On Thu, 17 May 2007 10:40:11 -0700 "BradenM - Sonoma Computer" <[EMAIL PROTECTED]> wrote:
> Hi; > > In the past, I read an article which told me of a process in which a cd houses > the important system binaries and software and even some settings and is left > outside of the machine so that unauthorized users, and even root, cannot > access the programs unless the disc is within the system's cdrom drive. > Does anyone have any resources which explain and show the process for doing > something similar to that which is stated above? I've heard about someone wanting to do that with compilers and other development utilities. The logic was that if someone broke in, they could not write a small program, compile, and link it on the spot. But, in reality, if an attacker broke in, they'd be more likely to just copy what they wanted from their own machine. Years ago, I considered putting web pages on a CD or DVD for a Windows NT machine so that in order to deface the page, the attacker would have to get to the configuration files and do a lot more work instead of just replacing a few html files. An added advantage would be that since most attacks traversed directories on the same hard drive, they wouldn't be able to get into any system programs by that method. I never did try it, though. Eric Johnson
