RE: securing password list

From: David Gillett (gillettdavid_at_fhda.edu)
Date: 03/24/04

  • Next message: David Gillett: "RE: Caching a sniffer"
    To: "'Jeremy McBane'" <Jeremy@devcocomputers.com>, <security-basics@securityfocus.com>
    Date: Wed, 24 Mar 2004 09:26:37 -0800
    
    
    

      "Fireproof" boxes are rated in terms of how long materials
    inside will survive a typical building fire outside. I think
    two hours for a sheet of paper is a pretty typical performance
    range -- less is probably a poor value, and more can cost
    mucho more.

    David Gillett

    > -----Original Message-----
    > From: Jeremy McBane [mailto:Jeremy@devcocomputers.com]
    > Sent: Tuesday, March 23, 2004 10:15 AM
    > To: security-basics@securityfocus.com
    > Subject: RE: securing password list
    >
    >
    > In reference to a fireproof box, what kind of media is not
    > vulnerable to melting within from the intense heat?
    > --
    > Jeremy McBane
    > Devco Computers
    > Jeremy@devcocomputers.com
    > 337.993.3212
    > --
    >
    > -----Original Message-----
    > From: Josh Mills [mailto:JMills@cnbwaco.com]
    > Sent: Friday, March 19, 2004 7:17 PM
    > To: Dan Denton; beevoo8@hotmail.com; security-basics@securityfocus.com
    > Subject: RE: securing password list
    >
    >
    > I have a similar setup, I have an off network linux box
    > behind two secured doors and i make a weekly backup that is
    > stored in an offsite fireproof box along with all of my other
    > backup tapes.
    >
    > -----Original Message-----
    > From: Dan Denton [mailto:ddenton@PAYLESSOFFICE.com]
    > Sent: Friday, March 19, 2004 12:02 PM
    > To: beevoo8@hotmail.com; security-basics@securityfocus.com
    > Subject: RE: securing password list
    >
    >
    > I keep out password lists in an off-network linux box in a
    > secured room, for which only I know the password. Of course
    > if anyone else gains access to the room they could snag the
    > whole CPU, but it's unlikely here. I also keep a weekly
    > backup on floppy in a locked firesafe.
    >
    > -----Original Message-----
    > From: beevoo8@hotmail.com [mailto:beevoo8@hotmail.com]
    > Sent: Thursday, March 18, 2004 11:52 AM
    > To: security-basics@securityfocus.com
    > Subject: securing password list
    >
    >
    >
    >
    > In my job I have a number of username/passwords to various
    > websites and machines that I must keep track of. I was
    > soliciting ideas on how to store these passwords securely.
    >
    > Encrypting them with a passphrase seems counterproductive
    > since the file may not be accessed for a while and the
    > passphrase might be forgotten. Would biometrics be a safer
    > idea? What security methods do you use to secure a list such as this?
    >
    >
    >
    > Any suggestions would be appreciated.
    >
    > --------------------------------------------------------------
    > ----------
    > ---
    > Ethical Hacking at the InfoSec Institute. Mention this ad and
    > get $545 off
    > any course! All of our class sizes are guaranteed to be 10
    > students or less
    > to facilitate one-on-one interaction with one of our expert
    > instructors.
    >
    > Attend a course taught by an expert instructor with years of
    > in-the-field
    > pen testing experience in our state of the art hacking lab.
    > Master the skills
    > of an Ethical Hacker to better assess the security of your
    > organization.
    >
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > --------------------------------------------------------------
    > ----------
    > ----
    >
    >
    > --------------------------------------------------------------
    > -------------
    > Ethical Hacking at the InfoSec Institute. Mention this ad and
    > get $545 off
    > any course! All of our class sizes are guaranteed to be 10
    > students or less
    > to facilitate one-on-one interaction with one of our expert
    > instructors.
    > Attend a course taught by an expert instructor with years of
    > in-the-field
    > pen testing experience in our state of the art hacking lab.
    > Master the skills
    > of an Ethical Hacker to better assess the security of your
    > organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > --------------------------------------------------------------
    > --------------
    >
    >
    > --------------------------------------------------------------
    > -------------
    > Ethical Hacking at the InfoSec Institute. Mention this ad and
    > get $545 off
    > any course! All of our class sizes are guaranteed to be 10
    > students or less
    > to facilitate one-on-one interaction with one of our expert
    > instructors.
    > Attend a course taught by an expert instructor with years of
    > in-the-field
    > pen testing experience in our state of the art hacking lab.
    > Master the skills
    > of an Ethical Hacker to better assess the security of your
    > organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > --------------------------------------------------------------
    > --------------
    >
    >
    > ---
    > Incoming mail is certified Virus Free.
    > Checked by AVG anti-virus system (http://www.grisoft.com).
    > Version: 6.0.639 / Virus Database: 408 - Release Date: 3/22/2004
    >
    >
    > ---
    > Outgoing mail is certified Virus Free.
    > Checked by AVG anti-virus system (http://www.grisoft.com).
    > Version: 6.0.639 / Virus Database: 408 - Release Date: 3/22/2004
    >
    >
    > --------------------------------------------------------------
    > -------------
    > Ethical Hacking at the InfoSec Institute. Mention this ad and
    > get $545 off
    > any course! All of our class sizes are guaranteed to be 10
    > students or less
    > to facilitate one-on-one interaction with one of our expert
    > instructors.
    > Attend a course taught by an expert instructor with years of
    > in-the-field
    > pen testing experience in our state of the art hacking lab.
    > Master the skills
    > of an Ethical Hacker to better assess the security of your
    > organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > --------------------------------------------------------------
    > --------------
    >

    
    

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------


  • Next message: David Gillett: "RE: Caching a sniffer"

    Relevant Pages

    • RE: Securing Linux based public access terminals
      ... >If you choose to use RedHat 9 you can get security updates via apt-get ... >>Ethical Hacking at the InfoSec Institute. ... >pen testing experience in our state of the art hacking lab. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: restore Administrator password
      ... >> Ethical Hacking at the InfoSec Institute. ... >> Attend a course taught by an expert instructor with years of ... >> pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: fax software in the domain
      ... You could add an extra layer of security by changing by connecting the ... Ethical Hacking at the InfoSec Institute. ... Attend a course taught by an expert instructor with years of ...
      (Security-Basics)
    • RE: Removing Local Admin Rights...
      ... >> Ethical Hacking at the InfoSec Institute. ... >> Attend a course taught by an expert instructor with years ... >> pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Windows SUS
      ... > Ethical Hacking at the InfoSec Institute. ... > Attend a course taught by an expert instructor with years of ... > pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)