Date: Wed, 10 Oct 2001 21:17:12 +0200 From: "Karsten W. Rohrbach" <karsten@rohrbach.de> To: xskoba1@kremilek.gyrec.cz Cc: security@freebsd.org Subject: Re: "Rubbish" idea on security Message-ID: <20011010211712.B60609@mail.webmonster.de> In-Reply-To: <Pine.LNX.4.21.0110100829560.6104-100000@kremilek.gyrec.cz>; from xskoba1@kremilek.gyrec.cz on Wed, Oct 10, 2001 at 08:38:21AM %2B0200 References: <20011009130922.C85958-100000@localhost> <Pine.LNX.4.21.0110100829560.6104-100000@kremilek.gyrec.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
--b5gNqxB1S1yM7hjW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable xskoba1@kremilek.gyrec.cz(xskoba1@kremilek.gyrec.cz)@2001.10.10 08:38:21 +0= 000: >=20 > Has anyone ever thought about physicial stealing of server? yes ;-) >=20 > I know I sound like pretty paranoid, but my question is. Is there > any way to crypt all harddrive in the way, no one from outside will see > anything from it. I mean, for example, that rebooting of server is going > to be dependandt on connection from somewhere, that connection send a key, > which is all the time only in memory and if someone decide to steal the > harddrive, he has nothing unless he has a key. for a somewhat larger client's installation we ordered a safe containing rackmounts, ups and air conditioning. those boxes are quite expensive (and quite big), heavy to lift (trust me, noone's ever gonna carry such a thing out of the building) and they provide the physical security level demanded by the german bank and insurance industry. hard drives cannot be removed when the safe is closed, so you just got to think about a good network/os security solution. > And the second thing is concerning config or any files which are > necessary to change to compromise server. The idea is the same, the > changes > are (probably by kernel) written into some temprorary area and only when > private key is provided, changes are written on the right place. we put /, /usr, /opt (custom binaries) on a write-disabled scsi harddisk raid mirror, the remaining filesystems went onto a standard raid5 scsi-scsi bridge solution. software upgrades are being deployed onto new disks on the same hardware in a lab and then transported to the site for being actively deployed (swapped agains the original boot volume disk set). >=20 > sorry if everything I told is too dificult or too stupid to be > created. not at all. there are just not that many customers demanding that degree of security. /k --=20 > Only two things are infinite, the universe and human stupidity, and I'm > not sure about the former. --Albert Einstein=20 KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.n= et/ karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 B= F46 Please do not remove my address from To: and Cc: fields in mailing lists. 1= 0x --b5gNqxB1S1yM7hjW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7xJ64M0BPTilkv0YRAgEzAKC6vLtkuvdjnLnx864L3MNUczY9ygCfThRa RaQBe2BqdkvjCRShOHnYKDk= =Fq2K -----END PGP SIGNATURE----- --b5gNqxB1S1yM7hjW-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011010211712.B60609>