Skip to content

Just how safe is that linux distro and will it compromise my system?

March 11, 2007

The list of linux live cd’s has grown large in the recent years. Security distros are becoming ever more popular. I can’t resist but to download a few ISO’s and burn them, since I always enjoy learning about computer security and data forensics.

But hold on. I start to consider; just how safe is it to run any old linux distro on my PC? I feel comfortable to trust ubuntu not to contain malicious code, since it is peer reviewed with a large and wide following of users. But with any of these other numerous unknown distros, how can I know if after booting the CD it doesn’t run some evil adware/spyware/virus/trojan/rootkit and install it on my system without my knowlege?

So I ask around on IRC for peoples opinions… “that’s the chance you take” is one reply. So what to do? Just forget the whole idea because the integrity of my Ubuntu system has become practically sacred and I’m not about to risk it? Do I watch for the hard drive light to flash in case it starts writing over my hard drive with zeros? Curiosity gets the better of me and I try a little experimentation.

I have enjoyed using virtualbox, and knew that I could boot an ISO file or CD-ROM in it. I figure, why not test it first on my virtualbox windows 2000 install to take a look at it first to see it if it’s actually any good. Then it dawns on me–I can do a checksum of the virtual disk before running the distro, then compare the results afterwards to see if the virtual hard drive has changed at all. I also can simply make a backup copy of the virtual hard drive and delete the compromised copy if I need to.

So here’s what I do in the terminal, and a few seconds later I get my checksum:

dimeo@laptop:~/large-data-files/virtualbox-windows2000$ cksum virtualbox-windows2000.vdi

21930562 1515201024 virtualbox-windows2000.vdi

So then I run virtualbox and set it to boot the iso. file for my freshly downloaded security distro, Backtrack 2 that I’m wanting to try out. It works great under virtual box and I get to try out all kinds of port scanners to test the security of our networks. No luck with the data forensics programs for some reason. Feeling content that the distro looks worth the 50 cent CD-R, I quit virtualbox and pull out my cakebox of blank discs. But first a quick check to see if it touched my hard drive. I run cksum again at the terminal and look at that…

21930562 1515201024 virtualbox-windows2000.vdi

I’m pleased to find my virtual harddisk data is exactly as it was at the start– undamaged by my wonted messing around with software of questionable origin.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: