services more secure on a live cd? - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: services more secure on a live cd?

  1. #11
    Member
    Join Date
    Mar 2007
    Location
    Noida
    Posts
    34
    Hi,
    But with a windows OS, DOS isn't at least required? Ok, I wasn't aware of that.
    Does windows come on a live cd []?
    ---------------------------
    www.IndiaEsecure.com

  2. #12
    Junior Member securitybreach's Avatar
    Join Date
    Oct 2004
    Location
    Altoona, PA
    Posts
    4
    Nope only linux and some versions of bsd do this.
    Thanks
    Linux Registered User# 363317
    "Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken
    Arch-64 Linux
    securitybreach<at>archlinux.us

  3. #13
    yes you can make windows live CD using bartpe or winpe..with xp SP2, you can add recovery programs, antiviurs and all other useful application.

    i have done my cd with these programs.

    MS OFFICE
    KASPERSKEY ANTIVIRUS
    NERO
    AV PERSONAL
    IP SCAN
    PUTTY
    PQ MAGIC
    GET DATABACK
    EASY RECOVERY
    ADMIN PASS RECOVERY
    ACRONIS

    you can download ready cd from ultimate boot cd. it comes with all free programs.
    one of the great day in my life when i found antionline.com

  4. #14
    @ŽΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,694
    Quote Originally Posted by pbrprince
    yes you can make windows live CD using bartpe or winpe..with xp SP2, you can add recovery programs, antiviurs and all other useful application.

    i have done my cd with these programs.

    MS OFFICE
    KASPERSKEY ANTIVIRUS
    NERO
    AV PERSONAL
    IP SCAN
    PUTTY
    PQ MAGIC
    GET DATABACK
    EASY RECOVERY
    ADMIN PASS RECOVERY
    ACRONIS

    you can download ready cd from ultimate boot cd. it comes with all free programs.
    Is it really a live verson of the OS? Or simply a Pre Boot Environment with some software?
    Real security doesn't come with an installer.

  5. #15
    Senior Member
    Join Date
    Oct 2001
    Posts
    872
    This thread made me laugh out loud.

    Services are NOT more secure just because its running off a liveCD. All that means is that your liability of a fscked up harddrive dissapears.

    Example:

    You have ArchLinux 0.8 installed on your harddrive and run an sshd. The version of ssh you're using is: OpenSSH_4.6p1, OpenSSL 0.9.8e. This version has a remote exploit out that allows an attacker to execute arbitrary commands on the OS running that version of the daemon. Conclusion: you are fscked.

    Example 2:
    You have a LiveCD popped in and you decide to run a ssh daemon and have some users on it. You don't have a harddrive in the machine, just a motherboard, RAM, and a CDROM. The version of ssh you are using is: OpenSSH_4.6p1, OpenSSL 0.9.8e. This version has a remote exploit out that allows an attacker to execute arbitrary commands on the OS running that version of the daemon. Conclusion: you are fscked.
    ...This Space For Rent.

    -[WebCarnage]

  6. #16
    its a live cd, you can run winxp sp2 with this cd, even if you dont have hard disk. you can use DVD if you have more programs then 650 mb.

    its useful in admin pass recovery, virus scan, data recovery..etc
    one of the great day in my life when i found antionline.com

  7. #17
    Senior Member Aardpsymon's Avatar
    Join Date
    Feb 2007
    Location
    St Annes (aaaa!)
    Posts
    434
    Quote Originally Posted by [WebCarnage]

    Example:

    You have ArchLinux 0.8 installed on your harddrive and run an sshd. The version of ssh you're using is: OpenSSH_4.6p1, OpenSSL 0.9.8e. ......Conclusion: you are fscked.

    Example 2:
    You have a LiveCD popped in and you decide to run a ssh daemon and have some users on it. You don't have a harddrive in the machine, just a motherboard, RAM, and a CDROM. .......Conclusion: you are fscked.
    Yes, but example 1 worst case scenario for you is a complete reinstall of your OS or perhaps a hard drive full of horse porn or perhaps lots of log files indicating it was your PC that tried to ddos the president's laptop.

    example 2: worst case scenario you reboot and all is well again. Of course, you can't patch your liveCD to stop the problem from occuring in the first place.
    If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.

  8. #18
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Quote Originally Posted by securitybreach
    Nope only linux and some versions of bsd do this.
    Thanks
    No, Solaris does it too. I have it somewhere back in Michigan, there is a Solaris Live CD, which is not Linux and no longer BSD.

    Also somewhere I've seen on here, there was a post about a Windows CD that would run the same way, though I personally haven't ever looked at it or used it so I wouldn't consider it fact.

    Also FreeDOS BOOT works similar and could be considered live.

    Joe:

    Windows hasn't used DOS since.... 98? Something like that, I haven't used it in a while. The NT line removed it's reliance on DOS.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  9. #19
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Quote Originally Posted by Aardpsymon
    your PC that tried to ddos the president's laptop.
    You can make a laptop attack an Etch-A-Sketch????????
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  10. #20
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    The last Windows version to use DOS was Win ME. It is pretty well hidden, but it is still there.

    Win 3.1x was the last version to require a separate installation of DOS

    Win 2000 and XP are DOS free.



    EDIT: I find the original question a little confusing. As mentioned, if you are running something that is vulnerable then you are vulnerable. I could understand it better if you did it in conjunction with a password protected and encrypted hard drive?
    Last edited by nihil; April 3rd, 2007 at 12:45 AM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides