Back in the 80's, basically, we used O'scopes to record what people typed on their keyboard from way outside the building and wrote up reports on the info that were always classified. You always want a COMSEC mission report to be Un-Classified.
There are so many ways to gain intel when the target is not TEMPEST hardened.
Most security minded computer operators and/or security personnel have basic COMSEC imbedded in their mentality. The thing is to pass that on...
Actually, TMK, most of us get up around sunrise and go outdoors. Maybe to spend the day at the beach (if they are not working). For sure the children do and to look at most of them.... something else is going on. Diet? I really think the small sample of the test was not enough to make judgment or rather a scientific proof/theory be valid.
Then your particular laptop is not a secure product. Imagine scenario where it was stolen.
Good point. It's a Dell. But if I did not have HD encryption anyway, what good would changing the bios do? Allow them to boot whatever external OS of their choosing? So be it. I would have lost the box, but not the data on my HD (unless they really, really, really, want it).:)
"No default password could be secure. The only way is to force password change on first use."
Normally I'd agree with this, however a sibling of mine passed away and I wound up with a laptop that I could not change the BIOS. Fortunately through a quick google search, I was able to find default passwords used by the manufactures to allow access to the issue. Problem solved.
"enjoy challenges, and am perfectly willing to spend hours and hours for months on end to learn command line."
The only real Linux is Slackware. You have total control of what daemons your running so it is a very secure system, you just have to keep up with the daemons your running, and Patrick V. takes care of that. It has a package manager, an easy install system, and if you start out with a full install, you will not be disappointed. If you really want to know Linux, then Slackware is the way to go.
"Given the increased adoption rates of Linux by customers, many of them also appear to disagree with Mr. Ballmer's negative assessment of Linux. So do the large number of ISVs who have already or are planning to port to Linux.
Microsoft's most recent 10k presents another, perhaps more realistic, assessment of the prospect for Linux and Open Source software:"
We believe that Microsoft's share of server units grew modestly in fiscal 2004, while Linux distributions rose slightly faster on an absolute basis. The increase in Linux distributions reflects some significant public announcements of support and adoption of open source software in both the server and desktop markets in the last year. To the extent open source software products gain increasing market acceptance, sales of our products may decline, which could result in a reduction in our revenue and operating margins.
Please, if you are going to post a link on/. to make a point, consider the/.'ing that will follow. We probably will not be able to see your point. Maybe a one line summary of your point?
A: myNetWatchman collects, analyzes and reports malicious access attempts to ISPs, who can then take action against the offending machines.
Q: How does it work?
A: A small client-side application runs as a background application on your system; reading your firewall logs, and creating near-real-time reports that are relayed to the myNetwatchman servers for analysis.
Q: How does myNetWatchman know the difference between a threat and a false alarm, and how does it respond?
A: When the analysis routine determines that a legitimate threat exists (based on reports from several agents), an automatic "Escalation Report" is sent to the abuse department of the offender's ISP. Any responses received from the ISP are also tracked.
I agree and in my case, it is much better than SA. I have incorporated it into p3scan[1][2] also. Now you have the option of using SpamAssassin or DSPAM when checking your pop3 mail.
Slashdot Mirror
Back in the 80's, basically, we used O'scopes to record what people typed on their keyboard from way outside the building and wrote up reports on the info that were always classified. You always want a COMSEC mission report to be Un-Classified. There are so many ways to gain intel when the target is not TEMPEST hardened. Most security minded computer operators and/or security personnel have basic COMSEC imbedded in their mentality. The thing is to pass that on...
Actually, TMK, most of us get up around sunrise and go outdoors. Maybe to spend the day at the beach (if they are not working). For sure the children do and to look at most of them.... something else is going on. Diet? I really think the small sample of the test was not enough to make judgment or rather a scientific proof/theory be valid.
... Look at the overweight+ people in Hawaii. And we live in the sun virtually year round!
And yet, if I change what my browser reports, it will work fine. Go figure.
Then your particular laptop is not a secure product. Imagine scenario where it was stolen.
Good point. It's a Dell. But if I did not have HD encryption anyway, what good would changing the bios do? Allow them to boot whatever external OS of their choosing? So be it. I would have lost the box, but not the data on my HD (unless they really, really, really, want it). :)
"No default password could be secure. The only way is to force password change on first use." Normally I'd agree with this, however a sibling of mine passed away and I wound up with a laptop that I could not change the BIOS. Fortunately through a quick google search, I was able to find default passwords used by the manufactures to allow access to the issue. Problem solved.
"enjoy challenges, and am perfectly willing to spend hours and hours for months on end to learn command line." The only real Linux is Slackware. You have total control of what daemons your running so it is a very secure system, you just have to keep up with the daemons your running, and Patrick V. takes care of that. It has a package manager, an easy install system, and if you start out with a full install, you will not be disappointed. If you really want to know Linux, then Slackware is the way to go.
SANS Internet Storm Center :)
to find out what may make my customers computers silly.
Please, if you are going to post a link on /. to make a point, consider the /.'ing that will follow. We probably will not be able to see your point. Maybe a one line summary of your point?
Q: What is myNetWatchman?
A: myNetWatchman collects, analyzes and reports malicious access attempts to ISPs, who can then take action against the offending machines.
Q: How does it work?
A: A small client-side application runs as a background application on your system; reading your firewall logs, and creating near-real-time reports that are relayed to the myNetwatchman servers for analysis.
Q: How does myNetWatchman know the difference between a threat and a false alarm, and how does it respond?
A: When the analysis routine determines that a legitimate threat exists (based on reports from several agents), an automatic "Escalation Report" is sent to the abuse department of the offender's ISP. Any responses received from the ISP are also tracked.
That being said, IT IS WORTH IT
I agree and in my case, it is much better than SA. I have incorporated it into p3scan[1][2] also. Now you have the option of using SpamAssassin or DSPAM when checking your pop3 mail.
[1] http://p3scan.sourceforge.net
[2] In the development branch.