You have a pretty good start on a totally secure machine but I disagree on a few details, to get a totally secure machine you need to put it in a steel and concrete vault, in there build a 10'x10'x10' form and fill it with rebar steel, pour it 1/2 full of concrete then place the computer in the center of mass and finish filling the form. When done and concrete is hardened for at least a week you may have a totally secure computer, but it could be cracked if someone was stubborn enough and had enough time with a jackhammer. But the vault steel doors and guards should stop the time and access required. Cheers, Davidm (-; On Sat, 2003-03-15 at 04:02, technomage wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > who is this "nutbar" who thinks they are totoally secure? I'd like to know so > that I can avoid meeting him unless I have reason to. > > totally secure = power supply isolated, non-networked machine behind 2 layers > of steel doors and lots of guards. > > anything else is debatable. > > Technomage > > On Saturday 15 March 2003 03:17 am, Entelin wrote: > > I have a client I am trying to convince to install a firewall, (eather > > iptables or preferably cisco PIX). They have practicly every service > > under the sun open, the only reason their tcp netbios ports are closed > > is because cox filters them. The only reason I am having to convince > > them of anything is because they have another linux tech working for > > them and he is somehow convinced that they are completely secure "at the > > deamon level" wrote a big email to my client saying they dident need to > > install a firewall, or even close totaly unused ports on their box! > > (they even had echo and chargen open before I at least convinced them to > > close those ie: forged packet between echo and chargen = storm). > > nevermind the two root exploits their sendmail is at risk for. and the > > password sniffing of their login,telnet etc.. god.. > > > > ANYWAY sorry for that rant. back on topic I was wondering if I could do > > anything with these udp ports in absence of the filtered tcp netbios > > ports. ? as in gain any kind of access or DoS. > > > > 137/udp open netbios-ns > > 138/udp open netbios-dgm > > 139/udp open netbios-ssn > > > > Thanks :) > > > > --------------------------------------------------- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change you mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > - -- > I will not be pushed, filed, stamped, indexed, briefed, debriefed, or > numbered! > My life is my own - No. 6 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE+cwhOn/usgigAaLcRAs79AJ9Tty91a3ZorlD3pgKL9dBRRJSSzACeKW4U > 6v2lRe90Uh6uuJYQKty5ihg= > =hUiC > -----END PGP SIGNATURE----- > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change you mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss -- David IS Mandala gpg fingerprint 8932 E7EF CCF5 1B8C 1B5C A92E C678 795E 45B2 D952 Phoenix, AZ (480) 460-7545 HP, (602) 741-1363 CP http://www.them.com/~davidm/