Re: is it possible to create a black box with debian?

To: debian-user@lists.debian.org
Subject: Re: is it possible to create a black box with debian?
From: Ron Johnson <ron.l.johnson@cox.net>
Date: Mon, 11 Sep 2006 12:16:01 -0500
Message-id: <[🔎] 450599D1.3080203@cox.net>
In-reply-to: <[🔎] BAY104-F21921D93A049CB55574F2EA52A0@phx.gbl>
References: <[🔎] BAY104-F21921D93A049CB55574F2EA52A0@phx.gbl>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/11/06 11:55, enediel gonzalez wrote:
> 
> On 09/11/06 09:52, enediel gonzalez wrote:
>> Hello:
>>
>> I looking for information how to create a black box with debian to be
>> able to put a system on untrusted locations.
>>
>> This system contains a web site as the only interface for the local
>> users, and ssh as the only way for the remote administration.
>>
>> Locally, the server could be turned off, and restarted, consider the
>> case that it's necessary to change the ups, etc.
>>
>> I need to protect the server against the case that somebody makes a disk
>> image, and later on can investigate what it's contained on it.
>>
>> I found information about filesystems encryption, but in this scenario
>> somebody locally should have access in some way to key, I wanted to
>> avoid that, so the server could restart having somewhere encrypted all
>> the necessary information to start.
>>
>> For local users is should be a real black box.
>>
>> Thanks in advance for any help, suggestion,. etc.
> 
>> Is kiosk-mode (which is handled by the WM/DE) what you are looking
>> for?  That plus appropriate case design (BIOS password, no access to
>> USB ports, strong case lock, disabled Ctrl-Alt-Del, no CD/DVD drive,
>> etc) and a no-module kernel should get you most of the way to where
>> you want to be.
>> Ron Johnson, Jr.
>> Jefferson LA  USA
> - --
> Thank you for your answer.
> 
> I was looking for more information about your option, but it looks like
> something to be used over the graphic interface.
> 
> If I'm wrong please correct me this detail.

Yes, kiosk mode is handled by the Window Manager or the Desktop
Environment.

> In my case, I don't need any graphic interface on the black box, the
> users can run any operating system on their desktop.

In that case, the hardware issues that I mentioned (BIOS password,
no access to USB ports, strong case lock, disabled Ctrl-Alt-Del, no
CD/DVD drive, etc) will still serve you.

Note, though that this is a *Debian* (therefore *Linux) list, so we
can't/won't tell you how to secure MSFT Windows...

- --
Ron Johnson, Jr.
Jefferson LA  USA

Is "common sense" really valid?
For example, it is "common sense" to white-power racists that
whites are superior to blacks, and that those with brown skins
are mud people.
However, that "common sense" is obviously wrong.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFBZnRS9HxQb37XmcRAszqAKCMj0S5looO0wqLocYcWZILZ6LUuwCg2ht7
7uM/YT5fydBoWUbMlCVNyoU=
=qA3i
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: is it possible to create a black box with debian?
  - From: "enediel gonzalez" <enediel@hotmail.com>

References:
- Re: Re: is it possible to create a black box with debian?
  - From: "enediel gonzalez" <enediel@hotmail.com>

Prev by Date: Re: Re: is it possible to create a black box with debian?
Next by Date: Re: Wake up from standby
Previous by thread: Re: Re: is it possible to create a black box with debian?
Next by thread: Re: is it possible to create a black box with debian?
Index(es):
- Date
- Thread