By: cyanne2a

cyanne2a — Tue, 23 Jun 2009 16:38:42 +0000

It is possible – but you can stop it by doing the following:
1. Put a password for the BIOS options
2. Remove CDROM from the boot devices list in BIOS

By: Kevin

Kevin — Tue, 23 Jun 2009 15:18:37 +0000

Nothing is ever totally secure.

By: Kevin

Kevin — Tue, 23 Jun 2009 15:07:50 +0000

To answer your questions,
1) Can you use a Knoppix live CD to hack a supposedly secure computer?
Simply put, yes.
2) How can I protect my laptop against such an attack?
Some basic physical security steps would be
-Take it with you. If you can’t do that, then ..
-Lock it in your desk, file cabinet, office, etc
-If you can’t do that, then lock it in someone else’s.
Some other technical security steps
(provided that these are allowed by company policy)
-Remove the CD Drive and Floppy as possible boot disks in the bios setup
-Then password protect the bios.
3) Would the administrator of my network even be able to detect such a hack?
No, not if done correctly. A good forensic investigator (or hacker) can use a boot CD with an OS like Knoppix that can bypass Windows security and NTFS permissions. The forensic OS is booted, the computers partitions are mounted as read only, and the necessary data can be captured usually using netcat or cryptcat to send a binary image of the disks or partitions to a remote location for later investigation.
There would be absolutely no trace on the hard disk or event logs of any of the activity EXCEPT that the system had been rebooted to boot the forensic OS CD. However, just because there’s a note in the system event log that the system went down and eventually came back up does not in any way indicate that a forensic image was taken.

Comments on: Can You Use A Knoppix Live Cd To Hack A Supposedly Secure Computer? How Can You Ensure Security?

By: cyanne2a

By: Kevin

By: Kevin