From: Robert Haar on
On 3/16/10 4:23 PM, "Tom Harrington" <tph(a)pcisys.no.spam.dammit.net> wrote:


> Physical security is the most important aspect of keeping data private,
> and the most common point of failure.

Actually, the human element is the most important part and the cause of most
security breaches.

From: Richard Maine on
Tom Harrington <tph(a)pcisys.no.spam.dammit.net> wrote:

> In article <36adnbLuSbVAcwLWnZ2dnUVZ_oOsnZ2d(a)giganews.com>,
> Terry Carmen <terry(a)cnysupport.com> wrote:
>
> > On Tue, 16 Mar 2010 14:23:39 -0600, Tom Harrington wrote:
> >
> > > In article <36adnbHuSbUESALWnZ2dnUVZ_oMAAAAA(a)giganews.com>,
> > > Terry Carmen <terry(a)cnysupport.com> wrote:
> > >
> > >> That's the problem. I don't know what's happening, except that
> > >> financial information entered and stored only on that machine is
> > >> becoming known to people in the company who supposedly have no access
> > >> to it.
> > >
> > > Nobody else ever has access to that machine except you?
> > >
> > > Even after hours?
....
> > Yes, someone sits there (not me) and enters data on the keyboard, and
> > it's in a locked office.
>
> And there's no chance that this person might have something to do with
> it, or that somebody else might have a key to this office?

And people like security guards definitely count as "somebody else".
Amazing how often people answer questions like that with "nope, nobody
else at all", but then when you ask about someone "obvious" they say
"well, not counting them, of course."

--
Richard Maine | Good judgment comes from experience;
email: last name at domain . net | experience comes from bad judgment.
domain: summertriangle | -- Mark Twain
From: Jolly Roger on
In article <36adnbDuSbW-fQLWnZ2dnUVZ_oOdnZ2d(a)giganews.com>,
Terry Carmen <terry(a)cnysupport.com> wrote:

> On Tue, 16 Mar 2010 11:13:48 -0800, Doug Anderson wrote:
>
> > Terry Carmen <terry(a)cnysupport.com> writes:
> >
> >> Can anybody point me to a FAQ on Snow Leopard security or toss me a
> >> clue?
> >>
> >> I've disabled the guest account, changed the passwords and disabled
> >> anything I can find that isn't necessary, however the snooping
> >> continues, so I've obviously missed something.
> >>
> >> FWIW, this system doesn't need any incoming connections at all. The
> >> firewall is turned on, but apparently not "on enough" since sensitive
> >> information is being leaked.
> >>
> >> Securing Linux/Unix and even Windows (more or less) isn't a problem,
> >> but there's something on Snow Leopard that I'm apparently missing.
> >> There are log entries indicating a firewire connection, but I'm not
> >> sure if this is the intrusion method and don't see any way to disable
> >> or secure firewire.
> >>
> >> As long as the machine can find the network printers and the internet,
> >> that would about cover it.
> >>
> >> Is there any (non-gui) way to view the actual firewall rules, and is
> >> there any way to disable or secure firewire?
> >
> > Why do you think there is "snooping" and that sensitive information is
> > being leaked?
>
> Because people are talking about things that they should have no
> knowledge of.

I would imagine it is much more likely that your leak source is a
person, and not the computer itself. Someone printing a sensitive
document to an office printer, or blabbing something sensitive to others
isn't something you can prevent even with the most secure firewall and
security configurations.

--
Send responses to the relevant news group rather than email to me.
E-mail sent to this address may be devoured by my very hungry SPAM
filter. Due to Google's refusal to prevent spammers from posting
messages through their servers, I often ignore posts from Google
Groups. Use a real news client if you want me to see your posts.

JR
From: Tom Stiller on
In article <slrnhq08cr.1t2d.g.kreme(a)cerebus.local>,
Lewis <g.kreme(a)gmail.com.dontsendmecopies> wrote:

> In message <36adnbbuSbWJIQLWnZ2dnUVZ_oOdnZ2d(a)giganews.com>
> Terry <terry(a)cnysupport.com> wrote:
> > Can anybody point me to a FAQ on Snow Leopard security or toss me a clue?
>
> > I've disabled the guest account, changed the passwords and disabled
> > anything I can find that isn't necessary, however the snooping continues,
> > so I've obviously missed something.
>
> How do you know that the snooping continues?
>
> > Securing Linux/Unix and even Windows (more or less) isn't a problem, but
> > there's something on Snow Leopard that I'm apparently missing. There are
> > log entries indicating a firewire connection, but I'm not sure if this is
> > the intrusion method and don't see any way to disable or secure firewire.
>
> You are very confused. Firewire is a method for connecting local hard
> drives, cameras, and other devices.

FireWire will also support a network connection to another FireWire
device.

--
Tom Stiller

PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3 7BDA 71ED 6496 99C0 C7CF
From: Kevin McMurtrie on
In article <slrnhq08cr.1t2d.g.kreme(a)cerebus.local>,
Lewis <g.kreme(a)gmail.com.dontsendmecopies> wrote:

> In message <36adnbbuSbWJIQLWnZ2dnUVZ_oOdnZ2d(a)giganews.com>
> Terry <terry(a)cnysupport.com> wrote:
> > Can anybody point me to a FAQ on Snow Leopard security or toss me a clue?
>
> > I've disabled the guest account, changed the passwords and disabled
> > anything I can find that isn't necessary, however the snooping continues,
> > so I've obviously missed something.
>
> How do you know that the snooping continues?
>
> > Securing Linux/Unix and even Windows (more or less) isn't a problem, but
> > there's something on Snow Leopard that I'm apparently missing. There are
> > log entries indicating a firewire connection, but I'm not sure if this is
> > the intrusion method and don't see any way to disable or secure firewire.
>
> You are very confused. Firewire is a method for connecting local hard
> drives, cameras, and other devices.

Firewire supports direct memory access to maximize performance and to
keep the CPU load low. Some controllers aren't too picky about what a
Firewire device wants to do and they have been exploited.

Really, once somebody is touching your computer it's all over. The RAM
can be frozen, transported to a reader, and scanned. The data busses
can be recorded. The rule is, don't let anyone touch it.
--
I won't see Google Groups replies because I must filter them as spam
First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5 6 7
Prev: Cheap Print Server
Next: Pascal recommendation?