-
security issues when using a LiveCD
Hi there. I am wondering what security issues arise when using a LiveCD on a machine with an existing OS, in particular Windows. I understand that Knoppix can mount partitions in read-only mode. In such case, one may still save work to a Zip-disk, USB-key, etc. However, as regards access to authentication servers, (we're in a large campus which is predominately Windows (clients and servers)), network access, etc., does the use of a LiveCD (be it Linux, BSD, etc) impose any significant security threats to the existing infrastructure? Thanks in advance.
-
Junior Member
registered user
As long as you allow your users to boot a LiveCD, anything is no longer secure. Don't even think M$ could be intact, there are LiveCDs such as AUSTRUMI built with capabilities to blank the administrator's password even the latest patches or service packs were applied.
-
Senior Member
registered user
does a live cd pose as any threat to your windows network do you mean?
in some ways yes but only if someone is able to boot up a windows machine using a linux live cd and this is only a threat because people can copy what ever data from the hard drive. such as encrypted password files. other then that i dont belive it will pose any threat. unless of course your windows boxes are 1 not configured correctly such as weak passwords(blank passwds) outdated servers (iis netbios etc)but this would be no differnt if someone was using windows and wanted to attack your network. they will be asked for a password when trying to access windows shares
a machine running a live linux cd is unlikly to get compramised. but is possible the servers are not always upto date and local privilege escalation is not that much of a problem. for instance if you was to allow someone to log in using the knoppix account. they could with ease jump to root with sudo su or just su as it doesnt ask for a password from what i remember.
so there are certain threats but you just have to treat them like most normal threats and take steps against them. such as passwording the bios so people cant boot live cds. disabling guest accounts on windows machines. making sure all accounts have passwords(even though ms alot of the time doesnt allow people to sign on with blank passwords)making sure the computers are upto date.
Similar Threads
-
By Cuddles in forum General Support
Replies: 4
Last Post: 09-13-2004, 08:11 AM
-
By NetKatz in forum Hdd Install / Debian / Apt
Replies: 2
Last Post: 05-02-2004, 02:38 PM
-
By pierrevn in forum General Support
Replies: 5
Last Post: 12-12-2003, 07:34 AM
-
By Edix in forum Hdd Install / Debian / Apt
Replies: 1
Last Post: 11-10-2003, 08:20 PM
-
By kipizit in forum General Support
Replies: 1
Last Post: 11-07-2003, 03:08 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
HPE BL460c G9 ProLiant Blade | 2x Xeon E5-2620V3 | NO RAM | P244BR | 2xHDD Tray
$179.00
DELL PEM640 POWEREDGE M640 BLADE SERVER
$539.95
HP ProLiant BL460c G9 (Gen9) 2x E5-2670V3 12 Core 3.1GHz No Ram or No Drives
$59.98
Cisco UCS B200 M4 Blade Server, 2x2660 V3, 40GbE, No Ram No HDD
$35.95
Dell PowerEdge M620 0F9HJC Blade Server 2*E5-2670 2.60GHz 192GB RAM 2*300GB SAS
$103.99
Dell PowerEdge VRTX Rack Chassis 25-Bay 14.4TB HDD 2x M640 Blade 512GB RAM 2-Bay
$1979.99
DELL M630 BLADE SERVER x2 XEON E5-2660V3 @ 2.6GH H730 PERC HDD CADDIES 16GB FC
$50.00
Dell PowerEdge M640 Blade Server
$539.95
Dell PowerEdge M620 Blade Server
$39.99
DELL PowerEdge M630 Blade 2x E5-2680v4 2.4GHz =28 Cores 128GB H330 2x10Gb X520
$294.00