On Mon, Jan 24, 2011 at 17:47, Andrew McGlashan <
andrew.mcglas...@affinityvision.com.au> wrote:
> Hi,
>
>
> Thomas Nguyen Van wrote:
>
>> Correct me if I'm wrong but Mandos only works on a LAN according to the
>> technical overview (
>> http://wiki.fukt.bsnet.se/wiki/Mandos#Architectural_Overview
Hi,
Thomas Nguyen Van wrote:
Correct me if I'm wrong but Mandos only works on a LAN according to the
technical overview
(http://wiki.fukt.bsnet.se/wiki/Mandos#Architectural_Overview).
Just a LAN or can it be ANY routeable address, via the Internet?
This assumes that the network connectivit
VAN
- Original Message -
From: "Andrew McGlashan"
To: "Jonas Andradas"
Cc: "Thomas Nguyen Van" , "Jeroen van Dongen"
, debian-security@lists.debian.org
Sent: Monday, January 24, 2011 1:53:54 PM GMT +01:00 Amsterdam / Berlin / Bern
/ Rome / Stockh
On Mon, 24 Jan 2011, Thomas Nguyen Van wrote:
> Our company needs to encrypt hard drives on our machines running under Linux
> Debian Lenny.
If you're serious about this, get a real server (HP, IBM, Dell...) with
proper TPM hardware and Linux support.
Then, you'll need to do the (not that easy)
On lun., 2011-01-24 at 08:27 +, Jeroen van Dongen wrote:
> If your server can reboot without a human being present to enter a
> password, what's to stop someone who steals your server to obtain
> access to the data?
>
>
> The FDE does NOT protect your data against hackers - if they hack you
Hi Jonas,
Jonas Andradas wrote:
however, having to start up the Mandos server in order for the host to
start-up could defeat the purpose of Mandos itself, which is supposed to
allow servers to start up autonomously, without human intervention. Of
course, you could always have your monitoring
On Mon, Jan 24, 2011 at 12:06, Andrew McGlashan <
andrew.mcglas...@affinityvision.com.au> wrote:
> Jonas Andradas wrote:
>
>> In particular, both "mandos" and "mandos-client" have Debian packages
>> available.
>>
>> [1] http://www.fukt.bsnet.se/mandos
>>
>
> That sounds interesting, but why not ru
On Mon, Jan 24, 2011 at 11:22, Jeroen van Dongen wrote:
> > Hello Thomas,
> >
> > as Jeroen already said, the problem with this is that if they steal only
> the hard-drive, the data should be safe. Instead, if they steal the > whole
> server (which is somewhat harder, but not impossible), they o
Jonas Andradas wrote:
In particular, both "mandos" and "mandos-client" have Debian packages
available.
[1] http://www.fukt.bsnet.se/mandos
That sounds interesting, but why not run the Mandos server ONLY when you
are restarting machines. The Mandos server could be a tiny VM or even a
boot f
o: "Thomas Nguyen Van" , "Jonas Andradas"
Cc: debian-security@lists.debian.org
Sent: Monday, January 24, 2011 11:22:13 AM GMT +01:00 Amsterdam / Berlin / Bern
/ Rome / Stockholm / Vienna
Subject: RE: Question related to FDE (Full Disk Encryption) solution under
Linux Debian L
> Hello Thomas,
>
> as Jeroen already said, the problem with this is that if they steal only the
> hard-drive, the data should be safe. Instead, if they steal the > whole
> server (which is somewhat harder, but not impossible), they only need it to
> boot and the BIOS would decrypt the
.nguyen...@jumper.ie>
> Sent: Monday, January 24, 2011 9:27:38 AM GMT +01:00 Amsterdam / Berlin /
> Bern / Rome / Stockholm / Vienna
> Subject: RE: Question related to FDE (Full Disk Encryption) solution under
> Linux Debian Lenny
>
> If your server can reboot without a human being
Morning Matthieu,
Thanks for your quick feedback much appreciated ! ^_^
Indeed, the FDE solution depends on your motherboard's technology and can't be
implement on any standard motherboard. :o)
Thanks a lot for your help on this.
Thomas NGUYEN VAN
- Original Message -
From: "Mathie
On Mon, Jan 24, 2011 at 09:31:33AM +0100, Yves-Alexis Perez wrote:
> > However, this solution only works under windows !! They don't plan to
> > support under linux such a disk. :o(
>
> If everything is handled by the BIOS, why would it be OS-dependent?
I'd have thought this is because the BIOS h
Perez"
To: debian-security@lists.debian.org
Sent: Monday, January 24, 2011 9:31:33 AM GMT +01:00 Amsterdam / Berlin / Bern
/ Rome / Stockholm / Vienna
Subject: Re: Question related to FDE (Full Disk Encryption) solution under
Linux Debian Lenny
On lun., 2011-01-24 at 08:14 +, Thomas N
Disk Encryption) solution under
Linux Debian Lenny
RE: Question related to FDE (Full Disk Encryption) solution under Linux Debian
Lenny
If your server can reboot without a human being present to enter a password,
what's to stop someone who steals your server to obtain access to the data?
If your server can reboot without a human being present to enter a password,
what's to stop someone who steals your server to obtain access to the data?
The FDE does NOT protect your data against hackers - if they hack your running
system, they have access to all data that your application ha
On lun., 2011-01-24 at 08:14 +, Thomas Nguyen Van wrote:
> Good morning
> Our company needs to encrypt hard drives on our machines running under
> Linux Debian Lenny.
> Seagate proposes FDE solutions with Momentus 5400 and/or 7200
> (http://www.seagate.com/docs/pdf/fr-FR/whitepaper/mb595_2_mom
18 matches
Mail list logo
