Results 1 to 7 of 7

Thread: Is virus possible using CD boot?

  1. #1
    Junior Member
    Join Date
    Jul 2004
    Posts
    9

    Is virus possible using CD boot?

    I've just burned a copy of Knoppix 3.4 and used it (also tried MandrakeMove a few days ago) and it seems to work fine. Somewhat to my surprise, it even connected automatically to the internet through my high speed cable connection.
    I hope these two following questions aren't stupid, but since I don't know that much about this type of use (running only from the bootable CD), here goes:
    1. As long as Knoppix (or another similar program like MandrakeMove) is booted from the CD, and not set to write to the CD, does that mean it is impossible for a virus, trojan, etc. to get onto my computer? Or is it still somehow possible for a virus, etc. to get onto the hard drive?
    2. If it is still possible for a virus to get onto my computer when surfing, etc., then would my computer be completely virus-proof if I simply disconnected the hard drive prior to booting from the CD and surfing the Internet, as supposedly I do not even need a hard drive to run Knoppix.
    Thanks for any answers anyone can provide.

  2. #2
    Senior Member registered user
    Join Date
    Dec 2003
    Location
    Salt Lake City, UT, U.S.A.
    Posts
    1,338

    Re: Is virus possible using CD boot?

    Quote Originally Posted by John3333
    I hope these two following questions aren't stupid, but since I don't know that much about this type of use (running only from the bootable CD), here goes:
    1. As long as Knoppix (or another similar program like MandrakeMove) is booted from the CD, and not set to write to the CD, does that mean it is impossible for a virus, trojan, etc. to get onto my computer? Or is it still somehow possible for a virus, etc. to get onto the hard drive?
    2. If it is still possible for a virus to get onto my computer when surfing, etc., then would my computer be completely virus-proof if I simply disconnected the hard drive prior to booting from the CD and surfing the Internet, as supposedly I do not even need a hard drive to run Knoppix.
    Thanks for any answers anyone can provide.
    I will attempt to answer both questions at the same time, since they are both related, and this is from "what I feel", and from "what I have heard"

    No system is "completely" impervious - the only way to ensure a "completely" safe computer, is to have it locked in a room, thirty security guards, and thirty guards guarding them, the computer never has a phone line, or connection to it, and its power is supplied by "means that no-one can get it"...

    This is almost impossible, and deffinately defeats the purpose of having a computer in the first place...

    I would say, if you connect, be sure to have "passwords" on all your accounts through the system - that means not only root, but knoppix users, and any others you have. These passwords should not be "easy" to crack. Even if you don't have a hard drive "mounted" when you surf, if the permissions and passwords are so easy to get through, you could have someone connect back to your system, possibly "remotely" mount your drives, and extract what they want.

    Best bet, is to disconnect your hard drive, and use the CD only - that way, if "someone" does manage to get "in" - they only have access to a CD, and with that a read-only operating system. If you pick up a trojan, or virus, all you need to do is reboot the CD, and everything is evaporeated...

    This could be on the side of "paranoid" - but in a world where "people" can pick-off your IP address from normal traffic, as shown in the "Gibson Research --- Shields Up" web site...

    I "never" feel safe, I have a firewall, and only frequent "known" web sites, but, even then, it still may not be the safest...

    Take this as a grain of salt, or as "biblical", either case, my words are penned, and I stick by them,
    Ms. Cuddles

  3. #3
    Senior Member registered user
    Join Date
    Jan 2004
    Location
    Paris, France
    Posts
    203

    simple answer

    firstly Ive NEVER had a virus or at least Ive never caught it.
    Ive not used windows for 5+ years now

    however a few linux viri do exist
    http://www.viruslibrary.com/virusinfo/Linux.htm

    One safe step is to set the root and knoppix passwords to something in case someone ever writes a knoppix specific work...

    But overall just not using windows is your best defense...
    Im presuming you have windows on your hard drive so your worried about that being infected.... but to do that someone would have to write a specific virus to infect windows machines which are vurrently running linux...

    writing a virus for linux is hard work and if measured by infections small reward.... its much easier to attack a windows machine running windows!
    (even with antivirus or behind a firewall)

    In other words i dont want to say its impossible but it has rained frogs and I dont have insurance against being hit by falling frogs! but I do have insurance for my car ...

