>On 7/13/05, Greg Barniskis <[EMAIL PROTECTED]> wrote: > [EMAIL PROTECTED] wrote: > > hi guys > > > > I would like to secure my FreeBSD server. > > I don't want anyone to be able to access to the disk using a bootable CD > > (or by > > setting the actual hdd to secondary and plug an other primary hdd). > > > > I just don't want anyone to be able to hack this box nor any password. > > > > Do you have a solution? > > Securing a platform against a determined attacker who can put their > hands on the physical hardware is a significant challenge for any > OS. To protect against the type of attack you describe, encrypting > all disk content (or at least the sensitive parts) is probably the > only effective thing you can do, short of sealing the whole thing > inside some other physically protected environment. > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.html > > Short of that, you could use a case with a trigger mechanism that > informs the BIOS that the case has been opened, so that a warning is > emitted at boot time re: physical security has been violated. Of > course, that doesn't prevent intrusion, it just tells you that it > occurred (and then, only if the intruder doesn't also violate your > BIOS security and simply reset the "case has been opened" bits). > > -- > Greg Barniskis, Computer Systems Integrator > South Central Library System (SCLS) > Library Interchange Network (LINK) > <gregb at scls.lib.wi.us>, (608) 266-6348 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" >
Plus, use google: +hardening freebsd. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"