuss-bounces+blu=nedharvey@blu.org [mailto:discuss-
bounces+blu=nedharvey@blu.org] On Behalf Of Matthew Gillen
This is not without new attack vectors: you can only trust DNS responses
as far as DNS-SEC goes, which
I have an auto mounted directory where I want to restrict access to only
members of a specific group, lets call it foogroup for now. I didn't want
to use netgroups for a number of reasons in that the NAS is run by a
separate team, and they use a different LDAP server than we do.
The way I set up
On 11/25/2014 6:28 AM, Edward Ned Harvey (blu) wrote:
Based on my understanding of DNSSEC, it doesn't add security except
in esoteric edge cases.
DNSSEC exists to solve one problem: cache poisoning. It does so by
digitally signing entire zones. That's not security; it's authenticity.
If
On 11/25/2014 9:38 AM, Jerry Feldman wrote:
The way I set up the original top level directory is:
chmod 2770: rwxrws--- foogroup
But when I create a subdirectory I get:
rwx--S---
What's your umask?
--
Rich P.
___
Discuss mailing list
Discuss@blu.org
So the problem I was having where neither of my two
previously working wireless routers could get a DHCP response
from RCN cable modem has been fixed.
I needed two things:
1) Time. I really did need to power off everything for 20 minutes.
2) Isolation of the RCN provided Actiontec MoCa
On 11/25/2014 11:09 AM, Jerry Natowitz wrote:
Well, it seems that the MoCa bridge does something when plugged
directly into either of my wireless routers that it does not do when
a wired switch is placed between them.
Auto-negotiation glitch?
--
Rich P.
On Mon, Nov 24, 2014 at 09:35:16PM -0500, Richard Pieri wrote:
On 11/24/2014 3:20 PM, Derek Martin wrote:
It is a practical impossibility for you (or your organization) to
actually truly authenticate each and every entity with whom you do
business on the Internet.
I don't agree with the
On Tue, Nov 25, 2014 at 10:15:51AM -0500, Richard Pieri wrote:
On 11/25/2014 6:28 AM, Edward Ned Harvey (blu) wrote:
Based on my understanding of DNSSEC, it doesn't add security except
in esoteric edge cases.
DNSSEC exists to solve one problem: cache poisoning. It does so by
digitally
On 11/25/2014 1:15 PM, Derek Martin wrote:
Let's say I meet you on the street, and you tell me you are Steven
Smith, and produce very good fake ID to that effect. As it happens
(in this scenario) I am exceptionally good at spotting fake ID. I
prove that your ID is fake. This does not prove to
On Tue, Nov 25, 2014 at 02:52:47PM -0500, Richard Pieri wrote:
On 11/25/2014 1:15 PM, Derek Martin wrote:
Let's say I meet you on the street, and you tell me you are Steven
Smith, and produce very good fake ID to that effect. As it happens
(in this scenario) I am exceptionally good at
On 11/25/2014 3:56 PM, Derek Martin wrote:
Oh, right, just like the web of trusted certificate authorities. It's
a solved problem, so we really don't need to continue this discussion!
Certificate authorities are not webs of trust. They are the opposite of
webs of trust.
--
Rich P.
On Tue, Nov 25, 2014 at 04:18:34PM -0500, Richard Pieri wrote:
On 11/25/2014 3:56 PM, Derek Martin wrote:
Oh, right, just like the web of trusted certificate authorities. It's
a solved problem, so we really don't need to continue this discussion!
Certificate authorities are not webs of
I'm at home, but I think it is 0002 but I'll check in the morning.
The most important issue is to set up the top level directory with owner
root, and group foogroup. This will prevent unauthorized people from
being able to get into the directory.
I changed the subdirectories with rwxrwx and our
On Tue, Nov 25, 2014 at 09:38:52AM -0500, Jerry Feldman wrote:
I have an auto mounted directory where I want to restrict access to only
members of a specific group, lets call it foogroup for now. I didn't want
to use netgroups for a number of reasons in that the NAS is run by a
separate team,
On 11/25/2014 4:31 PM, Derek Martin wrote:
Yes, that was my point. Social networks are not either... unless you
think someone who has over 1,000 friends on facebook actually
completely trusts every one of them.
You don't need to completely trust every one of them. You just need to
trust a
...but complete security is a fairy tale...
VMS?
ducks away quickly
---
Steven Santos
Director
Simply Circus, Inc.
86 Los Angeles Street
Newton, MA 02458
P: 617-527-0667
F: 617-934-1870
E: ste...@simplycircus.com
On Tue, Nov 25, 2014 at 1:40 PM, Derek Martin inva...@pizzashack.org wrote:
On
17 matches
Mail list logo
