“Curtailing Web defacement using a read-only strategy”

Cooks and Olivier


Citation information

A. Cooks and M. S. Olivier. “Curtailing Web defacement using a read-only strategy”. In: Proceedings of the Fourth Annual Information Security South Africa Conference (ISSA2004). Work in progress paper, published electronically. Midrand, South Africa, June 2004


Web defacement is the act of altering the contents of a web site with malicious intent, sometimes associated with vandalism and sabotage.

Web defacement results in extreme embarrassment to the web site owner, regardless of the commercial interest in the web site. However, persons and companies who are targets of web defacement, often have substantial interest in maintaining the professional image and integrity of the web site.

While proper security management and appropriate security tools can be used to avoid this embarrassment, the complexity inherent in current systems implies that loopholes often exist.

This paper proposes a solution that uses read-only media to address the problem of web-defacement. In order to be trustworthy, such a system should have no persistent writable media - otherwise a cracker could potentially change the system to serve web pages from this medium, rather than from the read-only medium.

In addition, the volatile memory needs to be reset frequently to minimise attacks targeted at this potentially weak spot. Such resetting should not compromise availability or auditability.

The solution proposed in this paper uses read-only DVDs and custom live CD versions of the Gentoo Linux distribution, to achieve trustworthy, read-only media. The simplicity provided by the use of read-only media achieves a level of trust that is hard to achieve in any other way.

Full text

A pre- or postprint of the publication is available at http://mo.co.za/open/deface.pdf.

BibTeX reference

AUTHOR={Andrew Cooks and Martin S Olivier},
TITLE={Curtailing Web defacement using a read-only strategy},
BOOKTITLE={Proceedings of the Fourth Annual Information Security South Africa Conference (ISSA2004)},
ADDRESS={Midrand, South Africa},
NOTE={Work in progress paper, published electronically} )

[Publications] [Home]
Page maintained by Martin Olivier
Database updated: November 8, 2015

Beta version of new bibliography database; please report errors (or copyright violations) that may have slipped in.