On Sat, 2004-01-24 at 16:49, Richard Morrell wrote:
> Melvin Backus wrote:
> > At 08:36 PM 1/23/2004, Michael A. Alderete wrote:
> >> The way I see it, you could both lock and unlock from the webGUI, but
> >> only
> >> lock it from the console. When locked, the console could say "Console is
> >> LOCKED. Unlock via webGUI."
> To not lock the webgui is insane.
> It's a simple issue and if it isn't sorted this project will fail
Actually, Melvin's suggestion was regarding locking the console, not the
webGUI. (I think this is what you meant.) Locking the console is
really something that nededs to be done, for both security and
"appearance" of security reasons.
Of course, this is more applicable to "real" PCs running m0n0wall than
to Soekris boxen as they have no local console, only serial port access.
Either approach - Soekris/PC needs to have a lockable/logged out console
- having a permanently logged in console is a security risk, however
small (yes, physical access to your server room by a malicious user
means you have failed dismally in your mission to protect your network
adequately), but it is another layer of security that needs to be added.
Hilton Travis Email: Hilton at QuarkAV dot com
Manager, Quark AudioVisual Phone: +61-(0)7-3343-3889
Quark Computers Phone: +61-(0)419-792-394
(Brisbane, Australia) http://www.QuarkAV.com/
Open Source Projects: http://www.ares-desktop.org/
Non Linear Video Editing Solutions & Digital Audio Workstations
Network Administration, SmoothWall Firewalls, NOD32 AntiVirus
Conference and Seminar AudioVisual Production and Recording
War doesn't determine who is right. War determines who is left.