Secure CentOS 7 Server

A Former User

@scottalanmiller and I were talking, and his thought is, if the NSA wants the data, they can get it.

So, now the question is can we keep DO from having access to the server/data?

Deleted74295

@Aaron-Studer said:

So, now the question is can we keep DO from having access to the server/data?

Who/what is DO?

A Former User

@Breffni-Potter said:

Who/what is DO?

Digital Ocean

Deleted74295

I guess I'd be worried about.

Encrypt data on the drives? They can take a copy and eventually break it if they are really keen.
Encrypt data in transit? You'd need to worry about man in the middle attack, especially as they can put physical interceptors at the data centre.
Back door server login? You've had it.

handsofqwerty

The OP made me chuckle...

Deleted74295

A proper security bod might be able to suggest various options, but once an attacker has unlimited physical access to the server, you have had it.

A Former User

@handsofqwerty said:

The OP made me chuckle...

And you still wonder why people don't like your comments.....?

handsofqwerty

@Aaron-Studer said:

@handsofqwerty said:

The OP made me chuckle...

And you still wonder why people don't like your comments.....?

If you think you can hide stuff from the NSA, as @Breffni-Potter said, good freaking luck. They were spying on every American and we had no idea until a consultant leaked the info. You think they can't get at your data if you encrypt your HDD, change the root password, and setup keys? Seriously?

handsofqwerty

Besides, I know you said you were doing it just for fun, but did you never consider that a post like this will red flag some places? If you're trying to figure out how to beat the NSA, ummm, you're going to lose that fight my friend.

Deleted74295

@handsofqwerty - We all know that even visiting a website about the topic of Encryption will add you to a watch list. I'm sure @Aaron-Studer knows this.

The day we stop asking questions for fear of the man, is the day Big Brother has taken complete power.

A Former User

AJ - I thought by changing your username that you were turning over a new leaf. Guess not.

handsofqwerty

@Breffni-Potter said:

@handsofqwerty - We all know that even visiting a website about the topic of Encryption will add you to a watch list. I'm sure @Aaron-Studer knows this.

The day we stop asking questions for fear of the man, is the day Big Brother has taken complete power.

No I know. I'm not saying we should fear it or not question it. I'm just saying that thinking we can beat them at this point seems kind of silly.

handsofqwerty

@Aaron-Studer said:

AJ - I thought by changing your username that you were turning over a new leaf. Guess not.

I have. I just don't see the whole purpose of the post. If it's for fun, why are you hosting it? Do something like this on your own hardware.

A Former User

@handsofqwerty You my friend have no room to talk about pointless posts....

handsofqwerty

@Aaron-Studer said:

@handsofqwerty You my friend have no room to talk about pointless posts.........

Please stop turning this into an argument. I'm leaving this thread because nothing good will happen if I stay.

A Former User

And this thread locks in...... 3..... 2..... 1.....

nadnerB

EDIT: ^ argument breaker

nadnerB

Sounds like a bit of fun. Let us know when if you decide to go ahead... or not if you want to be super secret

PSX_Defector

We have a guideline for a secured host, be it Windows or Linux. On our stuff we deploy our images, we have processes for others. We don't have one for CentOS 7, mostly because we are not deploying it yet.

IRJ

No shame whatsoever in wanting privacy. Privacy is a basic right. No citizen of their own country deserves to be spied on. In the last 15 years Americans and Europeans have decided to give up freedom for security. That is always a loss in my book. Especially when the so called "security" has done nothing to stop any type of attack. The odds of dying from any type of terror is less than being attacked by a shark.