Disk encryption only works to the point where you've got somebody manually unlocking it. If the server can boot itself and start up without human interaction, if somebody gains access, they've got the data.

Here are a few ideas ranging from basic to silly.

• Lock the server in a box. Bolt the box to a wall. Treat it like a safe.

• Make the restaurant contractually liable for the physical security of the software. Make it known that their copy is watermarked and if it ends up on a torrent site, they're liable for the lost sales. But do it without sounding like a douche.

• Physical port blocking: Blank off any USB, serial, etc ports.

• Glue SATA cables into their ports (and block other SATA ports).

• Lock the BIOS. Disable other SATA ports. Disable USB. Disable everything you're not using.

• Rebuild the kernel with make localmodconfig so the only drivers your kernel has is for the hardware it's dealing with.

• Consider full-disk encryption with a physical key like a smart card or a good biometric system. Staff will leave smartcards in (because they've got better things to do) but biometric might work if you implement some sort of auto-shutdown at the end of the day.

• Physical DRM. Dongles devices that form part of the code execution. They're really expensive to create and aren't insurmountable (cite: Autocad's torrid and failed relationship with dongles).

• "Phone home" if the server is opened. Script something up that looks at internal light levels. If they increase dramatically, trigger a SMS via an attached dongle (you might be introducing a new attack vector).

A lot of these things don't just make the server more secure, they make it much less robust and harder to fix... Most of these countermeasures are at least an extra point of failure.

Consider that with most applications, their maximum shelf-life is five years. Making this cheap enough not to bother stealing might be a better strategy.

Giving out your public IP address simply makes you a target. It is like posting your email address. Malicious people will then be able to use your IP and target your computer. Whether they will be successful or not depends on the way you've set up your machine but in any case, the first step will be getting your public IP.

Now, posting your internal IP, is not dangerous at all. For example, my current internal IP is 192.168.0.37. There are certainly thousands of computers all over the world that are connected to their local LAN using the exact same IP. Internal IPs are just that, internal, they have absolutely no meaning outside your own network and sharing them is not dangerous.

The same goes for the rest. All of the information you mention is specific to your local network (assuming you mean the broadcast address of your internal IP, not the public one) and there is no danger in sharing them whatsoever. In fact, please make sure to use real addresses when you ask questions since they can help us understand where the error lies.

In summary, you don't really want to share your public IP or the MAC address of your network card but internal IPs, broadcast address, subnet mask, default route (that's just the internal IP of your router) and DNS servers can be shared with no risk. DNS servers are public anyway and all the rest are internal to your local network and have no meaning outside it.