[SOLVED] My laptop in my assistant's home: how to minimize risks?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My laptop in my assistant's home: how to minimize risks?
I consider her fairly reliable. However, letting my computers leave the office makes me feel a little aprehensive.
Reluctantly, I have agreed to let her keep one of my laptops with her. I have customized it for her convenience (read graphical straightforward point-and-click, and mostly no choices to make).
While at home, she needs to do mostly what she does in the office, which is:
accessing some online collaboration tools and also one online service through rdp (using rdesktop)
accessing and editing documents on a disk in the office(sshfs), authorized only to some of us
communicate with the rest of us through email and jabber IM.
The risks I foresee for now (together with the intended preventive measures) are:
theft of the laptop/disk -> the HD is encrypted with luks (except for the boot partition)
inadequate/dangerous use -> enabling {acct, auditd, incron, afick...}
accessing the internet from an insecure access point -> iptables, maybe a home-phoning script in the background?, etc
As you can see, this is a very rough outline, and I'm probably missing some important measures that I may need to take.
I will appreciate if any of the good folks out there could correct/complete this initial list of tools/techniques to implement, for security/integrity.
Well, as you consider your assistant to be reliable, I will assume you have reasons to think that way and that she is not going to play dirty. My position is "Trust nobody", but you should know better than I...
Quote:
theft of the laptop/disk -> the HD is encrypted with luks (except for the boot partition)
You are vulnerable to:
Cold boot attacks.
-- The Enemy captures your assistant soon after she has turned the computer off, takes the RAM out, freezes it, takes it to a lab and leaks information from it in order to find your encryption keys. Extremely unlikely to happen
Evil Maid attacks.
-- Your Enemy captures the computer while your assistant is far from it, installs some kind of malware in the unencrypted /boot and returns the computer after the assistant knows it has been seized. When she boots the computer, the malware is launched... which can result in a keylogged password or other horrible effects. Extremely unlikely to happen.
Rubber Horse attacks.
-- Your assistant gets captured and tortured until she tells the passwords to the Enemy.
Quote:
inadequate/dangerous use -> enabling {acct, auditd, incron, afick...}
Hmmm... give her no root access or permissions to launch dangerous daemons or applications. A fine grained permission control (such as GRsecurity) might be useful. As she has physical access and knows the LUKS password, she could bypass your measures, but as you have said she is reliable...
Quote:
accessing the internet from an insecure access point
You may want to set an SSH tunnel or VPN. This works as follow:
You set a server in the office.
When the assistant wants to access Internet from an unsecure place (an open Wifi network in McDonalds, maybe) she connects to the server through an encrypted tunnel, so an Enemy placed between the server and the laptop will see encrypted traffic only. The office server proxies or redirects the laptops activity, asks for websites, etc. So, the server basically acts as a repeater, asking information from the Internet and sending it to the laptop in a secure fashion as the laptop demands. Ok, I have oversimplified but I hope you get the idea. There are thousands of docs around about the subject.
Last edited by BlackRider; 06-02-2012 at 06:19 AM.
I am going to take a different approach in my response to your question. One of the things that I have learned is that employees will rise or fall to the level of expectation that you set for them. If you treat this person with respect, make clear the expectations and responsibilities, in all likelihood they will meet them. If you treat this person in a manner that says that I expect you do do wrong, you will reap your just rewards in this regard too.
You need to evaluate exactly what you are trying to protect against and take reasonable precautions against the biggest threats.
Theft or loss, you've covered with encryption of the data portions.
Illicit Internet browsing. Why would they need or want to use work hardware for that?
Improper/inadequate/dangerous use? Why are you giving them a laptop to use in the first place?
It sounds like this employee is trying to find ways to do a better job and excel for you. If that were me and you responded like a totalitarian overlord, I would be inclined to tell you to go pound sand and never work as hard for you ever again.
Any physical access is subject to greater risk. I'd set up a server that they log into by certificate that you change often. The means to use remote desktop then is minimized since you secured the connection and you secure access to files and programs. She could easily use a live cd like the DOD live cd or one that you set up or even a good flash drive she/he can boot to.
Might peek at the 2X.com stuff. There are other companies that offer secure access to linux by different means or you can recreate them. Some form of nx may be a better choice.
I'd set up a server that they log into by certificate that you change often. The means to use remote desktop then is minimized since you secured the connection and you secure access to files and programs.
It seems a good idea to me, but this approach means the assistant won't be able to work if there is no network available. Can be a problem, but otherwise is a recommendation worth considering.
This post seems like paranoia. The only thing to worry about would be a man-in-the-middle attack to intercept data between the office and remote networks, which should not be a possibility if your network is secure. Set up a VPN so the only way for her (or anyone else on the outside for that matter) to gain access to the network is through a secure tunnel. Then the security risks are limited to the ones that occur as she sits at her desk in the office. If she was going to be malicious she would be doing it, whether or not she was sitting on her couch. Again, if your network is secure, your worries are VERY limited.
**EDIT**
I use pfSense for VPN/firewall in any network I set up, and I can't recommend it enough. Super easy to set up, the webGUI is really straightforward, and if you aren't running ESX (or something of that nature) you can use pretty much any old machine you have laying around with a spare NIC. I used to run it on a PIII 500mhz with 256MB of RAM and it was rock solid.
Last edited by alabamaman; 06-02-2012 at 11:24 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.