On Tue, 8 Nov 2005, Alan K Melby wrote:
We have a locked down version of Knoppix Linux that goes straight to
Firefox when you boot from CD and then you can't get out of Firefox and
Firefox can only access one webpage. A Linux shop created it for us.
Would it also be feasible to create a version of Knoppix Linux that,
instead of going straight to Firefox, went straight to a little menu
that would allow you to log on to the Internet, check your connection,
choose a keyboard and input method and type a little bit of text in a
box to make sure it is working, and go to Firefox, but do nothing that
is not on the menu?
It would be feasible, but you have to keep in mind that the more complex
it is, the greater the possibility that someone computer-savvy could
"hack" the system. I'm already skeptical that the CD you have at the
moment is suitably locked down ... for example, if you hold down
CTRL+ALT+F2, do you get a terminal where you can type commands such as
"ping google.com"? It might be worth it to have a few Linux-knowledgeable
security-minded folks poke around at the CD a bit.
But what I'd really recommend is like someone else mentioned, having the
router that all the test computers connect to monitor the outgoing network
traffic and only allow Internet connectivity to the testing server, not to
anywhere else on the Internet. Then you don't have to worry quite so much
about locking down the live CD. (It's far easier than completely locking
down the live CD as well.)
~ Ross
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
