FreeBSD and User Security
Jeffrey Goldberg
jeffrey at goldmark.org
Fri Jun 13 05:10:01 UTC 2008
On Jun 12, 2008, at 3:24 PM, David Naylor wrote:
> This is a general enquiry. What had sparked my interest in this
> subject is
> the above mentioned article. In this case it is a workstation used
> to access
> and manage account and cash flows. The threat would be anyone
> gaining access
> to 'divert' funds to incorrect accounts, for obvious personal gains.
How much money are we talking about? If it is billions of NZD that is
one thing, if it is thousands of NZD that is another. The question is
would someone with resources make a concerted effort to specifically
target your system? If so, you should hire a local professional.
If your concern is more about the kinds of wide spread automated
attacks, then really it's just a matter of doing the basic sorts of
things. Disabling root SSH logins, have your perimeter firewall check
for unusual out-bound traffic, and of course, keeping the system
properly updated.
> Specifically, the two threats would be remote attach (such as
> spyware being
> deployed, or gaining remote access)
I haven't played around with it, but you might want to look at
Mandatory Access Control (described in the Handbook). It's something
that has been on my "to learn" list for a while, but I am getting
through that list very slowly. From what you've said, it sounds like
you are talking about a multi-user system. Something like MAC really
may be the best approach to preventing individual users from being
tricked into doing stupid things.
> or physical access (in which case keeping
> the username and password safe will be the only option? Assuming
> their is no
> compromise on the human side)
For a typical machine, physical access means all access. If I have
physical access to a machine, I may be able to boot it from my own
boot media (a CD for example) and then read everything on the hard
disks. I could remove the disks and copy them. I could install a
physical keystroke logger between the keyboard and the box. There
really is a lot that can be done with physical access.
So if you have reason to believe that attackers would have physical
access to the machine, you should use encrypted file systems.
Note that with both MAC and encrypted file systems you run an
increased risk of locking yourself out of the system by accident.
So what measures you wish to take, with their additional costs and
risks, depends on a careful and realistic view of what the threats are.
I've enjoyed this discussion.
Cheers,
-j
More information about the freebsd-questions
mailing list