Re: Firewall question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Anne Wilson wrote, On 05/15/2008 03:39 PM:
On Thursday 15 May 2008 19:05, max bianco wrote:
I think, assuming i have followed things correctly to this point, a
big if I know, that she was looking for someway to establish the
computer's identity through its hardware configuration, a hardware
fingerprint if you will, this would be possible I think but you would
have to have some kind of computed hash, based on the hardware setup
and something random(in case someone somewhere has a computer setup
identical to yours and also happens to stumble across your network)
that would uniquely identify your computer, maybe calculated based on
the individual serial numbers of your hardware components, assuming
they are unique of course. I asked something similar once but all i
got were quizzical looks for my effort, as well as suggestions like
"isn't that what cookies are for?" to which the answer is of course
no. Cookies store settings, site info, and such but this would be like
a fingerprint for your computer or a retinal pattern or a dna sample.

Hardware fingerprint - yes, that describes my idea exactly. :-)

Anne


Either way in the end (I hope) you are talking about crypto[0] keys, you just want your hardware to BE the key(not good unless that hardware is a TPM). In hardware you have the Trusted Platform Module[1], in software you have soft keys. The soft keys can be either files or hardware[2] (or something in between like a key that is on a normal USB stick, or an OTP[3]).

soft keys used for ssh and open vpn are probably the easiest, but smart cards are fun.

[0] http://en.wikipedia.org/wiki/Crypto
[1] http://en.wikipedia.org/wiki/Trusted_Platform_Module
[2] http://en.wikipedia.org/wiki/Smart_card
    http://en.wikipedia.org/wiki/Common_Access_Card
[3] http://en.wikipedia.org/wiki/One-time_password#Implementation_of_a_time-synchronized_type_OTP

--
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux