Re: Problems with root on network clients

To: "debian-security@lists.debian.org" <debian-security@lists.debian.org>
Subject: Re: Problems with root on network clients
From: "J-E.Schulz" <schulz@cobolt.net>
Date: Thu, 23 Nov 2000 16:10:12 +0000
Message-id: <[🔎] 3A1D4164.299F8103@cobolt.net>

... verify the recipient Luke before pressing the "send" button ;-)

"J-E.Schulz" wrote:
> 
> Hi,
> 
> as long as the server machines resides in a _really_
> restricted area (e.g. a machine room which may by
> physically accessed only by trusted staff members)
> You may have the chance to securly detect any physical
> intrusion to the exposed clients.
> 
> You may use a network boot server, suppling each client
> the / and /etc directory. They may reside on a clients
> ramdisk or overwriteable hard-disk partition.
> 
> Require the clients to do their IP configuration via
> DHCP or BOOTP, and if security is really a concern
> ensure that the server supervise the reachability of
> each client (e.g. ping each machine every 10 seconds)
> and set them on a deny list (e.g. ipchains/iptables input
> queue), if they don`t answer.
> 
> So since rebooting manually, requires time (more than 10 seconds)
> the physical intusion gets dectected and the offending
> machine gets banned from further access to (any, when
> get informed)  other server or client on your local network.
> 
> hope this helps, yours
> 
>         J-E

Reply to:

Follow-Ups:
- Re: Problems with root on network clients
  - From: Brad Allen <Ulmo@Q.Net>

Prev by Date: Re: nss-ldap security bug
Next by Date: Re: Problems with root on network clients
Previous by thread: RE: Problems with root on network clients
Next by thread: Re: Problems with root on network clients
Index(es):
- Date
- Thread