LINBO and "self-healing" workstations
Hi,
as we are just discussing future development, I would like to
understand the concept and the ideas behind LINBO and "self-healing"
workstations better.
>From a quick search I found that it is used to quickly (re-)install
workstations that are spoiled.
Ok, now I know from my system here at the local school (MS-XP
Musterlösung Baden-Württemberg) that there is need to make a "clean
table" at least every year where all user data and all accounts are
removed (and probably the whole sytem is set up again). However, this
system also doesn't allow users to use the command line, but you can
write your commands in a batch file and execute that, so I wouldn't
expect too much from its security aspects.
However, I would have hoped that we can do better. Is it really on a
regular basis that machines are attacked and spoiled in the evil
school environment? How often does that happen? Where are the flaws
that allow compromising the machines, is there anything known about?
It is clear that a "professional" cracker can attack the system, but I
would expect that he can as easily attack infrastructure that is not
self-healing like tjener (and thereby much more interesting). To live
with those crackers, I think the only way is to use the strategy of
the nightclub-owner: Ask (at least half of) the guys that cause you
troubles to make sure there is no trouble anymore.
It would be nice if admins running the system under real conditions at
school can comment and help me getting off my naive and unrealistic
attitude.
Concerning the integration in Debian, it might be interesting to look
at something comparable (?) that just appeared these days from Michael
Prokop and team:
<URL:http://michael-prokop.at/blog/2011/01/07/booting-iso-images-from-within-grub2/>
Again, perhaps there is also a way to cooperate and work together.
Cheers,
Andi
Reply to: