Hello, everyone. Firstly, I haven't had chance to wade through the multitude of posts on this topic yet, so my apologies if I repeat what someone else may have said. Pysical security is *critical* if you expect to keep control of your box. Does anyone remember the C2 level of security that NT touted itself as being compliant with ? Do you remember what you had to do to make an NT system compliant ? This list included: Keeping the pysical box in a vault like shielded room to prevent EM emissions being picked up Removing the floppy and CD drives once all the required software was installed Disconnecting the machine from any networks (incl. removal of drivers for NICs and network protocols) Uninstalling the POSIX and OS2 subsystems The list goes on. The linux encrypted file system is not a bad idea since you need the passphrase to access the contents regardless of which user you are. I can't think of a single system that can keep you out if you have unrestricted pysical access to a computer. Linux (not just SuSE) have their rescue CDs. It used to be that if you rebooted the machine into single user mode, it would log straight in as root without requiring a password. I know that at least on SuSE these days, it prompts for the root password even in single user mode. Yet, if I take my SuSE CDs with me, I can boot from them and re-install over the existing system with my new version with my passwords etc, and read anything you have on that machine other than the encrypted file systems. The same goes for any of the MS OSes. NTFS is no deterrent; an NTFSDOS boot disk will allow me to read the files on an NT system, and a Linux based tool will allow me to change the local administrator password on an NTFS system. The only MS boxes this doesn't work on are Domain Controllers (PDC, BDC, AD), as they don't use local users and passwords. I think someone mentioned that aren't NTFS drivers for Linux. This is wrong. They may only be safe to use in read-only mode, but that might be all I need to access some vital info from a machine. And since they are unsafe to use to write with, I may choose to write some arbitrary data to an NTFS partition simply to render it useless. Security breaches may not always be to gain useful info. Sometimes they might be for mischief, or just to bring about some denial of service. If I can boot my trusty DOS diskette with FDISK on it on your machine, and wipe the hard drives, that's going to be a big headache for you isn't it ? Yet to achieve the same thing across the network would take a lot more work. Anyone who thinks pysical security is not important is deluding themselves. Do you lock the doors and windows in your house when you leave ? Do you leave valuables on the back seat of your car when you leave it unattended ? Do you padlock your luggage when you travel ? These are all basic pysical security measures we take in our daily lives. Why should we then consider the pysical security of our computer systems, especially critical systems in the business world, to be any less important ? Thanks for listening, Stuart. <snip> On Sunday 14 July 2002 01.53, Paul Miles wrote:
That way, presumably you'd have the approphiate encryption keys, so you'd be able to read the disk,
If there is to be any point to an encrypted file system it would be encrypted with a passphrase. If it is, it won't matter that you're root, you would still have to give the passphrase when the filesystem is mounted. </snip>