You are not logged in.
- Topics: Active | Unanswered
#1 2011-03-16 00:35:06
- FinallyHere
- Member
- Registered: 2011-02-27
- Posts: 8
Verify that MBR hasn't been modified since last boot / overwrite it
I need a way to check if the MBR and /boot partition have been modified BEFORE the system boots and if so, a way to overwrite them with "trusted" backups, again BEFORE the system boots.
Is it possible to accomplish this by booting SOME SYSTEM (which one?) from a thumb drive, that checks the MBR and /boot partition for modifications and tells me if they have been modified and, ideally, offers to overwrite them with previosly stored, trusted versions?
I searched the whole internet ... didn't find anything useful 
PLEASE HELP ME 
Edit:
I know that this can be accomplished by booting some Live-CD and doing all manually. But it should be as minimal as it gets.
Something like: It boots from thumb drive(sdb), checks MBR and boot partition of sda and if they haven't been modified since last boot, it should "chainload" the normal bootloader on sda.
I don't want to mess around with assembler though.
Last edited by FinallyHere (2011-03-16 10:51:03)
Offline
#2 2011-03-17 11:44:57
- stqn
- Member
- Registered: 2010-03-19
- Posts: 1,191
- Website
Re: Verify that MBR hasn't been modified since last boot / overwrite it
What I would do is get the smallest linux distro I can find (or use LFS to make one) and make a bootable usb stick out of it (maybe with unetbootin.) Then it should be easy enough to write a script that uses dd and diff (and maybe md5sum to speed things up) to compare the boot sector and /boot and offer to rewrite them if necessary... And launch grub to boot from sda. The script could be launched automatically before login by tweaking the init scripts or running it as a daemon.
Not a ready-made solution, and I don't know how scriptable grub really is, but since there was no answer yet...
Offline
#3 2011-03-17 14:42:27
- FinallyHere
- Member
- Registered: 2011-02-27
- Posts: 8
Re: Verify that MBR hasn't been modified since last boot / overwrite it
Thank you, for the advice!
Regarding LFS, I'm not fit to do this (yet), but I found an interesting article "Boot an ISO via Grub2":
http://michael-prokop.at/blog/2009/05/2 … via-grub2/
I will try it with this as soon as I have some spare time.
Offline