5 Aug
1999
5 Aug
'99
7:41 p.m.
In reply to some gripe about VMS, Allison replied:
] Dumb huh, it's at least secure!
] Ok go to the netbsd site and nose around, the proceedure for breaking into
] VMS is there...
Is it just me, or do those two sentences not belong so close together? :-)
Bill.
6 Aug
6 Aug
3:15 a.m.
A non-text attachment was scrubbed...
Name: not available
Type: text
Size: 1044 bytes
Desc: not available
Url :
http://www.classiccmp.org/pipermail/cctalk/attachments/19990806/dde6b8c1/at…
4:02 a.m.
On Fri, 6 Aug 1999, Zane H. Healy wrote:
Show me an OS that you can't break into with
physical access to the system
console, and I'll show you a dangerous OS! With Operating Systems like
OpenVMS the physical security is an important part keeping that system
secure. A secure system should be locked in a computer room with mulitiple
levels of physical protection to insure that only authorized personal gain
access to it. If you want it to be truely secure, even the terminals should
be in areas with limited access.
You need an IBM OS tape/CD to regain a lost root login for recent versions
of AIX. Simple console access won't do. I seem to recall that various
other unices running "enhanced security" option might be similar.
Definitely there is a point of diminishing returns for security
requirements that significantly reduce the speed of recovery after
security problems.
If you can't break into the system when you have
physical access to the
system, then what do you do when you forget your passwords. Remember
passwords shouldn't be written down.
Whoops, think I missed the smiley. What can I say, I take data security
seriously!
Zane
4:41 a.m.
A non-text attachment was scrubbed...
Name: not available
Type: text
Size: 709 bytes
Desc: not available
Url :
http://www.classiccmp.org/pipermail/cctalk/attachments/19990806/7eaae213/at…
4:23 a.m.
>
> In reply to some gripe about VMS, Allison replied:
> ] Dumb huh, it's at least secure!
> ] Ok go to the netbsd site and nose around, the proceedure for breaking into
> ] VMS is there...
>
> Is it just me, or do those two sentences not belong so close together? :-)
>
> Bill.
As the orignal poster proved even with physical access and procedure you
may still not achieve success.
However, in all but the rarest cases, if you can physically touch it
breaking is far more possible... VMS from anywhere else is very secure.
Allison
11:56 a.m.
Let's see.
"ANY security system, door lock, etc. should be easy to circumvent to
avoid any inconvenience when the user can't comply with the "normal" entry
requirements."
1:31 p.m.
Fred Cisin (XenoSoft) scribed:
Let's see.
"ANY security system, door lock, etc. should be easy to circumvent to
avoid any inconvenience when the user can't comply with the "normal" entry
requirements."
Um, no. It shouldn't be easy, and the normal user shouldn't be able to do
it. However, it should be possible with the proper knowledge, tools, and
authorization. The trick is to verify authorization, which is why physical
access should be a requirement, and proper attention given to physical
security.
Your summary sounds like the Microsoft approach to security :^)
On the other hand I've come to believe that a person should have a license
simular to a drivers license before they're allowed to touch a computer!
Zane
| Zane H. Healy | UNIX Systems Adminstrator |
| healyzh(a)aracnet.com (primary) | Linux Enthusiast |
| healyzh(a)holonet.net (alternate) | Classic Computer Collector |
+----------------------------------+----------------------------+
| Empire of the Petal Throne and Traveller Role Playing, |
| and Zane's Computer Museum. |
| http://www.aracnet.com/~healyzh/ |
4:47 p.m.
>"ANY security system, door lock, etc. should
be easy to circumvent to
>avoid any inconvenience when the user can't comply with the "normal"
entry
>requirements."
Your summary sounds like the Microsoft approach to
security :^)
Exactly who I was ridiculing. (why there were quotes) Well, them and a
few others as well.
"It won't let me login"
"Just hit escape and it will let you in without a password".
I DON'T have a key under my doormat.
6:19 p.m.
