The standard's called El Torito, bootable CD-ROM, it requires PC BIOS
support, many newer PCs support this, and you can add an Adaptec card and
SCSI CD-ROM to an older PC for this support.
Windows NT4 is probably the most common example of a PC bootable CD-ROM
available today.
NT and Unix can be placed in ROM, but I'd suspect most implementations
create a ramdisk for temporary use, and it still does not stop someone
modifying programs in RAM (buffer overruns etc). However facing an almost
totally read only machine, running nothing but a webserver would probably
make many crackers go away and look for a softer target. You could also
automate monitoring of the audit log, and murder any processes which start
writing, or attempting to write in areas they shouldn't (including the RO
file systems) and/or initiate a system shutdown or restart in this
instance. Most people I'm sure would rather have a webserver off the air,
than full of kiddy porn...
>Compaq Corp. provides a bootable "Smart Start" OS installation CD with
>every Proliant 5000 (many people are using these as
>Netware/IntranetWare or NT file/print/app/web servers). I'm not sure
>how they do it, I believe its a function of the BIOS that "knows" about
the
>CD as a bootable media (probably searches A:, C:, D: etc. for boot files)
if
>nothing is in A: and the hard disk isn't partioned/formatted yet it boots
>from the CD and steps you through installing the rest of the drivers (hard
>drive/NIC/etc.) and the OS you purchased! It's cool and I think they've
>been doing it for awhile.
>Brian Stone
>bstone @
KnowledgeSoft .
com
>>>> Gene Lee <genel @
inforamp .
net> 12/31/96 04:00pm >>>
>On Tuesday, December 31, 1996 2:41 PM, Mark
>Johnson[SMTP:mark @
hercules .
reno .
nv .
us] wrote:
>>I have not set one up yet(Planned for July), but I believe you can have
>>a totally CDROM machine, at least using Novell or NT. Bootable CDROMs
>>and all data on CDROM so you would not have any writable media.
>>
>>Can anyone confirm of deny my thoughts?
>Slackware Linux has a useable filesystem on CD-ROM, however the boot
>partition still has to be HD or Floppy. One thing that puzzles me about
>bootable media is if you have a bootable CD, how does it install the
>drivers for itself to read from the CD to actually start reading the boot
>sector (which supposedly is on the CD). Kind of a Catch-22. Forgive me,
>but
>I'm no PC guru...
|
|
