Re: Hardware advice: seeking echoes of running Linux-PC clusters

To: debian-user@lists.debian.org
Subject: Re: Hardware advice: seeking echoes of running Linux-PC clusters
From: stick@richnet.net
Date: Fri, 3 May 1996 20:21:47 -0400 (EDT)
Message-id: <[🔎] m0uFV6Z-000NhVC@bertha.richnet.net>
Reply-to: stick@richnet.net
In-reply-to: <Pine.3.89.9604301314.I1519-0100000@sadye.emba.uvm.edu> from "Don Gaffney" at Apr 30, 96 02:11:28 pm

Don Gaffney said:
> Date: Tue, 30 Apr 1996 14:11:28 -0400 (EDT)
> From: Don Gaffney <gaffney@emba.uvm.edu>
> Subject: Re: Hardware advice: seeking echoes of running Linux-PC clusters
> To: Neil Turton <ndt1001@chu.cam.ac.uk>
> Cc: lukas@teorica0.ifisicacu.unam.mx, debian-user@lists.debian.org
> 
> On Tue, 30 Apr 1996, Neil Turton wrote:
> 
> > Lukas Nellen <lukas@teorica0.ifisicacu.unam.mx> wrote:
> > > >From the point of view of security, do you really need a diskless
> > > system? If you set a bios password, set the bios to boot only from C
> > > and make sure that a password is required to enter single user mode,
> > > wouldn't that be just as secure? Or is there a loophole which I
> > > missed (not having tried this type of setup)? 
> > 
> 
> There are programs available on the net which will cause a BIOS checksum
> error. At bootup this error will allow the intruder into the BIOS setup 
> without a password (BIOS defaults are taken).
> 
This is a solvable problem.  Igel Ltd. [See ad in Linux Journal] has a
diskless PC running Linux they call an "Etherminal".  It doesn't have
regular BIOS installed - embedded Linux kernel in EEPROMs instead.

> The intruder can then boot off of a floppy and access the machine regardless
> of any OS security. NT, which is heralded as "C2 secure", and its NTFS
> file systems are just as susceptible as any Linux or DOS/Windows box.
> 
Etherminal also doesn't have a floppy drive, either.

> If you can't secure the machine, you can't secure the system. You can
> still secure information through encryption however. 
> 
The only secure house is one with no doors or windows.  Having systems in
userland is inevitable - though I've never seen the logic of giving floppy
drives to every user.  Especially in the virus-ridden world of DOS and
Windows.  Just doesn't make sense.

> Our own Senator Leahy (D-VT) has recently proposed that almost everything 
> be encrypted; S.1587 is sort of an encryption "Bill of Rights." Maybe
> someday (soon?) we will be able to put all this export/import munitions 
> ban garbage behind us.
> 
Don't hold your breath.  We'd need to get a Libertarian in the White-house
first, and that's going to take us a few more years.

> _____________________________________________________________________
> Don Gaffney (http://www.emba.uvm.edu/~gaffney)
> Engineering, Mathematics & Business Administration Computer Facility
> University of Vermont - 237 Votey Building - Burlington, VT  05405
> (802) 656-8490 - Fax: (802) 656-8802
> 

Chuck

--
Chuck Stickelman, Owner			E-Mail:	<stick@richnet.net>
Practical Network Design		Voice:	(419) 529-3841
9 Chambers Road				FAX:	(419) 529-3625
Mansfield, OH 44906-1302 USA
--

Reply to:

Prev by Date: Re: Ftpd annoyance - DIR doesn't work for anonymous ftp
Next by Date: Re: disabling daemons from init.d
Previous by thread: Re: Hardware advice: seeking echoes of running Linux-PC clusters
Next by thread: installing debian1.1 in a free partition
Index(es):
- Date
- Thread