hi folks,
I am building a small device based onto x86 with nanobsd. the device itself shall be placed in hostile enviroments so hardening is a must. besides neat network configurations for freebsd to be even more robust i am looking for protecting the device from somebody attaching an usb keyboard and get a shell, or fiddle with the bootloader or something alike.
i was thinking about reinstalling the sys with boot0sio so nobody can see whats going on if a vga cable is connected. i didnt so far at my prototype, maybe there are some other nice ways to disable output from the OS. harden the bootmanager and the loader, so nobody can access the /boot fs and fiddle around.
cheers,
I am building a small device based onto x86 with nanobsd. the device itself shall be placed in hostile enviroments so hardening is a must. besides neat network configurations for freebsd to be even more robust i am looking for protecting the device from somebody attaching an usb keyboard and get a shell, or fiddle with the bootloader or something alike.
i was thinking about reinstalling the sys with boot0sio so nobody can see whats going on if a vga cable is connected. i didnt so far at my prototype, maybe there are some other nice ways to disable output from the OS. harden the bootmanager and the loader, so nobody can access the /boot fs and fiddle around.
cheers,
