Results 1 to 2 of 2

Thread: LiveCD's Q

  1. #1
    Senior Member
    Join Date
    Oct 2003
    Posts
    394

    LiveCD's Q

    Become server more protected running from the LiveCD like knoppix or bartcd?

    If it is so what should I use?

    Is it practicaly to do that?
    // too far away outside of limit

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    I would say no. Most of the live CDs are not made for that purpose. First of all... they boot from a CD which is read only. Since its a read only filesystem with a (in many cases) small ramdisk, you are unable to patch. That is, unless you install to the hard drive.

    They are not updated quite as frequently as the major distros where you can just burn a new CD when a security vulnerability has been patched. Plus, to have to download a 500-700MB ISO every time you need to patch... that'd be a pain in the arse. Most security patches are pretty small and can be downloaded pretty quickly.

    These live distros are specialized. They are meant for a specific purpose. Evaluation of a distro, forensics tools, security tools, etc. Seeing that they are crated with just a couple of purposes in mind, they are not very flexible. You can't just say... I'm going to add a mail server service to this box... download the necessary packages and then install. You have to find a live CD distro that meets your exact needs.

    I've seen a honeypot and firewall live distros that boot from CD. IMO, this is a great idea. You load the config from a flash drive or floppy. They fit one specific purpose. Some honeypots just emulate devices and services on the network and log that data to a syslog server. If someone were to compromise that box, they own your honeypot/net. If they can't make any changes... then its easy to detect/recover. They can't install a rootkit or try to delete the logs. Just reboot and find the flaw in your setup. Make the necessary changes and you're good to go. It is often desireable to change the configs for different services, but to not allow changes to the operating system. Since it is read only, you only allow changes on your ramdisk or where you are saving/loading the configs. After your configs are set, you can even just mount that removable media in read only... that will make the whole filesystem read only. Just allowing the ramdisk for swap, etc.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •