From: Carlos E. R. (robin1.listastiscali.es)
Date: Tue Jun 21 2005 - 07:05:39 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Tuesday 2005-06-21 at 13:10 +0200, Arjen de Korte wrote:

> > Is there any way that I can do it. Or placing a hardkey on the LPT Port.
>
> Nice try, but if someone is able to remove the harddisk from your server,
> don't you think they may also be able to grab that key from your system?
> Or take steal the entire system? As long as you can't physically secure
> access to your system, it will be *very* hard to accomplish what you want
> without some sort of password.

He could use a card that is read on booting with the password for the
encrypted hard disk or partition. But he must ensure the the card is
removed after booting, or when he is not present. Of course, is the
machine is serving a web page and power fails, it will not boot up. In
that case, it would probably make sense to use an UPS set as to send the
system to sleep with memory saved to disk, so that the password/card is
not required when awaking... but again, if the thief has access to the
system and sends it to sleep manually (for example, by switching off
mains AC to the UPS), he will be able to retrieve all data at his place
simply by powering it up again.

Another possibility would be to get the "key" from another secure computer
in the local network. I have my doubts, though...

- --
Cheers,
       Carlos Robinson

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFCuAKWtTMYHG2NR9URApaLAJoDMZNCUVwsLXSzTq53gA9wE0vDywCfRxdv
zha2ExMmX9HsjX4klLLinRk=
=ZXs1
-----END PGP SIGNATURE-----

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]