[KLUG Advocacy] Re: linux security

Morrison Equipment adam at morrison-ind.com
Wed Feb 2 22:13:13 EST 2005


#I googled Austrami but no relevant
# returns (unless you carry around a
#small Australian primate in your
# pocket).  Do you have a URL for
# them?

I might be spelling it wrong.  I'll look it up when I get home.

#Whether they are encrypted or not
# is rather moot since the algorithm 
#has been broken.

Even weak encryption does provide something,  it keeps out the lazy ignorant.  It at least makes forcing open an account non-trivial.  In the end the only secure SAM is a non-local SAM.

#That was the freaky thing.  I thought I 
#had deleted the standard
#administrator and guest accounts. 
#(after making another admin level
#account, of course.)

?  You can't delete the Administrator account,  the RID (512) is a 'hard coded' value.

##to enter/load that secret every time 
##you restart the KDC (reboot the
##computer), but this is rarely done 
##since it is a REAL PITA.
#The standard problem with good security.

And really non-workable for a server if you ever need to remotely reboot the server, etc...  But it is a great idea if you have a NOC that is staffed 24/7.
BlackBerry service provided by Nextel


More information about the Advocacy mailing list