Hosting Provided By

Re: security idea - bootable CD to check your system

From: andy baxter <andy(at)earthsong.free-online.co.uk>
Date: Sun Jun 24 2007 - 14:23:47 EDT

Jim Popovitch wrote:
> On Sun, 2007-06-24 at 16:50 +0100, andy baxter wrote:
>
>> The difference is that:
>>
>> a) These all run on the live system they are trying to protect,
>>
>
> Unless you configure them to only write to an offline mount point that
> is normally ro and only rw through external effort.... which is in
> Tripwire's best practices.
>
> -Jim P.
>

OK, this would work. The problem for me is that it would involve turning the media r/w and updating the database every time I run apt-get to install security updates, which I do once a week. If I was running a large server farm and I was looking after it full time, this would be OK, but my situation is that I have two machines, both for personal use, and I don't want to have to devote my entire life to looking after the security on them. The machines are a laptop for general use, and a server which I use for testing and demonstrating small web-based projects I do for people on a voluntary basis. They are connected to the internet by ADSL, with only the server set to accept incoming connections.

The other night, I had my laptop switched on and a sound file I had never heard before played through the speaker (it said 'hello' in someone else's voice). I'm assuming I've been cracked and it was someone's idea of a joke. I've halted the server in case that was their way in, and I'm planning to reinstall both my machines this week, but also looking for a more long term solution which I could put some time into now and save myself and anyone else who wants to use it a lot of trouble in the future.

What I'm looking for is a solution where I can do security updates every week, as my first line of defence, but then have a fallback way of detecting intrusions which I could run maybe every month, which doesn't need too much work to keep on top of it once it's been set up. I can probably find ways of improving my security using existing tools, but it occurred to me that the system I described would be a pretty watertight check on whether a system has been cracked, which is what I'm looking for.

andy baxter.

-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Sun Jun 24 14:23:57 2007

This message: [ Message body ]
Next message: Stephan Wehner: "Re: security idea - bootable CD to check your system"
Previous message: andy baxter: "Re: security idea - bootable CD to check your system"
In reply to: Jim Popovitch: "Re: security idea - bootable CD to check your system"
Next in thread: Stephan Wehner: "Re: security idea - bootable CD to check your system"
Reply: Stephan Wehner: "Re: security idea - bootable CD to check your system"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Jun 24 2007 - 14:30:02 EDT