John Summerfield wrote:
Tim wrote:
On Fri, 2007-12-28 at 08:05 +0900, John Summerfield wrote:
I would not defy The Boss, but if he agrees Linux is good for its
diagnostic tools, then the question becomes "How do we do this?" and a
USB disk that's encrypted and doesn't carry sensitive data, or even a
CD/DVD might be part of the answer.
Surely you'd only need to encrypt that which needs protecting. Network
diagnosis tools don't sound like something that needs it. And if you're
sensible enough to use different passwords, then someone finding out
your logon credentials from an unprotected diagnosis partition can't use
them to logon to the other protected one.
I would not be surprised if the corporate policy is to encrypt
everything. That way, there can be no nasty surprises if, accidentally
or by carelessness, sensitive data gets stored on the "network
diagnostics toolset."
For example, the results of running tcpdump or wireshark. Simply erasing
the files isn't enough, the space they occupied needs to be overwritten
too.
A likely sanction for defying such a policy is an invitation to seek
employment elsewhere.
Can't you just boot from a CD when you need to do network diagnostics?
Knoppix has about everything you would be likely to need.
--
Les Mikesell
lesmikesell@xxxxxxxxx
