Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 21 Jan 2010 16:51:37 +0100
From:      Ivan Voras <ivoras@freebsd.org>
To:        freebsd-questions@freebsd.org
Subject:   Re: hardening FreeBSD, already using GBDE
Message-ID:  <hj9t62$3qp$1@ger.gmane.org>
In-Reply-To: <1d7089c41001210732t233bdf46pbbc2ab5be1fdd360@mail.gmail.com>
References:  <1d7089c41001210732t233bdf46pbbc2ab5be1fdd360@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On 01/21/10 16:32, Henry Olyer wrote:
> For example, the editor I use normally writes to /tmp -- I changed that,
> making it slower, but in the event that someone takes my laptop I want to
> sleep at night.

If you use a swap-backed memory drive (see 
http://man.freebsd.org/mdconfig) for /tmp and use geli to encrypt the 
swap, there would be no chance of recovery of your temporary files.

> I've no problem letting some poor person make a windoz machine out of my
> laptop -- but I don't want to share my work, my intellectual property.  (I
> do research.)
>
> So, I'm looking for a list of changes to make, hacks really, that will
> further tighten up security.

You did not specify anything really exact. You already encrypt your 
on-disk data. Do you always use encrypted network protocols like ssh and 
https? Strong passwords? Adequate physical security? Up-to-date software?





Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?hj9t62$3qp$1>