[unisog] Admin Access to Servers

Edgecombe, Jason jwedgeco at uncc.edu
Wed Nov 15 18:58:04 GMT 2006


You can take it one step further and have the option of a bootable cd, a
bootable flash drive, or be ablke to boot the admin os under qemu.

To see what I mean, take a look at qemu-puppy
http://www.erikveen.dds.nl/qemupuppy/index.html 

The qemu approach lets the admin use both desktops simulatenously.

You might also check out VMware ACE. One of their touted uses is for
running a secured guest VM on a semi-trusted machine.

Sincerely,
Jason Edgecombe
Solaris & Linux Administrator
Mosaic Computing Group, College of Engineering
UNC-Charlotte
Phone: (704) 687-3514
 

-----Original Message-----
From: unisog-bounces at lists.dshield.org
[mailto:unisog-bounces at lists.dshield.org] On Behalf Of Michael Holstein
Sent: Wednesday, November 15, 2006 10:52 AM
To: unisog at lists.dshield.org
Subject: Re: [unisog] Admin Access to Servers

What about distributing bootable linux/Bart's distributions that 
incorporate all your security functions (obviously, you still need a VPN

and some sort of 2-factor auth).

Accomplishes the same thing as extra laptops, but lighter and cheaper. 
When you make a new CD, you invalidate the old ones (there's a 
laundry-list of ways to manage that), and would protect against all but 
hardware-based keyloggers.

My $0.02.

Cheers,

Michael Holstein CISSP GCIA
Cleveland State University
_______________________________________________
unisog mailing list
unisog at lists.dshield.org
https://lists.sans.org/mailman/listinfo/unisog



More information about the unisog mailing list