[ale] Bob Toxen

James P. Kinney III jkinney at localnetsolutions.com
Tue Dec 17 10:58:46 EST 2002 

That does ring a bell. 

Ah HA! toolchest rings a loud bell. 

As my Octane is a stand-alone, I've been _very_ lax on updates.

On Tue, 2002-12-17 at 10:51, SanMillan, Todd wrote:
> might it have been tooltip?
> 
> -----Original Message-----
> From: James P. Kinney III [mailto:jkinney at localnetsolutions.com] 
> Sent: Tuesday, December 17, 2002 9:50 AM
> To: Atlanta Linux "User Group (E-mail)
> Subject: Re: [ale] Bob Toxen
> 
> 
> When I was the Unix sysadmin/security/developer/(fill in the blank)
> person at Emory, our eventual solution was to physically remove the
> SGI's from the network, put them on their own wire and firewall them off
> from the rest of the world. We had ports open for 80, 22 and 53.
> Everything else was explicitly denied. There was a security hole (nasty,
> remote root exploit kind) in a key component of the desktop system. I
> for the life of me have apparently core dumped the application name. The
> bloody box just would not run with out, though. It was used by other
> SGI's for resource sharing (not NFS) and was a required service even if
> it was not used. That hole was around for over 2 years with no fix. 
> 
> SGI. Really, really, really nice hardware. Really nice OpenSource
> support. Not to swift on the security fixes. OS does lots of pretty cool
> stuff very, very, very fast.
> 
> Including allowing disreputable people to have access to things they
> should not have access to.
> 
> On Tue, 2002-12-17 at 09:24, Dow Hurst wrote:
> > That is completely true as all of y'all know.  I've watched the other 
> > sysadmins on campus try to deal with just one or two systems which don't 
> > have firewalls.  I wouldn't want to be in that position ever again.  How 
> > can you get any real work done when every day your having to test out MS 
> > patches for your NT servers?  Even the Unix guys deal with security 
> > issues far too much.  I know Bob always says that good security is 
> > expensive and that no security is even more expensive, but, how can you 
> > work with only security issues on your mind?  It's like trying to be 
> > productive without proper timely backups.  You can't sleep or eat in
> peace!
> > Dow
> > 
> > 
> > James P. Kinney III wrote:
> > 
> > >And with a room full of SGI's, and the
> > >time-to-patch-after-security-hole-is-found often measured in months, Bob
> > >and the firewall are a required combination!
> > >
> > >On Mon, 2002-12-16 at 18:19, Dow Hurst wrote:
> > >  
> > >
-- 
James P. Kinney III   \Changing the mobile computing world/
President and CEO      \          one Linux user         /
Local Net Solutions,LLC \           at a time.          /
770-493-8244             \.___________________________./

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 



 This is a digitally signed message part

More information about the Ale mailing list