[Gllug] Securing a standalone server on a casino floor.

[tid]

I'm about to take on a short project securing a stand-alone server
running an Linux/java-based gambling app driving one display
on a casino floor  - I don't have many details about the app, but the
client wants all physical access to the machine disabled. There
will be two modes: "demo", and "live", which will be controlled by
inserting a USB dongle, then removing it.

I can physically mount the box in a secure cabinet, and am wondering
how much SELinux will bring to the party.

Things I'm thinking of:

 - disable keyboard / mouse access on the mobo if possible
 - remove all networking hardware, or disable on mobo.
 - log as much data as the official auditor requires - I assume this
to be any hardware access / file timestamp changes
 - Can't disable the USB as the app requires it.

What else do people recommend?

Tid
--
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug