[1832] in SIPB_Linux_Development
Re: *sigh*
daemon@ATHENA.MIT.EDU (Emil Sit)
Tue Sep 30 10:34:42 1997
To: michael@MIT.EDU
Cc: Eep Eep! <khsiao@MIT.EDU>, net-security@MIT.EDU, linux-dev@MIT.EDU
In-Reply-To: Your message of "Tue, 30 Sep 1997 10:15:34 EDT."
<199709301415.KAA28271@SNARFLE-THE-GARTHOG.MIT.EDU>
Date: Tue, 30 Sep 1997 10:34:22 EDT
From: Emil Sit <sit@MIT.EDU>
-----BEGIN PGP SIGNED MESSAGE-----
[cc list restricted to linux-dev]
> You should take your machine off of the network, reinstall it completely
> from trusted media (CDROM for example), change all of the passwords
Unfortunately, people generally install Linux over the
network. Linux-Athena is installed off small-gods using
NFS. small-gods is probably secure and I'm not sure if we need to be
worrying about active attacks on NFS installs. We don't really want
people install RH off of cdroms, though NFS is arguably less secure
than that.
> install the latest security patches for your machine.
These are also generally obtained over the network, by linux-dev using
ftp, and installed by users through AFS. I assume that whoever
downloads the upgraded RPMs from RedHat checks the MD5 signatures though.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
iQBVAwUBNDEN7CWuZ7zmNWHpAQH28QH/YcWqr84IoC/FC/N+5kCofSFO/Gy19lx5
ZcgR5PE71ER+2ItsjOdKkXkTc9Nj9HXjfz34vDtuqCzJRCwgj0SAoA==
=hGbS
-----END PGP SIGNATURE-----
--
Emil Sit / Bronx Science '95, MIT '99 -- ESG, SIPB, Athena Consulting
PGP KeyID: 0xE63561E9 / Fingerprint: A68FD0693EDABA19 2671EC1F22498F58