    I'd worry about getitng a windows virus....
    I might consider the possibility of a native linux virus ...
    but the idea of a linux virus written to infect a windows partition froma live Cd is just too unlikely for me to worry over....

  4. #4
    Senior Member registered user
    Join Date
    Mar 2004
    Location
    Berlin
    Posts
    436

    Re: Is virus possible using CD boot?

    [quote="Cuddles"]
    Quote Originally Posted by John3333
    but in a world where "people" can pick-off your IP address from normal traffic, as shown in the "Gibson Research --- Shields Up" web site...
    Well - how should a server respond to you, without knowing your IP?

    An attacker needs your IP but he needs much more (or could find your IP by probing it, like sasser does).
    I don't know whether your knoppix is looking for updates or why it connects automatically to the internet - perhaps only to prove it's possibilities.

    If you don't open ports, an attacker has poor chances to get into your system.
    List your open ports with:
    Code:
    #get your IP:
    ifconfig ppp0
    # see open ports
    nmap -v YOUR_IP
    From a scientifical viewpoint, a virus may infect your system - from a practical viewpoint not.

    How would you disconnect the harddrive - by unplugging the hardware? That should be supersecure, but I guess you have to wait some months or years, until linux-viruses occure in the wild.

  5. #5
    Junior Member
    Join Date
    Jul 2004
    Posts
    9
    Thanks for the reassuring info regarding my original post on whether a virus infection is possible when running Knoppix from a CD. It seems so unlikely that I may not even bother to disconnect (unplug) my hard drive while surfing the Internet. (I had been thinking about running a cable connection outside the tower to make this easy to do.)
    Cuddles said in the first reply to my query that it is also a good idea to set up difficult passwords to prevent anyone from accessing my accounts. Since I don't get any chance to set passwords when I boot from the CD, and since I seem to remember reading somewhere that access to the hard drive is automatically locked, is this still something I should do? If so, how do I go about setting up passwords when I am never given the opportunity to do so upon bootup? I'd appreciate any info on this, too.
    Again, thanks for the replies to the original posting.
    (There is one thing I should clarify about my original post. I used the wrong terms when I said that upon booting, Knoppix automatically connected to the Internet. What I meant was that it automatically configured my Internet connection, so that all I had to do to surf the Internet was click on a web browser.)

  6. #6
    Senior Member registered user
    Join Date
    Mar 2004
    Location
    Berlin
    Posts
    436
    I assume you're not running any services, (web-server, ftp-server, app-server, db-server, irc-server, ...) no sshd, telnetd, etc.
    How should a remote cracker get into your machine?

    If you don't have a door, you don't need a lock.

    My first linux-newbie-installations HAD a webserver running by default (apache) in the mid-90ies. But this shouldn't be common to nowadays installations/ bundles.

  7. #7
    Senior Member registered user
    Join Date
    May 2003
    Posts
    981
    Quote Originally Posted by John3333
    Thanks for the reassuring info regarding my original post on whether a virus infection is possible when running Knoppix from a CD. It seems so unlikely that I may not even bother to disconnect (unplug) my hard drive while surfing the Internet. (I had been thinking about running a cable connection outside the tower to make this easy to do.)
    I certainly wouldn't do this. I think the risk of hardware damage due to power surges while plugging/unplugging things is far greater then any risk from a hacker or virus.
    Cuddles said in the first reply to my query that it is also a good idea to set up difficult passwords to prevent anyone from accessing my accounts. Since I don't get any chance to set passwords when I boot from the CD........If so, how do I go about setting up passwords when I am never given the opportunity to do so upon bootup?
    Once Knoppix is up & running, just type 'sudo passwd' in terminal to set the root password and 'sudo passwd knoppix' to set a knoppix iser password. You will of course have to rendo this with each boot.
    and since I seem to remember reading somewhere that access to the hard drive is automatically locked, is this still something I should do?
    Access to the HD is not actually 'locked'. In Linux, you must 'mount' a drive (or any other device) before you can use it. The HD partitions are detected but not mounted at startup so cannot be accessed until they are mounted, usually by clicking on the appropriate desktop icon. They are then mounted read only by default. If the user wishes to write to a file on the HD, he must change this mounting to read/write access: Right click on the icon, scroll down to 'actions', select change read/write mode. (or right click on the icon, select properties, select device, uncheck 'read-only').
    [quote]

