Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encrypted Fileserver with Bittorrent Web Interface

Posted by timothy on from the freenetesque dept.

mistermark writes "I built a fully encrypted (samba) fileserver with a web interface for managing torrent downloads on it. All I used is OpenBSD 3.6 and its package collection, except for the TorrentFlux-interface (which you need to install separately). Anyway, it can be built using binary packages only. I included a rough HOWTO on how to make one of these yourself."

11 of 266 comments (clear)

  1. Re:Piracy how-tos? by Anonymous Coward · · Score: 0, Interesting

    how about protecting legitimate file sharing uses, whether or not the RIAA agrees with them? dont be so quick to criticize, my RIAA stooge friend.

  2. Re:Piracy how-tos? by LebenOjanen · · Score: 2, Interesting

    The truth and something we hear over and over and over and over and over again are two different things. :)

  3. Note to law enforcement. Dont reboot. by Bazman · · Score: 4, Interesting

    I'm guessing the encryption password needs to be re-entered on reboot (before mounting the FS, it seems). So if the feds bust in and kick you off your warez box, as long as they dont switch it off, they've got your 0-day filez in the plain. Just dd it all across the network.

    And oh yeah, with SMB as your network file system, is the traffic securely encrypted? Weakest link, and all that...

    Baz

    PS yes, I know you're only doing legal stuff :)

    1. Re:Note to law enforcement. Dont reboot. by xbytor · · Score: 2, Interesting

      So if the feds bust in and kick you off your warez box, as long as they dont switch it off, they've got your 0-day filez in the plain.

      I've always had the power strip for my box on the floor next to my left foot. If I need to do an emergency power-off cuz the FBI wants to talk to me or because I got some Jenna Jameson on the screen and my boss just walked in, I can hit it in a hearbeat.

      Not that I would ever put myself in a situation like that, but I'd rather be prepared "just in case".

    2. Re:Note to law enforcement. Dont reboot. by Beryllium+Sphere(tm) · · Score: 2, Interesting

      >Just dd it all across the network.

      Of course, that's dd from a CD-ROM full of statically linked programs. Investigators shouldn't trust target machines for anything. And if you ever look at a machine that may wind up in court, make sure you don't do anything that writes to the hard disk.

      The Secret Service guidelines for seizing computers say to consult a computer specialist if possible before doing anything, but if there's no specialist to be had they say to yank the power cord.

      Doing investigations right is *hard*.

  4. Mirror? by Fjornir · · Score: 2, Interesting

    Site is not responding. Anyone have a mirror? Anyone who happened to read it able to comment on how this compares to Freenet ?

    --
    I want a new world. I think this one is broken.
  5. Re:Obstruction of justice by Anonymous Coward · · Score: 1, Interesting

    Damn. When did we turn into such a police state?!

  6. Re:Obstruction of justice by fbjon · · Score: 2, Interesting

    But if the very long and complex password is stored in a file, which doesn't exist, is that obstruction?

    --
    True confidence comes not from realising you are as good as your peers, but that your peers are as bad as you are.
  7. Re:Obstruction of justice by Albinofrenchy · · Score: 5, Interesting

    Password? Encrypted? Officer, those files aren't encrypted, they are just randomly generated files I made... On a more serious note, it would be a nice safety feature if that when a certain wrong password was typed in, it would show an unencrypted version of something completely legal.

    --
    "A man is but the product of his thoughts what he thinks, he becomes." -Mahatma Gandhi
  8. Re:Obstruction of justice by Anonymous Coward · · Score: 2, Interesting

    That already exists. I forget what it's called, but there's a type of encryption where you actually encrypt two files into one, so if someone forces you to hand over the key, you give them a secondary one wich unencrypts the dummy files. Then all they have is, for example, a bunch of fake emails about you cheating on your spouse or something. I mean, if it was just a shopping list, that'd look suspicious, you'd want it to be something that would need to be encrypted, but not of interest to the party forcing you to surrender the info.

  9. Re:You act sure, but you say, "I believe." by Foolhardy · · Score: 2, Interesting
    The only difference between 2000 and XP's EFS system for data recovery agents (DRAs) is that 2000 used to make administrators DRAs by default but XP requires you to do it manually using this procedure.

    Yeah, you can lose your data, if you reset the user's password. Before you reset a password, a big ugly warning box is shown stating that the user might expierence data loss. (a dialog not present in 2000). It's not like you'll magically lose your files in XP for no reason.
    This information means that you can lose your files in Windows XP in a way that you could not lose them in Windows 2000. Microsoft made this change, but provided no on-screen warning.
    This isn't a new way to lose files. It's a simple change in the default configuration. An on screen warning? What do you want, an immense file shown on screen during installation listing all the changes in the operating system since the last version? A warning displayed every time you encrypt a file? What if the user really wants to have no DRAs?

    If you are concerned about the status of DRAs, go and check the group policy yourself.
    If you don't know how to set up and query DRAs correctly (it's not hard) then you shouldn't be using EFS at all.
    It should say, Stand-alone computers CANNOT have a DRA that allows decryption of files from a different computer with the same user name and password.
    Sure you can. Make sure you connect using the "Connect using a different user name" option. You may have to do it by mapping a drive letter. If you have computers where you are maintaining a set of identical users with the same passwords, it's probably time to upgrade to a domain. That's what they are for.