lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Sep 2008 12:55:26 -0600
From: Theo de Raadt <deraadt@....openbsd.org>
To: Florian Weimer <fw@...eb.enyo.de>
Cc: Brett Lymn <blymn@...systems.com.au>,
	B 650 <dunc.on.usenet@...glemail.com>, bugtraq@...urityfocus.com
Subject: Re: Sun M-class hardware denial of service 

> On the other hand, I generally prefer a "trust me, I know what I'm
> doing" switch on the systems I deal with.  It's really frustrating if a
> system tries to protect itself from me, and consequently fails to comply
> with the actual requirements in this situation.

As well, note that a power-off of the system is apparently not
sufficient (or so I am led to understand).

You have to call Sun, provide your serial number, and an engineer
comes on-site to reset the faulted domain, and then power cycles the
machine.

Then after it happens too many times, the Sun engineer will opt to
provide the instructions and email a 48-hour-use one-time-password
that will let the owner of the machine do it themselves.  Enter the
password, type a few commands, and power the machine off.

That is my understanding of how the situation worked for the machine
where our developers were causing this problem.

That isn't just the system protecting you from yourself; that's a
non-clearable fault causing multiple service calls.

Powered by blists - more mailing lists