Read-only media has been a standard feature of computing for a long time – from the write protection rings on tapes, to notches on 5 ¼” floppies, to jumpers on hard disks. The author’s first exposure to read-only media as a security mechanism was several years ago when he first installed Tripwire on a Solaris file server. Tripwire’s documentation strongly urged that the file of checksums be stored on read-only media so that an intruder could not modify them. The only read-only medium accessible at the time was the pitifully small 1.44 MB floppy disk. The floppy disk was sufficient to contain the file of checksums, but what if an intruder hacked the tripwire executables to hide his tracks? Clearly, tripwire itself should be stored on read-only media. Why not store the entire operating system on read-only media? This was hard to do.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
