DaemonForums  

Go Back   DaemonForums > Miscellaneous > Off-Topic

Off-Topic Everything else.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 8th June 2009
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Thanked 0 Times in 0 Posts
Default Reading paging files.

I noticed during mounting the NTFS partition on the laptop that the Windows paging file could be read with vi or any text editor. This made me wonder,"Can a Linux or BSD swap partition or swap file be read in the same manner? Can swap be read while it is active?"
I am asking these questions in regard to security .
Reply With Quote
  #2   (View Single Post)  
Old 8th June 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,611
Thanked 214 Times in 189 Posts
Default

OpenBSD has had an encrypted swap system by default for more than four years, and had it as an option since 1999. I can't speak for other OSes.
Reply With Quote
  #3   (View Single Post)  
Old 8th June 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

All 3 of the major BSD's supported encrypted swap partitions/files, this should prevent anyone from gleaming any useful information from them.. even unencrypted it would look a lot like garbage, random 4K pages in unpredictable locations.

I know for a fact that this is done by default on OpenBSD, I do not know if that can be said for the other BSD projects.. someone else here can answer that for you.

Reading from the swap file/partition is possible as root, permissions do allow it.

Briefly searching Google, I found several hits for encrypted swap/page files in Windows.. you might need 3rd party support for it though.

Hope that helps..
Reply With Quote
  #4   (View Single Post)  
Old 8th June 2009
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Thanked 0 Times in 0 Posts
Default

I found the solution for Linux at least with the testdisk/photrec suite. I want to see if any traces of any activity are left over.
It's a start.
Reply With Quote
  #5   (View Single Post)  
Old 8th June 2009
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Thanked 112 Times in 104 Posts
Default

FreeBSD doesn't encrypt SWAP by default, and I assume nether does NetBSD. Setting it up on FreeBSD however takes only a few minutes.

Obviously if it is on disk, you can access it in some way: the big question is can you figure out whats on it when you do 8=)
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
  #6   (View Single Post)  
Old 8th June 2009
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Thanked 0 Times in 0 Posts
Default

A while back, I'd use scite to read hex and other file types.
What will I do with it? See how secure my box is, check for missing files, the usual.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cleaning Portsnap files in /var/db/portsnap/files bram85 FreeBSD Ports and Packages 2 5th October 2009 09:54 AM
Intesting reading on recent X11 changes vermaden General software and network 4 14th May 2009 03:39 AM
Trouble reading manpage IIMarckus OpenBSD General 3 18th October 2008 05:08 AM
merging log files Sylhouette FreeBSD General 5 9th August 2008 02:46 AM
How to sync files over ftp graudeejs FreeBSD General 4 4th August 2008 10:18 PM


All times are GMT. The time now is 09:05 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick