On 05/03/12 10:30, Bedwell, Jordon wrote: > This is not true in any case, including a dedicated server. It takes > but a minute and your drive to get access to your server, root > password or not, adjusted grub bootloader or not. Saved in a control > panel or not. This is a quite talked about subject when it comes to > Linux, but it's not really a security problem for the most part unless > you plan to get a laptop stolen or something, but there are clear ways > to fix that problem. Unless that entire drive is encrypted and > requires the password to even boot they can get into it anytime they > want. Dedicated servers are no more secure then VM's when it comes to > this. It does however make them harder to manage and recover in user > error since they don't attach a TTY. I think that a dedicated server is far more secure than a VPS if you encrypt the drive. In a dedicated server you can encrypt the whole hard drive [1] and nobody would be able to access it. A successful cold boot attack would require physical access to the server. On a VPS no matter if you encrypt the disk since the master has access to the guest's RAM and therefore an attacker that has compromised the master can extract the key easily from there. Regards! -------- [1] http://blog.neutrino.es/2011/unlocking-a-luks-encrypted-root-partition-remotely-via-ssh/ -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Carlos Alberto Lopez Perez http://neutrino.es Igalia - Free Software Engineering http://www.igalia.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Attachment:
signature.asc
Description: OpenPGP digital signature