Fred Cisin (XenoSoft) wrote:
Opps, I thought that was supposed to be a recap of some of the comments put
forth today :^) I think I mentioned I get a little touchy on the subject
of Information Security, if so I was understating the fact!
Zane
| Zane H. Healy | UNIX Systems Adminstrator |
| healyzh(a)aracnet.com (primary) | Linux Enthusiast |
| healyzh(a)holonet.net (alternate) | Classic Computer Collector |
+----------------------------------+----------------------------+
| Empire of the Petal Throne and Traveller Role Playing, |
| and Zane's Computer Museum. |
| http://www.aracnet.com/~healyzh/ |
>"ANY
security system, door lock, etc. should be easy to circumvent to
>avoid any inconvenience when the user can't comply with the "normal"
entry
>requirements."
Your summary sounds like the Microsoft approach
to security :^)
Exactly who I was ridiculing. (why there were quotes) Well, them and a
few others as well.
"It won't let me login"
"Just hit escape and it will let you in without a password".
I DON'T have a key under my doormat. 
7 Aug
7 Aug
2:30 a.m.
----- Original Message -----
From: Fred Cisin (XenoSoft) <cisin(a)xenosoft.com>
To: Discussion re-collecting of classic computers
<classiccmp(a)u.washington.edu>
Sent: Friday, August 06, 1999 10:47 PM
Subject: Re: DUMB VMS!
Because we're a "little" OT already:
Check this out:
http://www.zdnet.com/sr/stories/news/0,4538,2309474,00.html
cheers & have fun ;-)
emanuel
> >"ANY security system, door lock, etc.
should be easy to circumvent to
> >avoid any inconvenience when the user can't comply with the
"normal"
entry
>requirements."
> Your summary sounds like the Microsoft approach to security :^)
4:42 a.m.
On Sat, 7 Aug 1999, emanuel stiebler wrote:
FTOUWATLTOABS,WII?
5:57 a.m.
On Sat, 7 Aug 1999, emanuel stiebler wrote:
FTOUWATLTOABS,WII?
Huh? Say what?
BTW, as a result of this, someone has set up a LinuxPPC contest, with
pretty much the same rules, BUT the LinuxPPC box is the prize! So the
cracker would actually get something for thier effort. You apparently
don't get anything for cracking the Windows box. Yesterday after 3 days of
no success they gave out the root password! Haven't heard any further
results though.
Zane
| Zane H. Healy | UNIX Systems Adminstrator |
| healyzh(a)aracnet.com (primary) | Linux Enthusiast |
| healyzh(a)holonet.net (alternate) | Classic Computer Collector |
+----------------------------------+----------------------------+
| Empire of the Petal Throne and Traveller Role Playing, |
| and Zane's Computer Museum. |
| http://www.aracnet.com/~healyzh/ |
2:57 p.m.
FTOUWATLTOABS,WII?
Huh? Say what? 
3:17 p.m.
Yeesh. If you want to try and waste time on the PPC box, it's
crack.linuxppc.org. Fun way to kill time while you're waiting for a kernel
to compile (i.e. booting winbloze) ;)
Kevin
-------------------------------------------------------------------------------
"It's you isn't it? THE BASTARD OPERATOR FROM HELL!"
"In the flesh, on the phone and in your account..."
-- BOFH #3
On Sat, 7 Aug 1999, Fred Cisin (XenoSoft) wrote:
For Those Of Us Who Are Too Lazy To Open a Browser Session,
What Is It?
FTOUWATLTOABS, it is a Ziff Davis article about a Microsoft challenge to
crackers to try to break into a Win2K machine. Nobody succedded, because
the machine crashed before anybody could try.
FTOUWATLTOABS,WII?
Huh? Say what?
9221
days inactive
9222
days old
13 comments
7 participants
participants (7)
-
a2k@one.net -
allisonp@world.std.com -
cisin@xenosoft.com -
emu@ecubics.com -
healyzh@aracnet.com -
thompson@athenet.net -
yakowenk@cs.unc.edu