Re: Is the technique described in this article do-able with

From: f.johan.beisser (jan@caustic.org)
Date: 02/09/02 

Date: Sat, 9 Feb 2002 00:53:37 -0800 (PST)
From: "f.johan.beisser" <jan@caustic.org>
To: Darren Reed <avalon@coombs.anu.edu.au>

On Sat, 9 Feb 2002, Darren Reed wrote:

> In some mail from Brett Glass, sie said:
> >
> > http://www.samag.com/documents/s=1824/sam0201d/0201d.htm
>
> I believe that when you "halt" FreeBSD the whole OS halts.
> When you see the "press any key to rebot" message, no more
> activity is happening.

true.. i don't think any of the BSDs will respond, since the kernel is
only waiting for a keystroke to restart. to me this may be less secure
than just having the machine fully up and running.

> One question though, how do you generate log information?

if the OS is still passing packets, you could easily have it set to output
all log info to a serial port. this may, or may not, work even in linux.
of course, you may not care about log info.

> Personally, I think of this as a 'misfeature'.

i wouldn't put it that far down, just yet. i don't see how much of an
advantage it would be over a fully operational box, on the other hand.

-------/ f. johan beisser /--------------------------------------+
  http://caustic.org/~jan jan@caustic.org
    "John Ashcroft is really just the reanimated corpse
         of J. Edgar Hoover." -- Tim Triche

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: Is the technique described in this article do-able with
    ... In some mail from Brett Glass, sie said: ... I believe that when you "halt" FreeBSD the whole OS halts. ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)
  • Re: Racoon/sainfo - no policy found
    ... > I have a FreeBSD machine runing NAT, IPFilter, IPSec, ... > Racoon among other things. ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)
  • RE: OpenSSH b0rked (was RE: Problems with IPFW patch)
    ... Just did that as per your suggestion. ... > You'd be better off running mergemaster anyway, ... > with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)
  • RE: strange messages
    ... Acording to CERT (the latest statd message seems to be ... :> with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)
  • Re: Lost Password
    ... One of the WinNT boxes can be logged into under two separate domains at the login screen. ... Has anyone out ther had any experience in retrieving passwords. ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)