[syslinux] problem with PXElinux and security of local LAN

Jason Keltz jas at cs.yorku.ca
Mon Dec 19 10:43:57 PST 2005 

That solution sounds interesting albeit a bit complex for me to 
implement.   I'm not sure that I quite understand 3.  If the comboot 
code asks for a DHCP value, and that value is sent across the wire 
encrypted, that seems to require adjusting that code on the DHCP 
configuration on a regular basis as well...  further, I also wonder if 
it would be possible for a machine to insert itself between step 3 and 
4... but definately food for thought.

Jason.

Murali Krishnan Ganapathy wrote:
> Here is an ideal solution. I dont know how much of this is really possible.
> 
> (1) Set your BIOS to boot from the local hard disk.
> (2) Use SYSLINUX as your boot loader and run a COMBOOT code (stored in 
> your hard disk)
> (3) The COMBOOT Code figures out Who the DHCP server it is talking to, 
> and has some kind of check.
> (4) If check works out, then chain boot your PXE ROM
> 
> First this is essentially security by obscurity, i.e. in step (3), I am 
> assuming that the DHCP server sends an additional string X
> (actually COMBOOT code asks the DHCP server for X). There is some magic 
> string hard wired into the COMBOOT code,
> which gets encrypted using the current date as the key. If the encrypted 
> string is X then you can trust the DHCP server.
> If the bad guy finds out the magic string (which is never sent over the 
> network), then there is no security left.
> 
> It would be cool if this can be implemented. One real life situation 
> where SYSLINUX on HDD beats other boot loaders.
> 
> - Murali
> 
> Jason Keltz wrote:
> 
>> Hi.
>>
>> I want to use PXELinux to build a dynamic boot menu for a computer 
>> lab.  Sometimes, the machines need to be in Linux mode/Windows 
>> mode/allow the option of Linux/Windows.  I configured this all fine 
>> with PXELinux.  My problem is really one of security.  Someone can 
>> plug in a laptop with a DHCP server, and tftp server and fake a lab 
>> machine to boot into any mode they desire, or even worse, they could 
>> configure the local machine to boot Linux in single user mode, and 
>> hence allow access to root, local ssh keys, etc.  I can't really think 
>> of any easy way how to solve this problem since there is no way to 
>> authenticate the PXELinux instance that is loading or the 
>> configuration files.   Any ideas?  A locally configured grub could do 
>> the same thing, of course, but using pxelinux, I can change the 
>> configuration of machines that are off so that when they come back on, 
>> they are in the mode that I desire.
>>
>> :(
>>
>> Jason.
>>
>> _______________________________________________
>> SYSLINUX mailing list
>> Submissions to SYSLINUX at zytor.com
>> Unsubscribe or set options at:
>> http://www.zytor.com/mailman/listinfo/syslinux
>> Please do not send private replies to mailing list traffic.
>>
>>
>

More information about the Syslinux mailing list