Date: Thu, 21 Jan 2010 16:51:37 +0100 From: Ivan Voras <ivoras@freebsd.org> To: freebsd-questions@freebsd.org Subject: Re: hardening FreeBSD, already using GBDE Message-ID: <hj9t62$3qp$1@ger.gmane.org> In-Reply-To: <1d7089c41001210732t233bdf46pbbc2ab5be1fdd360@mail.gmail.com> References: <1d7089c41001210732t233bdf46pbbc2ab5be1fdd360@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 01/21/10 16:32, Henry Olyer wrote: > For example, the editor I use normally writes to /tmp -- I changed that, > making it slower, but in the event that someone takes my laptop I want to > sleep at night. If you use a swap-backed memory drive (see http://man.freebsd.org/mdconfig) for /tmp and use geli to encrypt the swap, there would be no chance of recovery of your temporary files. > I've no problem letting some poor person make a windoz machine out of my > laptop -- but I don't want to share my work, my intellectual property. (I > do research.) > > So, I'm looking for a list of changes to make, hacks really, that will > further tighten up security. You did not specify anything really exact. You already encrypt your on-disk data. Do you always use encrypted network protocols like ssh and https? Strong passwords? Adequate physical security? Up-to-date software?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?hj9t62$3qp$1>