|
Security
23 October 2005
Software and guides
- debscan
- denyhosts (adds intruders to /etc/hosts.deny)
- hping3
- nmap
- sshfs
- dmsetup
- cryptsetup
Anonymizing browsing
- just start tor
- just start privoxy
- socat
Installed tor and privoxy on 16 Jan 2006, not configured.
5 March 2006: Encrypted directories
You can use the device mapper module to create on-the-fly encrypted
directories, using these (added to config-2.6.9-ac6-9 on clitunno):
Device Drivers -> Multi-Device Support (RAID and LVM) -> Device Mapper Support
Device Drivers -> Multi-Device Support (RAID and LVM) -> Crypt Target Support
Device Drivers -> Block Devices -> Loopback Device Support
Cryptographic Options -> AES (you could use or add other types)
For instructions, see http://www.linuxjournal.com/article/8599 and http://www.cit.gu.edu.au/~anthony/software/mount_encrypted
Package: cryptsetup
Description: configures encrypted block devices
Since kernel 2.6.4, encrypted filesystem support is provided by the device
mapper target dm-crypt. This utility provides a command-line interface for
configuring this facility. It has integrated support for LUKS.
.
cryptsetup is backwards compatible with the on-disk format of cryptoloop,
but also supports more secure formats. This package also includes support
for automatically configuring encrypted devices at boot time via the config
file /etc/crypttab. When combined with newer versions of the debian
initrd-tools and standard debian kernels, cryptoroot is also supported.
.
For information on how to convert your system to use encrypted filesystems
please read /usr/share/doc/cryptsetup/CryptoRoot.HowTo.
This dragged in the dmsetup package; see also pmount, which can "transparently mount encrypted volumes."
Not further examined.
|
