-
January 22nd, 2007, 03:56 AM
#1
services more secure on a live cd?
just a quick question. i was reading a manual on proftpd and one suggestion it had was to run the server OS from a bootable live cd. does this actually improve security? why? wouldnt it be a standardized os that could be even more easily exploited? i thought id pass the question in front of you guys.
if God was willing to live all out for us, why aren't we willing to live all out for Him? God bless,
Godsrock37
my home my forum
-
January 22nd, 2007, 10:32 AM
#2
My first thought would be that if I am running an OS from a bootable CD then it cannot be written to or infected?
-
January 22nd, 2007, 05:02 PM
#3
Originally Posted by nihil
My first thought would be that if I am running an OS from a bootable CD then it cannot be written to or infected?
Sortof... It limits what you would call "permanant" damage? Although, the OS itself is either run purely from a RAM drive, or from a combination of RAM and swap...
Vulnerabilities remain present, and exploitable.
It may be less secure as well, since ISO based distributions tend to be slightly less up to date in my experience, and are more difficult to permanantly configure.
Real security doesn't come with an installer.
-
January 30th, 2007, 05:33 AM
#4
Junior Member
Well actually, when running a live CD or DVD the file system on the hard drive is still readable and most of the time writable. So the OS you are running from the live DVD cannot be infected but the OS on the hard drive can be infected. Now if you do not have a OS installed on the harddrive and just use the live dvd you should be secure.
Thanks
Linux Registered User# 363317
"Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken
Arch-64 Linux
securitybreach<at>archlinux.us
-
January 30th, 2007, 06:02 AM
#5
How would the CD/DVD player function to run the OS if there was no OS on the HD?
-
January 30th, 2007, 06:27 AM
#6
Junior Member
Well you boot the live CD or DVD using the bios. So whats on the harddrive or lack of would not matter. I have done this with a formatted hard drive with nothing installed on it. Well nothing useable. For instance, I had linux installed but would not boot, so I used a live cd to modify config files so I could boot it. I also ran a live cd for awhile with no hard drive on the machine. I got a bios error but it worked.
A LiveDistro does not alter the current operating system or files unless the user specifically requests it. The system returns to its previous state when the LiveDistro is ejected and the computer is rebooted. It does this by placing the files that typically would be stored on a hard drive into temporary memory, such as a ram disk. In fact, a hard drive is not needed at all. However, this does cut down on the RAM available to applications, reducing performance somewhat.
http://en.wikipedia.org/wiki/Live_CD
Thanks
Last edited by securitybreach; January 30th, 2007 at 06:33 AM.
Linux Registered User# 363317
"Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken
Arch-64 Linux
securitybreach<at>archlinux.us
-
January 30th, 2007, 06:48 AM
#7
But with a windows OS, DOS isn't at least required? Ok, I wasn't aware of that.
-
March 25th, 2007, 04:16 PM
#8
Originally Posted by JPnyc
But with a windows OS, DOS isn't at least required? Ok, I wasn't aware of that.
...
Wow.
Real security doesn't come with an installer.
-
March 25th, 2007, 07:03 PM
#9
yeah...ummm.....wow....someone is still thinking in terms of 3.1
If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.
-
March 25th, 2007, 08:25 PM
#10
Now I'm starting to doubt his job qualifications. Not to mention his right to take HOT ***** ********** **** NECTAR out of my signature.
Real security doesn't come with an installer.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|