Re: FN-FORUM: secure sites, encryption etc

date posted 3rd August 2004 20:12

nick b wrote:

> Dom Latter wrote:
>> 2, disallow root login, only allow one username to SSH in,

Use cert-based authentication - don't allow any passwords. Agree with
the rest.

>> Oh, and consider using OpenBSD.

Seconded.

> considering. may not be an option though. is it much better than FreeBSD?

For security, yes - lots. However, there are drawbacks to it - e.g. it
can't do SMP yet (tho it looks like the next version might), and it
isn't as fast.

>> Have you got a specific problem or are you just doing research out of
>> interest?
>>
> no specifics yet - no server, no application, no database. So early
> planning stages still, but security is one of the prime considerations
> for viability of the whole thing.

Well, if it's that important then you need to look at using something
other than Apache too (see the OBSD mailing list for why).

> Would you advise encrypting data and/or database content (I'm looking at
> PHP's mcrypt module) even with all the best practices for security of
> the server? Isn't that what's done with c/card numbers usually?

Depends. The problem with encrypting data on a server is that the server
has to be able to read it, so by definition it's already got the key.
You really need to work out what you're trying to protect the data from
before you can decide if you need to encrypt it.

I'd suggest you go with another server that runs nothing but PostgeSQL,
and do *all* database access via stored procedures - that's probably
good enough for what you're after without encrypting everything. If not,
there are ways to make it more secure, but they get very expensive very
quickly.

Anyway, feel free to give me a shout off-list.

-C