Unix/Linux Go Back    


Security Discuss UNIX and Linux computer and network security, cyber security, cyber attacks, IT security, and more.

How to protect system from cloning?

Security


Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 09-07-2014
Installimat Installimat is offline
Registered User
 
Join Date: Sep 2014
Last Activity: 7 September 2014, 10:42 AM EDT
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
How to protect system from cloning?

Hello there,

I would like to protect a Linux system from cloning, I don't mind if the cloned hard drive works in the same computer, but I need to avoid it to work in other one, even if it uses exactly same mainboard model and rest of computer parts. I want the cloned system to get frozen or simply restart continously if it's used in another computer.

I found a thread in other forum that talks about a test of the NIC interface's MAC. It could be a good solution.

The issue is that I have no information at all about how to do it, nor the software to use. Of course, I would like it to be as "unbreakable" as possible.

Many regards in advance
Sponsored Links
    #2  
Old Unix and Linux 09-07-2014
junior-helper junior-helper is offline
Registered User
 
Join Date: Aug 2014
Last Activity: 8 June 2016, 3:15 PM EDT
Posts: 342
Thanks: 35
Thanked 124 Times in 113 Posts
Quote:
Originally Posted by Installimat View Post
I found a thread in other forum that talks about a test of the NIC interface's MAC. It could be a good solution.
This sounds easy, but also easy to break or circumvent, thus not recommendable.
Quote:
Originally Posted by Installimat View Post
Of course, I would like it to be as "unbreakable" as possible.
I guess the answer is Full disk encryption.
Sponsored Links
    #3  
Old Unix and Linux 09-07-2014
Installimat Installimat is offline
Registered User
 
Join Date: Sep 2014
Last Activity: 7 September 2014, 10:42 AM EDT
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Many thanks for your answer, unSpawn, I really appreciate your time and interest.

TPM could be a great solution, but it means adding more hardware since it's not included on motherboard, so it's discard (I need a method that doesn't require special hardware)

The user must be able to use the computer, add new drives or even format hard drive using a tool in a usb drive if he needs. It's even desirable (althought not 100% needed) that user can make a backup of the system disk via cloning, and restoring it when needed. BUT I don't want the user to clone disk and use the operative system and all configurations and programs in a different machine, since it's intended to be used only on this computer (I hope that my explanation is ok, hehe)

I know that there is no infallible method for this, but I'm also sure there is some way. It's better having a security method that can be skipped to have no security method at all. If I add some kind of protection, at least the user will have to make some research.

I've been reading something about hostid, and if I can tie the operative system to something depending on hardware, it is an important "first step" (but you say it's easy to break)

Full disk encryption seems the best way, but, how can I do it?

Must be kept in mind that I can't make a complete reinstall of the system to do it. I mean... I have now my "master" cloning image that y deploy on all the machines, so I need someway to prevent to clone again the install once deployed on every target machine. It's no problem if I have to use some time on everyone of those target machines, but installing operative system and configuring and installing everything in everyone of them is not an option.

Many thanks again, I hope someone can lend me a hand.

Regards
    #4  
Old Unix and Linux 09-08-2014
rbatte1 rbatte1 is offline Forum Staff  
Root armed
 
Join Date: Jun 2007
Last Activity: 28 April 2017, 12:29 PM EDT
Location: Lancashire, UK
Posts: 3,080
Thanks: 1,287
Thanked 590 Times in 534 Posts
How will you manage if the disk fails, the server needs a replacement motherboard, NIC etc. or you have a full disaster situation? If you generate a working solution that allows for these, then you have created a back-door that others might exploit.

Are you concerned that the server may be physically attacked in some way?



Robin
The Following User Says Thank You to rbatte1 For This Useful Post:
Corona688 (09-08-2014)
Sponsored Links
    #5  
Old Unix and Linux 09-08-2014
drl's Unix or Linux Image
drl drl is offline Forum Advisor  
Registered Voter
 
Join Date: Apr 2007
Last Activity: 28 April 2017, 11:20 AM EDT
Location: Saint Paul, MN USA / BSD, CentOS, Debian, OS X, Solaris
Posts: 2,094
Thanks: 187
Thanked 374 Times in 326 Posts
Hi.
Quote:
Originally Posted by Installimat View Post
Many thanks for your answer, unSpawn, I really appreciate your time and interest.

...
This appears to be posted in response to the question on another Linux forum, namely Linux Questions, post # 3 in thread How to protect system from cloning?

Best wishes ... cheers, drl
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Cloning a solaris system zzqv9p UNIX for Advanced & Expert Users 0 02-25-2010 01:51 PM
Full System Backup / Cloning HPUX real-chess UNIX for Dummies Questions & Answers 0 08-12-2006 09:26 PM
Problem cloning system fgaulois AIX 2 03-17-2006 02:20 PM
Protect from rm / scottsl UNIX for Advanced & Expert Users 1 11-10-2005 04:49 AM



All times are GMT -4. The time now is 05:51 PM.