RE: [cobalt-users] cobalt kb - resetting the root password

[Graeme Fowler <graeme.fowler@xxxxxxxxxxxxxx>]

Dan wrote:
> If you can't trust the company hosting your box or their security ...

Hey, what a great idea - I'll just run next door and paperclip the, ummm,
hundreds of RaQs... not such a good idea after all then. It'd take me ages.

There are a few of us on this list who are fortunate (I'm sure someone will
disagree here!) enough to be either sys-admins, NOC staff, support people or
whatever in reasonably large hosting centres (some bigger than others). I
think I can speak for all of us when I say that, as a general rule:

a. why bother paperclipping someone's machine when you could probably just
snarf a password off of the wire.
b. why bother doing that when you could probably just contact the customer
and ask them for it.
c. why indeed bother doing that, you probably already have your own machine
and are a 1337 h4x0r d00d who understands IP spoofing, right? After all,
that's why you do this job! All those servers <cackle>
d. finally why bother doing any of it, you'll only end up unemployable.

One of the reasons most of us are employed in these situations is that we
have absolutely zero interest in what anyone actually does with their
machines, unless it violates some kind of AUP or service agreement. As Dan
and others suggested, most of us have to contend with cameras, multiple
doors with cardlocks (and different access levels), security audits, that
kind of thing. All day. Every day.

If we were to do something as stupid as illegally access a customer's
machine then it would be a very short time before we'd be found and booted
out.

Being serious for a moment: like the last few posters said, physical
security is the optimum setting for your server. Without it you may as well
not have one. If you trust the people who work where your server is based,
fine. If not, move it some place else.

Graeme
-- 
Graeme Fowler
System Administrator
Host Europe Group PLC