Find the answer to your Linux question:
Results 1 to 7 of 7
Hi, I have a apache+php+mysql site. I have been given the task to prepare a installed linux box which will run this site and also make sure that the data ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2008
    Posts
    3

    Post Locked Linux Box


    Hi,

    I have a apache+php+mysql site. I have been given the task to prepare a installed linux box which will run this site and also make sure that the data of this database/php should not be copied out of the system.

    The problem is that the machine will not be physically in our control. The basic security has been placed so that you cannot login into the console without the right sequence of username/passwords. Beyond that I do not know much. Therefore for starters, the hard drive can be unplugged or a live cd can be used to mount into the filesystem (even though the machine did not come with a optical drive, one can still be wired in, booted along with easy bios changes). I think getting into the system along with a privileged account using the linux login console is very low cause passwords will be "safe enough".

    Another secondary problem is that the machine should not panic on sudden power-offs. Beyond that, I think linux and my site are stable enough. If the login prompt wants to fix the filesystem, it will have to do it by itself at next boot-time. No one from the tech will ever see the machine after it is sent to the destination.

    I have read a few things about encrypted file systems. But never really seen them at work.

    I need suggestions on what are the ways possible to do achieve the target. I have moderate knowledge of linux/ubuntu though Im a programmer myself.

    Thanks a lot,
    Vikas

  2. #2
    Linux Engineer GNU-Fan's Avatar
    Join Date
    Mar 2008
    Posts
    935
    Hello,

    my former boss once told me to do a similar thing.

    My honest response was: If the machine is not physically under our control, it is not under our control at all.

    (And no, he is not my _former_ boss because I dared to say so )


    Therefore, if the database's secrecy is of that importance to your supervisor, he had better make sure the data resides on a place where nobody untrusted has access to.
    Debian GNU/Linux -- You know you want it.

  3. #3
    Just Joined!
    Join Date
    Sep 2008
    Posts
    3
    My honest response was: If the machine is not physically under our control, it is not under our control at all.
    You are right about that.
    But again, it is not some highly secret thing.
    Just want to make sure that the no beginner level kid should get this system cracked using simple tools or ideas.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Engineer GNU-Fan's Avatar
    Join Date
    Mar 2008
    Posts
    935
    Quote Originally Posted by thevikas View Post
    Just want to make sure that the no beginner level kid should get this system cracked using simple tools or ideas.
    You could encrypt the partition the database resides on and mount it only manually, of course. This will spoil the idea of shutting the server down in order to pull out the harddisk. But it won't protect you from anything more subtle.

    Also, if you have holes in your PHP scripts, kids love these btw., the intruder gets you with the pants down if the partition has been mounted at that time.
    Debian GNU/Linux -- You know you want it.

  6. #5
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Quote Originally Posted by thevikas View Post
    The problem is that the machine will not be physically in our control. The basic security has been placed so that you cannot login into the console without the right sequence of username/passwords. Beyond that I do not know much. Therefore for starters, the hard drive can be unplugged or a live cd can be used to mount into the filesystem (even though the machine did not come with a optical drive, one can still be wired in, booted along with easy bios changes). I think getting into the system along with a privileged account using the linux login console is very low cause passwords will be "safe enough".

    You are aware that if the system is booted into single user mode that they then have full root access to this system? No need for a boot-cd.
    If I did not trust the place where I was deploying my equipment to not try to break in then I would not deploy the system.
    I would also use a firewall in conjunction with fail2ban to block ip that attempt to break in.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  7. #6
    Just Joined!
    Join Date
    Aug 2008
    Location
    Seattle, WA
    Posts
    46
    how is it not physically under your control? are you colocating it at a datacenter of some kind? every datacenter I'm familiar with keeps machines under tight lock-and-key and will ONLY touch your machine if you request it (ie: "its hardlocked, mind hitting the reset switch) or a dire emergancy (ie: "OMG TURN OFF THAT SERVER, ITS ON FIRE!")

  8. #7
    Just Joined!
    Join Date
    Sep 2008
    Posts
    3
    Quote Originally Posted by Lazydog View Post
    You are aware that if the system is booted into single user mode that they then have full root access to this system
    The system won't need to login into by any user. The site/database servers should start automatically on power-up.

    The system could have occasional remote SSH access for possible upgrades.
    The setup is assumed to be mostly offline and will run within LAN only. It will go online on demand to sync its databases from the online storage.

    Also, if you have holes in your PHP scripts, kids love these btw., the intruder gets you with the pants down if the partition has been mounted at that time.
    The scripts will probably lie on the encrypted partition. We have been careful to make the scripts safe from the regular attacks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •