oneyed at gmx.de
oneyed at gmx.de
Mon Jan 5 14:45:57 PST 2004
-----BEGIN PGP SIGNED MESSAGE-----
> Whats about using crypted filesystems, like loop-aes?
> Hardening a system should not only focus on hardening
> remote and local "hacks" but also in a worst-case scenario
> with full physical access to the server.
> A hardend system should IMO also be resistant to somebody
> how can plug the harddisks in his own computer!
Yes, I think setting up a secure system should include crypted filesystems. I'm using a nearly completly encrypted system (just one small unencrypted boot-partition that is MD5SUM- checked everytime I boot the system) on my homecomputer and everything is fine.
There are three disadvantages:
1st: It slows down the system. Made some benchmarks with bonnie++ some months ago and the result: the encrypted ext2- partition slows down by appr. 33%
2nd: If you would setup a server using crypto-fs you could be in trouble, if the systems has to reboot for some reason (i.e.: going up again after a power failure) and you are not arround - you'll have NO access to the computer from outside to type in the password. Especially at a mailserver this can be critical.
3rd: You need a rescuedisk with a crypto-enable-kernel *in any case*. It was a hard way for me to get access to my system after my boot-partition crashed and the kernel was damaged
Probably #2 und #3 can be solved by not encrypting everything, but what you have to encrypt and how you have to modify your serverprogs (i.e.: don't deliver local mail if the mailboxes are not arround) would be special for your special needs.
Thats my first though about it..
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the hlfs-dev