Classnotes | UNIX03 | RecentChanges | Preferences As we learned in the previous course, most Linux distributions include media that can be booted read-only as a rescue disc. You also can use live-on-CD distributions like Knoppix to boot into a read-only environment to troubleshoot or repair damage done by a cracker.
Remember that you can chroot into your installation and perform maintenance, however always be aware that when chroot-ing you are using the installed system's programs. Thus, if a Trojan is in place, you may wind up doing more damage than good.
Additionally, you can set boot options in LILO or GRUB that allow you to boot your system read-only. Again, you must be wary of trojans (especially trojanned kernel modules) as the danger from unexpectedly compromised files still exists.