Hello all security experts, I would like to export data from a machine on a business's internal network on a safe media, such that only the files I want exported are on the media. Specifically, I consider the possibility that the machine may already be infected by a malware which adds business-sensitive data to all outgoing media, and would like to defend against such a theoretical malware. The question may be limited to text files.
Things already considered: *The media is a CD, which will be written and then finalized. No USB devices. *An artificial file will be added to the data file, to fill the media as much as possible. This, however, leaves a part of the disk capacity unused - the part used for the structure table (what used to be FAT), which is a place where additional data can hide. *The CD will be read in two different machines, with two different operating systems. One of the systems will be a bootable linux disk, to preserve its (hopefully) initial not-infected status. The listing of files will be performed including hidden files (ls -la in Linux). The person who wrote the files will read them, to verify they contain the correct information. Questions: What else should I do? What about a malware compressing the data, using the extra space for additional data? If I compress the data to avoid further compression, how can the person verify it contains exactly what it should? What can I not defend against? Are such malware as I imagine known? For Linux? Windows? Thanks for considering the problem, -- Orna Agmon Ben-Yehuda. http://ladypine.org
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il