Browser unable to execute script; please use the site map to navigate the site.

Curtailing Web defacement using a read-only strategy

Cooks and Olivier


(Citation)Citation information

A. Cooks and M. S. Olivier. “Curtailing Web defacement using a read-only strategy”. In: Proceedings of the Fourth Annual Information Security South Africa Conference (ISSA2004). Work in progress paper, published electronically. Midrand, South Africa, June 2004


Web defacement is the act of altering the contents of a web site with malicious intent, sometimes associated with vandalism and sabotage.

Web defacement results in extreme embarrassment to the web site owner, regardless of the commercial interest in the web site. However, persons and companies who are targets of web defacement, often have substantial interest in maintaining the professional image and integrity of the web site.

While proper security management and appropriate security tools can be used to avoid this embarrassment, the complexity inherent in current systems implies that loopholes often exist.

This paper proposes a solution that uses read-only media to address the problem of web-defacement. In order to be trustworthy, such a system should have no persistent writable media - otherwise a cracker could potentially change the system to serve web pages from this medium, rather than from the read-only medium.

In addition, the volatile memory needs to be reset frequently to minimise attacks targeted at this potentially weak spot. Such resetting should not compromise availability or auditability.

The solution proposed in this paper uses read-only DVDs and custom live CD versions of the Gentoo Linux distribution, to achieve trustworthy, read-only media. The simplicity provided by the use of read-only media achieves a level of trust that is hard to achieve in any other way.

(Full text)Full text

A pre- or postprint of the publication is available at

(BibTeX record)BibTeX reference

author={Andrew Cooks and Martin S Olivier},
title={Curtailing Web defacement using a read-only strategy},
booktitle={Proceedings of the Fourth Annual Information Security South Africa Conference (ISSA2004)},
address={Midrand, South Africa},
note={Work in progress paper, published electronically} )