|
Physical security of servers is as important, if not more important,
than network security. As Macintosh Managers we must recognize
that significant weakness of our platform.
-
MacOS 9 and earlier have little or no default console security.
If somebody has access to the keyboard, they have your box.
-
MacOS X is better, but still vulnerable from the console.
Single-user mode is the fastest path to root on any unix.
-
The solution: a door with a lock.
Dont put your servers in an open office.
Anything more elaborate than a door (armed guards, barbed wire,
man-traps, biometric scanners, whatever) is just eye candy.
-
Limit the key to authorized staff.
Yes, even the CEO needs to be escorted.
The janitor is *you.*
|
|