-
security issues when using a LiveCD
Hi there. I am wondering what security issues arise when using a LiveCD on a machine with an existing OS, in particular Windows. I understand that Knoppix can mount partitions in read-only mode. In such case, one may still save work to a Zip-disk, USB-key, etc. However, as regards access to authentication servers, (we're in a large campus which is predominately Windows (clients and servers)), network access, etc., does the use of a LiveCD (be it Linux, BSD, etc) impose any significant security threats to the existing infrastructure? Thanks in advance.
-
Junior Member
registered user
As long as you allow your users to boot a LiveCD, anything is no longer secure. Don't even think M$ could be intact, there are LiveCDs such as AUSTRUMI built with capabilities to blank the administrator's password even the latest patches or service packs were applied.
-
Senior Member
registered user
does a live cd pose as any threat to your windows network do you mean?
in some ways yes but only if someone is able to boot up a windows machine using a linux live cd and this is only a threat because people can copy what ever data from the hard drive. such as encrypted password files. other then that i dont belive it will pose any threat. unless of course your windows boxes are 1 not configured correctly such as weak passwords(blank passwds) outdated servers (iis netbios etc)but this would be no differnt if someone was using windows and wanted to attack your network. they will be asked for a password when trying to access windows shares
a machine running a live linux cd is unlikly to get compramised. but is possible the servers are not always upto date and local privilege escalation is not that much of a problem. for instance if you was to allow someone to log in using the knoppix account. they could with ease jump to root with sudo su or just su as it doesnt ask for a password from what i remember.
so there are certain threats but you just have to treat them like most normal threats and take steps against them. such as passwording the bios so people cant boot live cds. disabling guest accounts on windows machines. making sure all accounts have passwords(even though ms alot of the time doesnt allow people to sign on with blank passwords)making sure the computers are upto date.
Similar Threads
-
By Cuddles in forum General Support
Replies: 4
Last Post: 09-13-2004, 08:11 AM
-
By NetKatz in forum Hdd Install / Debian / Apt
Replies: 2
Last Post: 05-02-2004, 02:38 PM
-
By pierrevn in forum General Support
Replies: 5
Last Post: 12-12-2003, 07:34 AM
-
By Edix in forum Hdd Install / Debian / Apt
Replies: 1
Last Post: 11-10-2003, 08:20 PM
-
By kipizit in forum General Support
Replies: 1
Last Post: 11-07-2003, 03:08 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Juniper Networks SRX4100-SYS-JB-AC SRX4100 Services Gateway 8x1GbE/10GbE AC
$3299.99
Cisco Meraki MX64-HW Cloud Managed Security Appliance w/AC Adapter Unclaimed
$69.99
Cisco ASA5525-FTD-K9 Security Appliance with FirePower Services
$1000.00
Sonicwall TZ 215 7-Port 10/100/1000 Network Security Appliance
$100.00
Cisco ASA 5506-X Firewall Security Appliance
$29.99
OPNsense six-port Gigabit router/firewall on Lanner FW-7535 hardware
$69.00
Dell SonicWALL TZ300 | Firewall Security Appliance
$30.00
PFSense F80 Firewall | Atom C2358 CPU | 4 Gigabit Ports | 2GB RAM | FANLESS
$75.00
Pulse Secure PSA3000 Security Firewall Appliance SSL VPN
$69.99
Fortinet Fortiwifi 60D FG-60D Security Appliance Firewall / VPN w/ AC Adapter
$34.97