From owner-freebsd-questions@FreeBSD.ORG Tue Oct 5 17:24:56 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA9CE16A4CE for ; Tue, 5 Oct 2004 17:24:56 +0000 (GMT) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6311743D46 for ; Tue, 5 Oct 2004 17:24:55 +0000 (GMT) (envelope-from nkinkade@fastmail.fm) X-Sasl-enc: KKTQkMJctaZ7qCd5UP4THw 1096997093 Received: from gentoo-npk.bmp.ub (unknown [206.27.244.136]) by www.fastmail.fm (Postfix) with ESMTP id EB392C2F319; Tue, 5 Oct 2004 13:24:52 -0400 (EDT) Received: from nkinkade by gentoo-npk.bmp.ub with local (Exim 4.21) id 1CEt1T-0001eq-3y; Tue, 05 Oct 2004 11:22:47 -0600 Date: Tue, 5 Oct 2004 11:22:47 -0600 From: Nathan Kinkade To: ted@milbaugh.com Message-ID: <20041005172247.GC3633@gentoo-npk.bmp.ub> Mail-Followup-To: ted@milbaugh.com, Cristobal Miguelo , freebsd-questions@freebsd.org References: <20041004163650.GM3633@gentoo-npk.bmp.ub> <20041005042331.14030.qmail@web53801.mail.yahoo.com> <20041005161249.GX3633@gentoo-npk.bmp.ub> <2861cf0f041005092714662997@mail.gmail.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ylUvUtShPtQAJVVd" Content-Disposition: inline In-Reply-To: <2861cf0f041005092714662997@mail.gmail.com> User-Agent: Mutt/1.5.6i Sender: cc: Cristobal Miguelo cc: freebsd-questions@freebsd.org Subject: Re: Booting to CD and the handing off to HD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Nathan Kinkade List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Oct 2004 17:24:57 -0000 --ylUvUtShPtQAJVVd Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Oct 05, 2004 at 12:27:54PM -0400, Theodore K. Milbaugh wrote: > On Tue, 5 Oct 2004 10:12:49 -0600, Nathan Kinkade wr= ote: > > On Mon, Oct 04, 2004 at 09:23:31PM -0700, Cristobal Miguelo wrote: > > > > > On Sun, Oct 03, 2004 at 08:58:05PM -0700, Cristobal Miguelo wrote: > > > > > Hello, > > > > > > > > I would like to have it completely automated: > > > > > > The machine goes down at 4am for the check and boots to cd, then the = cd > > > controls the hand-off to the hard drive. I'd like to have the BIOS > > > setup to only boot the cd and if the HD checks out ok, boot up the HD. > > > That way there is a slim chance that any security breach will last > > > beyond one night on my machine. I seriously doubt a security breach > > > will occur, but I want to close every door imaginable. > > > > > > Anything else that could be done? > > > > > > Thx > > > -C > > > > >=20 > > What is the reason that you find it necessary to reboot the machine to a > > CDROM every morning? Are you sure that there isn't a way to run your > > checks while booted to the harddisk? I am fairly sure that you will > > never find a way to have the BIOS selectively boot either the CDROM or > > the HD based on some OS specific factor, such as a successful check of > > the HD. I have a feeling that there may be a better way to accomplish > > your goal without a reboot to CDROM every morning. Will you tell the > > list more about what you are trying to accompish? > >=20 > > Nathan >=20 > Since the code that checks the HD is on a CD, it is unlikely to be > compromised. Any check in the running OS could be compromised, which > the poster wants to avoid. > Also, the BIOS will not be selectively booting to CD or HD, it will > only boot to the CD. The CD-based check of the HD will be booting the > disk if it checks out okay. > This still doesn't fully make sense to me. It seems to me that this is looking at security from the wrong direction. It is certainly a good thing to think about how one can mitigate the actions of a cracker after they have already got into the system. However, it seems like a better initial approach to focus on keeping crackers out in the first place, thereby obviating the need to go to extreme measures to avoid alterations to a file on the disk. As was already suggested, I would focus on keeping people out, and then use tools such securelevels, read-only mounted files systems and the like to help protect the system should someone happen to get in. Regarding booting to the CDROM or HD, I'm not sure I understand the difference between what you are saying and what I said in my previous reply. How can the CDROM "boot" the machine to the HD? If the machine reboots the BIOS will take control and boot the machine according to it's device priority. If there is a bootable CD in the CDROM device, and the BIOS is set to boot to the CDROM first, how can the machine be made to boot the HD prior to the CDROM? The only possible way I can think of would be to have the CDROM booted OS eject the CDROM tray before reboot, then have the HD booted OS close the CDROM tray again. Nathan --=20 PGP Public Key: pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xD8527E49 --ylUvUtShPtQAJVVd Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBYthnO0ZIEthSfkkRAjm+AJ4wXZAWRXCTBHQIKhmE3egZmgmI/ACfY3ai 4qCKHVP9w8VGDzJllS4obLU= =XO9s -----END PGP SIGNATURE----- --ylUvUtShPtQAJVVd--