[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] Re: Building kernel on one machine, using on another.

To: Sheflug <sheflug [at] vuw.ac.nz>
Subject: Re: [Sheflug] Re: Building kernel on one machine, using on another.
From: Barrie Bremner <nospam [at] ecosse.net>
Date: Mon, 28 Aug 2000 14:15:23 +0100
List-help: <http://www.sheflug.co.uk>
List-owner: <mailto:sheflug-admins [at] vuw.ac.nz>
List-post: <mailto:sheflug [at] vuw.ac.nz>
List-subscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=subscribe>
List-unsubscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=unsubscribe>
Reply-to: "Sheflug" <sheflug [at] vuw.ac.nz>
Sender: nospam [at] rata.vuw.ac.nz
Sender: sheflug-bounce [at] vuw.ac.nz

"Stephen J. Turnbull" wrote:

> 
> Seriously, the Orange Book says "a C2 secure system may not be hooked
> to a network, unless that network is C2-rated".  Presumably Barrie
> would find C2 security unacceptably restrictive from what he says.
> :-)  But he must specify in much more detail what services, if any, his
> domain is going to offer to his internal net and to the rest of the
> world, on the one hand.  On the other, he needs to define what he's
> willing to give up to achieve "not getting cracked" (or equivalently,
> just how badly he fears getting cracked).
> 
> But until all that's on the table, there's not much to say except
> "what do you want me to say?"

 Erm, OK. Thought processes behind all this:

 Ooo! An extra machine.

 Mmm. But it's only a P75 with 16Mb :(

 What could I do?

 Mail? Yup.

 DNS. Yup

 Firewall/ipchains? Yup.

 MMm.

 Already got all those on main machine with plenty power spare.

 Oh.

 Still..gotta do *something* with it.

So, there you go. I have a machine that I tried to reinstall last night
via ftp to my main box and failed - got a bunch of errors from the
text-based installer from RedHat not being able to find a file.
 Gonna have to rip a CD drive out of another machine and do it the old
fashioned way later.

 I'm not too scared of being hacked. I do get a few connections from
other machines (portmap (!), DNS (before I ran DNS), etc), strange
packets, portscans, but I've already got ipchains masq'ing my internal
network and refusing everything else.
 Several a week at least.
 I don't *need* a machine to run a firewall, flux (my PII) does fine
itself.

 Still...if not this, what should I do with noodles?

 Baz.

--
Barrie J. Bremner

Email:     TheEnglishman [at] ecosse.net
           (PGP public key available at pgp.mit.edu)

URL:       http://www.geocities.com/thefatenglishman

Telephone: UK 01672 811246
Mobile:    UK 07968 792975

Quis custodiet ipsos custodes?
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

Follow-Ups:
- Re: [Sheflug] Re: Building kernel on one machine, using on another.
  - From: "Stephen J. Turnbull" <turnbull [at] sk.tsukuba.ac.jp>

References:
- [Sheflug] Building kernel on one machine, using on another.
  - From: Barrie Bremner <TheEnglishman [at] ecosse.net>
- [Sheflug] Building kernel on one machine, using on another.
  - From: "Stephen J. Turnbull" <turnbull [at] sk.tsukuba.ac.jp>
- Re: [Sheflug] Building kernel on one machine, using on another.
  - From: "Alex Hudson" <eah106 [at] york.ac.uk>
- [Sheflug] Re: Building kernel on one machine, using on another.
  - From: Richard <richard [at] sheflug.co.uk>
- [Sheflug] Re: Building kernel on one machine, using on another.
  - From: "Stephen J. Turnbull" <turnbull [at] sk.tsukuba.ac.jp>

Prev by Date: [Sheflug] Re: SUID bit - how do I set it?
Next by Date: Re: [Sheflug] SUID bit - how do I set it?
Prev by thread: [Sheflug] Re: Building kernel on one machine, using on another.
Next by thread: Re: [Sheflug] Re: Building kernel on one machine, using on another.
Index(es):
- Date
- Thread