services more secure on a live cd?
Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: services more secure on a live cd?

  1. #1
    Senior Member Godsrock37's Avatar
    Join Date
    Jan 2005
    Location
    PA
    Posts
    121

    services more secure on a live cd?

    just a quick question. i was reading a manual on proftpd and one suggestion it had was to run the server OS from a bootable live cd. does this actually improve security? why? wouldnt it be a standardized os that could be even more easily exploited? i thought id pass the question in front of you guys.
    if God was willing to live all out for us, why aren't we willing to live all out for Him? God bless,
    Godsrock37
    my home my forum

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    My first thought would be that if I am running an OS from a bootable CD then it cannot be written to or infected?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    @ΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,694
    Quote Originally Posted by nihil
    My first thought would be that if I am running an OS from a bootable CD then it cannot be written to or infected?
    Sortof... It limits what you would call "permanant" damage? Although, the OS itself is either run purely from a RAM drive, or from a combination of RAM and swap...

    Vulnerabilities remain present, and exploitable.



    It may be less secure as well, since ISO based distributions tend to be slightly less up to date in my experience, and are more difficult to permanantly configure.
    Real security doesn't come with an installer.

  4. #4
    Junior Member securitybreach's Avatar
    Join Date
    Oct 2004
    Location
    Altoona, PA
    Posts
    4
    Well actually, when running a live CD or DVD the file system on the hard drive is still readable and most of the time writable. So the OS you are running from the live DVD cannot be infected but the OS on the hard drive can be infected. Now if you do not have a OS installed on the harddrive and just use the live dvd you should be secure.

    Thanks
    Linux Registered User# 363317
    "Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken
    Arch-64 Linux
    securitybreach<at>archlinux.us

  5. #5
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    How would the CD/DVD player function to run the OS if there was no OS on the HD?

  6. #6
    Junior Member securitybreach's Avatar
    Join Date
    Oct 2004
    Location
    Altoona, PA
    Posts
    4
    Well you boot the live CD or DVD using the bios. So whats on the harddrive or lack of would not matter. I have done this with a formatted hard drive with nothing installed on it. Well nothing useable. For instance, I had linux installed but would not boot, so I used a live cd to modify config files so I could boot it. I also ran a live cd for awhile with no hard drive on the machine. I got a bios error but it worked.

    A LiveDistro does not alter the current operating system or files unless the user specifically requests it. The system returns to its previous state when the LiveDistro is ejected and the computer is rebooted. It does this by placing the files that typically would be stored on a hard drive into temporary memory, such as a ram disk. In fact, a hard drive is not needed at all. However, this does cut down on the RAM available to applications, reducing performance somewhat.
    http://en.wikipedia.org/wiki/Live_CD

    Thanks
    Last edited by securitybreach; January 30th, 2007 at 05:33 AM.
    Linux Registered User# 363317
    "Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken
    Arch-64 Linux
    securitybreach<at>archlinux.us

  7. #7
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    But with a windows OS, DOS isn't at least required? Ok, I wasn't aware of that.

  8. #8
    @ΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,694
    Quote Originally Posted by JPnyc
    But with a windows OS, DOS isn't at least required? Ok, I wasn't aware of that.

    ...


    Wow.
    Real security doesn't come with an installer.

  9. #9
    Senior Member Aardpsymon's Avatar
    Join Date
    Feb 2007
    Location
    St Annes (aaaa!)
    Posts
    434
    yeah...ummm.....wow....someone is still thinking in terms of 3.1
    If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.

  10. #10
    @ΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,694
    Now I'm starting to doubt his job qualifications. Not to mention his right to take HOT ***** ********** **** NECTAR out of my signature.
    Real security doesn't come with an installer.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides