Firewall/security & emails
Firewall/security & emails
I am just playing with Puppy out of curiosity. In windows, I have Zone Alarm running and this determines what cookies sites are allowed to use and whether they can use mobile code, etc. I understand that Puppy is loaded in RAM, but what does that mean in terms of "bad stuff" wrecking the computer? If a virus is on a web-page or in an email (assuming I can even figure out how to get my email from here...), can it get from RAM into the programs in windows, or does it just disappear when Puppy is exited from? At the moment, I am thinking that nothing gets saved because there is nowhere for it to be saved to. If I can get my emails in Puppy, will they just disappear until I figure out some save location? Thanks.
My understanding is that's what pretty much happens: everything in memory gets flushed on reboot.
I suppose if something is saved to the hard drive, the virus could be saved along with it. However, I'm fairly certain that a linux based virus (there are very, very few to begin with) cannot attack windows stuff.
I could be wrong however.
I suppose if something is saved to the hard drive, the virus could be saved along with it. However, I'm fairly certain that a linux based virus (there are very, very few to begin with) cannot attack windows stuff.
I could be wrong however.
-
Bruce B
Virus authors are not exploiting things in the way you imagine.
Cookies are tracking devices and that's about all they do. SeaMonkey has ways of managing cookies according to your preferences.
There is a malicious JavaScript which might affect users of Linux. The idea behind the JavaScript is to get into your router and change DNS servers. Thereby enabling the bad guys to have some spoofing control, by using bad DNS servers. It does not require user interaction, other than visiting the mal-webpage.
This script can be effective when these conditions are true:
(1) You visit a webpage with this script
(2) You have JavaScript enabled
(3) Your router is using the default password
The majority of users have JavaScript enabled and have not changed the default password in their routers.
This expoit can certainly happen with Windows, but if it happened, it would affect all computers and operating systems behind the router.
Cookies are tracking devices and that's about all they do. SeaMonkey has ways of managing cookies according to your preferences.
There is a malicious JavaScript which might affect users of Linux. The idea behind the JavaScript is to get into your router and change DNS servers. Thereby enabling the bad guys to have some spoofing control, by using bad DNS servers. It does not require user interaction, other than visiting the mal-webpage.
This script can be effective when these conditions are true:
(1) You visit a webpage with this script
(2) You have JavaScript enabled
(3) Your router is using the default password
The majority of users have JavaScript enabled and have not changed the default password in their routers.
This expoit can certainly happen with Windows, but if it happened, it would affect all computers and operating systems behind the router.
This is what I don't understand what things are doing what. The DNS servers are entered in the OS settings - what's the router doing?The idea behind the JavaScript is to get into your router and change DNS servers.
.Thereby enabling the bad guys to have some spoofing control, by using bad DNS servers
What's spoofing control? What do bad DNS servers do?
So, if you have your own password in the router, this isn't going to happen.
-
Bruce B
All three conditions must be true for there to be an exploit.
Changing the password makes one of the conditions false.
Your ISP provides DHCP service to your computer. But in this case it provides the service to your router, which in turn provides DHCP to the computers it serves, i.e., your computer.
DNS is Domain Name Service, a specially crafted DNS server could provide a false address to a domain like mybank.com.
In order to get an overview of DHCP here is a link for you.
http://en.wikipedia.org/wiki/Dynamic_Ho ... n_Protocol
Changing the password makes one of the conditions false.
Your ISP provides DHCP service to your computer. But in this case it provides the service to your router, which in turn provides DHCP to the computers it serves, i.e., your computer.
DNS is Domain Name Service, a specially crafted DNS server could provide a false address to a domain like mybank.com.
In order to get an overview of DHCP here is a link for you.
http://en.wikipedia.org/wiki/Dynamic_Ho ... n_Protocol
-
Bruce B
Now a few words of comfort from our sponsers.
The Internet is literally a network of millions of computers and services. In some ways it is a hostile network.
