[CentOS] Security advice, please

Thu Dec 25 14:40:19 UTC 2008
Robert Moskowitz <rgm at htt-consult.com>

Anne Wilson wrote:
> On Thursday 25 December 2008 11:12:19 Lanny Marcus wrote:
>   
>> On Wed, Dec 24, 2008 at 12:43 PM, Bill Campbell <centos at celestial.com>
>> wrote: <snip>
>>
>>     
>>>> Hi Warren, Nice explanation.  I would like to ask what you
>>>> recommend people do if they want to be able to ssh in from
>>>> anywhere on the internet. Say they are going to be traveling and
>>>> they know they will have to login from machines they have no
>>>> control over, like an internet cafe or a Hotel's business
>>>> services suite?
>>>>         
>> <snip>
>> I again offer you my "solution", which is to take with me "Live CDs"
>> for CentOS 5.2 and Knoppix. I reboot the box in an Internet cafe, from
>> a Live CD, do what I need/want to do, and when I am done, I remove the
>> Live CD and reboot the public box again. I have not installed anything
>> on their box and I am much safer, surfing, etc., on a public box.
>>     
>
> I'll bet you're popular at those cafes :-)

Going WAY back.  Comdex Atlanta, learly 90s.

The hotel I got stuffed in quite a ways from downtown, had 'old' 
hardwired phones, no RJ11 jacks.  But I was a REAL road warrior, I had 
my full tool kit of tools, jumper cables and the like.  I had the phone 
apart and my computer wired in and cleaning came in for some reason (I 
was running late and had not left for the show yet).  She freaked and 
called security.  I had to show management that I knew more about their 
phone system than anyone around and would put everything back.  SHEESH!

Then there was that 5 star hotel in Chicago where their integrated data 
jack could not support speeds faster than 1200bps no matter what they 
claimed (and I finally nailed the pbx rep on the junk they sold the 
hotel in front of the hotel manager).

It never ends.  We are always dealing with the lowest common 
denominator, GREED!  Followed by stupidity.

Scott Bradner, one of the original IETFers (his middle initial is 'O' 
and he LOVES to sign things with just his initials) once said at an IETF 
plenary session:


"The clue level in the Internet is a constant.  The Internet is growing 
geometrically.  I leave the math to you."