Mailinglist Archive: opensuse (3531 mails)

< Previous Next >
Re: [opensuse] Security
  • From: Dave Howorth <dhoworth@xxxxxxxxxxxxxxxxx>
  • Date: Thu, 04 Jan 2007 14:30:28 +0000
  • Message-id: <459D0F84.3020901@xxxxxxxxxxxxxxxxx>
Hylton Conacher(ZR1HPC) wrote:
> User C now tries to see the confidential documents by using the username
> and what he thinks User A' password is ie he wants to login as though he
> was User A.

If I was user C, I wouldn't try to log in. I'd just steal the backup. Or
the hard disk of the server.

If the data really is important:
(1) encrypt all the data, including the backups
(2) physically secure the hardware - lock it all in a strong windowless
interior room (lock the backups in a vault somewhere else)
(3) only permit login attempts by authenticated people, preferably
authenticated by another person (e.g. only permit login attempts from a
terminal within the locked room, accompanied by a security guard)

For anything more complex, *don't* read the books - hire a security
consultant who knows the pitfalls.

Cheers, Dave
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >