Live CD security

Discussion in 'other security issues & news' started by lotuseclat79, Dec 20, 2006.

Thread Status:
Not open for further replies.
  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,096
    I am currently using the Ubuntu Dapper Drake Live CD 6.0.6 LTS, and was wondering how secure is it since it runs out of an in-memory (RAM) filesystem?

    When I bootup, I have saved all of my extension updates to Firefox 1.5.0.3 (about 12) and have a script saved on disk that initiates an iptables firewall prior to connecting to the Internet. I typically mount my Linux (Fedora Core 3) disk to the in-memory file system, bunzip2 and tar my saved Firefox environment and firewall from a tarball, install the firewall and start it from the in-memory filesystem, and the use wvdial to connect via dialup (56k).

    Every bootup is from the Live CD, and I don't mind the little extra work it takes to get the system running. I know that in order to make security updates I would have to install and download the Ubuntu release updates, but it seems like by virtue of using the Live CD there doesn't appear to be much of a security risk. My Firefox browser cache and temporary cookies get cleared every time I shutdown, and I haven't had to install any HIPS, AV, or other software updates like running a Windows OS from MS requires.

    Any thoughts about its security? For example, one scenario I can think of would be if some errant software were to make it onto my system and figure out a few things - would it be able to write to the Live CD and muck things up? How would I check for that kind of a vulnerability? Is it just a matter of the Live CD not being writable? How would I check that and not muck up the Live CD itself? Another scenario would be to write to the hard disk(s) - I have 4. I assume any interloper would have to do a lot of work to figure out what type of file systems I have and then overwrite some executables, if possible. Are the chances of that slim since my system would have to be targeted by a fairly expert piece of malware in order to accomplish anything, or is that what's called being shortsighted? Please respond with some examples if there are any that are known.

    Oh, and I always surf as a basic user, never an Administrator.

    Thanks,

    -- Tom
     
  2. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    It is pretty darn secure if you ask me. Of course, you always could try and make a more minimalistic live cd from your own system (i know someone has made a program that will convert your current system into a live cd which is pretty cool)

    This would cut down on the number of unecessary things running, allow you to configure your own firewall rules, take away from the annoyances of configuring it everytime, etc.

    If you are worried about harddrive access, change the fstab file to make the mounting only be able to occur if you are a root user (or sudoed). That way, if in the very unlikely occurance that a hacker gets access to your system, they won't be able to mount the hard drives since they would need to be root to do so.

    ---edit----
    Here is the link to the arch linux live cd maker, i think you could do it in cygwin (so you could make it on windows), but I am not sure

    Cheers,

    Alphalutra1
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hello,

    Way, way, way too much precaution. You shouldn't worry. You can even install it if you like and do anything you like and you'll still be 100,000 times more secure than using Windows.

    You could try Puppy Linux if you want a super-light super-fast live CD.
    Mrk
     
Loading...
Thread Status:
Not open for further replies.