Thursday, July 21, 2011

Re: [BLUG] How many of you run home servers?

On Thu, Jul 21, 2011 at 02:32:04AM GMT, Thomas C. Knoeller [tck@pretend.net] said the following:
>
> Disagree here. I am more worried about coworkers then script kiddies.
> My coworkers know that I have ssh-agent running all the time, and
> they know the vanity domain of my home server. It would take a
> coworker less time to hack me then it takes for me to walk to the
> kitchen and back. Since I am not religious about locking the screen
> each time I walk away from the laptop, and because of the nature of
> the kids I (used to) work with, I would never use public key on a
> public facing interface.

Not knowing what you do and putting the kids issue aside. Let me
easy your worries a bit here with some logic. Yes, your coworkers
probably could gain access to your systems faster, but in most places
this would be crossing the line and grounds for immediate termination.
At least if I was in your shoes and someone did this, I would make sure
that they got fired, damn anyone who tries to say "You shouldn't have
left your screen unlocked".

This is not to say that you shouldn't lock your screen as you should
do that even at home, but what I'm trying to show here is that your
likelyhood of threats is more based on fear than ease of access.

A malicious hacker in Romania basically has nothing to fear because
they know that we won't be able to do anything about it (historically)
if they hack your system. But people that you know have a lot to fear,
losing their job, being arrested, etc. You have to remember that people
are still people with basic motivations to have their life be ok.

Also, if there was someone on my team that I couldn't trust, it would
be better to know about it sooner and have them just hack into my home
server before they do something worse or before you trust them with more
information and access.

I think the biggest time that you have to worry about coworkers is
when they are fired, but hopefully they are out of the building before
they can do anything and likely would try to remote in somehow and
probably wouldn't care about your home computer.

--
Mark Krenz
Bloomington Linux Users Group
http://www.bloomingtonlinux.org/

Sent from Mutt using Linux
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)