    When you think about it, this is actually a fair bit of built-in security. First, a virus would have to be a LINUX virus---rare. Then it would be attempting to attack a CD-ROM...would be unable to make a permanent change without a CD burner. If it attempted to attack the HD files, it would be unable to find any as they are not mounted (type 'ls /mnt/hda1' without mounting hda1, see what you get) or they are mounted read-only. You must be root to mount things, if you have set a root password the virus or hacker would then have to get past the password to mount the drive.
    Finally, if you have been careful about not leaving sensitive information laying arout accessible on the system, it wouldn't find anything damaging even if it did manage to get this far.
    Compared to the average Windows-no passwords-at-all system I'd feel pretty safe.

Similar Threads

  1. virus cleaner
    By upnorth in forum General Support
    Replies: 1
    Last Post: 03-04-2005, 12:11 PM
  2. virus scanning in knoppix?
    By Coco in forum MS Windows & New to Linux
    Replies: 8
    Last Post: 11-30-2004, 11:39 PM
  3. anti virus software
    By styven in forum General Support
    Replies: 3
    Last Post: 11-10-2004, 06:01 PM
  4. Virus Removal?
    By HitmanKB in forum MS Windows & New to Linux
    Replies: 2
    Last Post: 09-22-2004, 03:37 AM
  5. Knoppix for Virus Scanning
    By SolarCat in forum General Support
    Replies: 17
    Last Post: 07-02-2004, 09:10 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Intel Core i5-13400F Processor (2.5 GHz, 10-Core, LGA 1700) - BX8071513400F picture

Intel Core i5-13400F Processor (2.5 GHz, 10-Core, LGA 1700) - BX8071513400F

$120.00



AMD Ryzen 5 4500 6-Core, 12-Thread Unlocked Desktop Processor [AMD Ryzen 5 4500] picture

AMD Ryzen 5 4500 6-Core, 12-Thread Unlocked Desktop Processor [AMD Ryzen 5 4500]

$54.95



Intel - Core i7-14700K 14th Gen 20-Core 28-Thread - 4.3GHz (5.6GHz Turbo) Soc... picture

Intel - Core i7-14700K 14th Gen 20-Core 28-Thread - 4.3GHz (5.6GHz Turbo) Soc...

$444.99



AMD Ryzen 9 7950X3D Gaming Processor - 16 Core And 32 Threads - 5.70 GHz Max Boo picture

AMD Ryzen 9 7950X3D Gaming Processor - 16 Core And 32 Threads - 5.70 GHz Max Boo

$449.99



Intel Xeon E5-2680 v4 SR2N7 2.40GHz 35MB 14-Core LGA2011-3 CPU Processor picture

Intel Xeon E5-2680 v4 SR2N7 2.40GHz 35MB 14-Core LGA2011-3 CPU Processor

$14.99



INTEL CORE I3-4130 2-CORE 3.40GHZ CPU PROCESSOR SR1NP picture

INTEL CORE I3-4130 2-CORE 3.40GHZ CPU PROCESSOR SR1NP

$2.65



AMD Ryzen 9 7900X3D - 12-Core 4.4GHz AM5 120W CPU Desktop Processor picture

AMD Ryzen 9 7900X3D - 12-Core 4.4GHz AM5 120W CPU Desktop Processor

$329.00



Intel - Core i5-14600K 14th Gen 14-Core 20-Thread - 4.0GHz (5.3GHz Turbo) Soc... picture

Intel - Core i5-14600K 14th Gen 14-Core 20-Thread - 4.0GHz (5.3GHz Turbo) Soc...

$339.99



INTEL CORE I7-9700K PROCESSOR | 3.60GHZ | SRG15 picture

INTEL CORE I7-9700K PROCESSOR | 3.60GHZ | SRG15

$159.99



INTEL CORE I7-10700 PROCESSOR | 2.90GHZ | SRH6Y picture

INTEL CORE I7-10700 PROCESSOR | 2.90GHZ | SRH6Y

$184.99