securing FreeBSD

perikillo perikillo at
Wed Jul 13 14:38:28 GMT 2005

>On 7/13/05, Greg Barniskis <nalists at> wrote:
> alexandre.delay at wrote:
> > hi guys
> >
> > I would like to secure my FreeBSD server.
> > I don't want anyone to be able to access to the disk using a bootable CD (or by
> > setting the actual hdd to secondary and plug an other primary hdd).
> >
> > I just don't want anyone to be able to hack this box nor any password.
> >
> > Do you have a solution?
> Securing a platform against a determined attacker who can put their
> hands on the physical hardware is a significant challenge for any
> OS. To protect against the type of attack you describe, encrypting
> all disk content (or at least the sensitive parts) is probably the
> only effective thing you can do, short of sealing the whole thing
> inside some other physically protected environment.
> Short of that, you could use a case with a trigger mechanism that
> informs the BIOS that the case has been opened, so that a warning is
> emitted at boot time re: physical security has been violated. Of
> course, that doesn't prevent intrusion, it just tells you that it
> occurred (and then, only if the intruder doesn't also violate your
> BIOS security and simply reset the "case has been opened" bits).
> --
> Greg Barniskis, Computer Systems Integrator
> South Central Library System (SCLS)
> Library Interchange Network (LINK)
> <gregb at>, (608) 266-6348
> _______________________________________________
> freebsd-questions at mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

  Plus, use google: +hardening freebsd.

More information about the freebsd-questions mailing list