<br>you forgot to mention, stick in a lead box and throw it into the sea. ;-)<br><br>passwords , should be something you know, and something you own?<br><br>I like to think they should be some you are, but I don't want my eye's <br>gouged out, my dna cloned, or my fingers cut off, or computer invading<br>my privacy even more.<br><br>you've got to have open ports for servers, public servers without open <br>ports.... not much use are they.<br><br><br>rookit are rare(ish) as the level of expertise to write one is high. don't think<br>close source o/s rootkits are any harder to write , they just take longer<br>to figure out, and are probably of more value because only a handful of people<br>actually know what the kernel is supposed to be doing.<br><br>We need a whole new thinking on computer hardware, in fact linux on bios<br>would be interesting, because you initial kernel can be loaded from a secure chip.<br>nice.<br><br>All the solutions for boot integrity seem to focus on
DRM for client machines,when in fact it's more appropriate for servers to have this <br>technology.<br><br><br>If something becomes common , it becomes a target. you want to be<br>secure? run you web server on old amiga, or c64, exploits for these<br>platforms are somewhat hard to d/l from internet hacking sites.<br><br>Laters<br>Lee<br><br><br><b><i>Arron M Finnon <afinnon@googlemail.com></i></b> wrote:<blockquote class="replbq" style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> Well i think that the majority of my ethical hacking brothers and<br>sisters will tell you, that our view on securing your system is to<br>follow these simple steps;<br><br>Firstly pull the networking cable out of your machine<br><br>Secondly leave it that way<br><br>thirdly for added safety you may choose to cut all the power cables to<br>your computer.<br><br><br>All that the above is jokingly said, the truth is security is more in<br>the
mind of the user than in the keystrokes of your hacker. No matter<br>how much you spend on security, no matter how strong you think you are,<br>if you still write your password on the post-it note on your desk, the<br>cleaners always going to have access. The changing of passwords on a<br>regular basis, i suppose can be advised, however once access has been<br>obtained the backdoor will always be open so to speak. However security<br>is done by action, and the more steps you take to be secure the securer<br>your ultimately going to be. The reality of it is, that by default the<br>services we want our computers and networks to have require the systems<br>to open ports, and other means of access.<br><br>Rootkits suck for the people that are affected, however from a geek<br>stand point they do some amazing things and what they are capable of<br>now, would scare the most ardent of security minded users. However the<br>true problem with rootkit research is by default
rootkits are hard to<br>find, no one admits to having been affected, and few writers will<br>release them, due to lets just say losing their commercial advantage.<br><br>I now that you guys will have a wealth of experience on this subject and<br>i'm sure another EH will say something completely different to me, good<br>job there's a few of us on the list.<br><br>f1Nux hashing your salts, and signing off <br><br><br>_______________________________________________<br>dundee GNU/Linux Users Group mailing list<br>dundee@lists.lug.org.uk http://dundee.lug.org.uk<br>https://mailman.lug.org.uk/mailman/listinfo/dundee<br>Chat on IRC, #tlug on dundee.lug.org.uk<br></blockquote><br><p> 
<hr size=1> Support the World Aids Awareness campaign this month with <a href="http://us.rd.yahoo.com/mailuk/taglines/isp/control/*http://us.rd.yahoo.com/evt=51947/*http://uk.promotions.yahoo.com/forgood/">Yahoo! for Good</a>