From owner-freebsd-security Tue Oct 9 23:38:26 2001 Delivered-To: freebsd-security@freebsd.org Received: from kremilek.gyrec.cz (kremilek.gyrec.cz [62.168.40.188]) by hub.freebsd.org (Postfix) with ESMTP id 75EAA37B403 for ; Tue, 9 Oct 2001 23:38:22 -0700 (PDT) Received: from xskoba1 (helo=localhost) by kremilek.gyrec.cz with local-esmtp (Exim 3.12 #1 (Debian)) id 15rD0X-0001ba-00 for ; Wed, 10 Oct 2001 08:38:21 +0200 Date: Wed, 10 Oct 2001 08:38:21 +0200 (CEST) From: To: security@freebsd.org Subject: "Rubbish" idea on security In-Reply-To: <20011009130922.C85958-100000@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Has anyone ever thought about physicial stealing of server? I know I sound like pretty paranoid, but my question is. Is there any way to crypt all harddrive in the way, no one from outside will see anything from it. I mean, for example, that rebooting of server is going to be dependandt on connection from somewhere, that connection send a key, which is all the time only in memory and if someone decide to steal the harddrive, he has nothing unless he has a key. And the second thing is concerning config or any files which are necessary to change to compromise server. The idea is the same, the changes are (probably by kernel) written into some temprorary area and only when private key is provided, changes are written on the right place. sorry if everything I told is too dificult or too stupid to be created. yours sincerely Rene Skoba To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message