LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-12-2019, 06:29 AM   #16
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 2,953

Rep: Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267

Quote:
Originally Posted by n0rthst4r View Post
Ok, sorry for such a delayed replay.

Thank you all.

I guess they will be pretty busy to waste time in trying to break all this.

For me, this is being a challenge and I am enjoying every second I dedicate to the scripts and the system, it is so rewarding for me when I have success.

So, the thing right now is I am using blind-bash and LUKS autodecryption at boot and that would be enough, but I would like to go a step further and try to hide /etc/crypttab and make harder to figure out how to decrypt LUKS volume if they boot from USB or whatever. I have tried to include it inside initramfs and deleting it from the real /etc folder but it fails. You all think doing this is something stupid, don't you? I don't really know how initramfs works. I just thought that, being already copied to initramfs, I could just delete it and it will be available at next boot. It is actually inside initramfs, I have checked, but after rebooting the setup is broken. Do you think you can help me with that?

Learning to code in some compiled language is something I am already doing but I am kind of in a hurry and it will take me a long time and besides, that won't protect the thing 100%. It will be just a bit harder. Binaries can be easily torn out too, can't they?

I will give a try to the way JJJCR suggests, just for my own knowledge, it sounds promising.

Thank you all again!
Military standard is the closest to 100%, and that is a locked room with no network, protected power, an armed guard on the door, and a remote guard watching that guard with a security crew standing by to shoot anyone who successfully gets to the door. I suspect that level of security is only 99.99%, and would be a level of security that would prevent you from getting any good use out of the machine. Do not aim for 100% security, aim for secure enough with protections in case of a breach and backups and redundancy. I strongly suspect even that would be overkill in your case.

Protecting your scripts is, in this case, only interesting because your scripts provide access (thus a vulnerability) to your data. The security of the DATA is the important factor here. If you can discover a way to prevent the vulnerability while providing the access life would be golden. Keep that in mind here. Your answer may be to find a way to AVOID having the scripts be a vulnerability. There may be an answer in the encryption tools rather than obfuscating the scripts.

I would expend some time thinking about the problem from different viewpoints to see if a way to re-engineer the solution becomes clear.
 
  


Reply

Tags
encryption, scripts, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Mint 18 Full disk encryption VS Veracrypt Full Disk encryption: Help a Noob Decide Please ! APeacefulRig Linux - Security 2 11-11-2016 08:10 AM
[SOLVED] Non-system partition encryption versus container-file encryption of equal size Ulysses_ Linux - Security 13 07-17-2015 07:38 PM
LXer: Python Scripts as a Replacement for Bash Utility Scripts LXer Syndicated Linux News 1 01-17-2013 08:08 AM
Linux password encryption and data encryption Tux-Slack Programming 4 06-20-2007 06:46 AM
Mandrake 9.0 Wireless Works without encryption.. does not with encryption topcat Linux - Wireless Networking 3 05-04-2003 08:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration