On Thu, Aug 25, 2011 at 11:38 AM, Arun Venkataswamy <[email protected]> wrote: > Hi, > > I know that there is no such thing as an "unbreakable" system, but would > like to provide the best possible solution to a client. > > I am in the process of building a Linux box to serve videos and to run a > LAMP application. The software combo is working fine from Amazon Cloud > instances. As a new service, the client is going to locate these boxes at > the end user's offices. So the box cannot be physically secured. The use > case is such that the end user will not be willing to enter a password for > crypto disks either (if they knew the password, they can replicate the box > anyways). One solution is a USB hardware lock (dongle).
Physical (local) access => no guarantee to security. Besides encrypted file systems nothing else comes to mind. What is it that your client wants to secure in this machine? > Any suggestions or pointers? Is there a way to do it without building the > system from scratch (LFS)? Say start from a Debian base install and disable > single user mode? With physical access no system is secure; any LiveCD is sufficient to break into the system. -- Arun Khan A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
