SPUG: Security through insecurity...
Ryan T. Kosai
rkosai at u.washington.edu
Tue Jan 31 23:01:02 PST 2006
Since I use my laptop for all my business, personal, and schoolwork, I
end up bringing it with me to an inordinate number of destinations. If
it were lost, recovery would be more important to me than absolute
security. As such, I thought it would be a good idea to disable the
password login and log directly into an unpriveleged account on start
up, and write a quick tripwire program for my computer that would run at
this time. I'd log into a separate account to do school/business stuff.
Initially, I thought it would be best to post IP and tracert (Windows)
pipe outputs to a webserver. I thought it would be safer though, to be
able to send an e-mail to several destinations, in case my webserver
account could be compromised.
Now, to send this e-mail, I would have to log into a SMTP relay. This
would require a password; which I don't want plaintext or easily
recoverable (such as ROT13 or such) in a Perl script. So, in this case,
an open SMTP relay seems best.
The question is, (a) is this a good idea to use an open SMTP relay? (b)
Is there a way to secure a password? I notice this problem logging into
mysql servers via Perl too. (c) Besides IP and tracert, any other good
information I could grab? No built in mic or anything like that; its a
simple laptop.
Thanks,
--
Ryan T. Kosai, Undergraduate rkosai at u.washington.edu
Molecular Biology/Electrical Engr. //students.washington.edu/rkosai
More information about the spug-list
mailing list