Linux was born and raised in this potentially hostile environment. Linux as a baby was on the Internet and all its development occured there. Linux was doing this before Microsoft's operating system could even establish an Internet connection without outside vendor support.
Microsoft is a marketing company which does some really stupid things when it comes to even the fundamentals of security.
They never cared or emphasised security, until it became necessary to their survival to market the idea that they care about security.
Even, their latest and greatest WOW (Vista) can be seriously exploited by flaws in thier mouse cursor of all things.
Frankly, I've never heard of a Puppy Linux, (which is not on the bleeding edge of Linux security) - getting biten. Has anyone?
The Internet is literally a network of millions of computers and services. In some ways it is a hostile network.
Linux was born and raised in this potentially hostile environment. Linux as a baby was on the Internet and all its development occured there. Linux was doing this before Microsoft's operating system could even establish an Internet connection without outside vendor support.
Microsoft is a marketing company which does some really stupid things when it comes to even the fundamentals of security.
They never cared or emphasised security, until it became necessary to their survival to market the idea that they care about security.
Even, their latest and greatest WOW (Vista) can be seriously exploited by flaws in thier mouse cursor of all things.
Frankly, I've never heard of a Puppy Linux, (which is not on the bleeding edge of Linux security) - getting biten. Has anyone?
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Never heard of such a thing, no.Bruce B wrote: Frankly, I've never heard of a Puppy Linux, (which is not on the bleeding edge of Linux security) - getting biten. Has anyone?
My sister on her XP machine had to reinstall AVG in order to uninstall it. AVG recently become commercial. It was behaving exactly like a virus, slowing down the system, refusing to uninstall itself etc. In other words the solutions are sometimes bad too.
Puppy is not a security orientated Linux. We run as root, which everyone warns us is very naughty. To be honest some of us (Lobster points claw at self) I download and install anything. Put java and javascript on. Generally throw the operating system about. Run scripts that are buggy etc.
I don't need virus protection. I don't need a firewall (I do use the firewall wizard in Puppy - that is all - in the early days we did not even have that) In fact I don't need the 30% (probably more now) of my time dedicated to security when I was using XP
Security is not an issue in Linux because it has been designed by some of the smartest computer engineers the planet has ever known. To get a Unix/Linux system was not possible to the ordinary person initially. Now we have the hardware to run it. It is different. It has some strange ways. As far as I am aware no one has created a security hardened Puppy. Anyone up for it?
GuestToo is security conscious and keeps tabs on things, as does Barry. if you wish you can browse as user 'spot' rather than route.
http://puppylinux.org/wikka/Security
Just by using Linux, your security has improved to the point where you can use the operating system to do more than check viruses, stop adware, uninstall trojans and all the time wasting that Windows users often have to engage in.
I like XP but it is too slow, too riddled with problems that always manifest after a few weeks or months of use. It takes too long to set up. It does not work for me - I have to work at it.
gosh am I ranting again . . .
I've read about DHCP, DNS, this that and the other. What I haven't done, is understand it.... 
Why is it naughty to run as root? (because things can be installed?)
Frankly, I don't care much about viruses, or the webpage people spying on me and knowing that I am a bore and only look at really ordinary webpages. The only ones that bother me are the villains stealing all of my information and running off to the Bahamas as me....
I was interested to know if something awful happened to the Puppy, whether it would wreck windows. I like the idea of having a completely separate program to use if one goes kaput. (Having said that, I've never had one go kaput in 25-odd years of having computers....)
Why is it naughty to run as root? (because things can be installed?)
Frankly, I don't care much about viruses, or the webpage people spying on me and knowing that I am a bore and only look at really ordinary webpages. The only ones that bother me are the villains stealing all of my information and running off to the Bahamas as me....
I was interested to know if something awful happened to the Puppy, whether it would wreck windows. I like the idea of having a completely separate program to use if one goes kaput. (Having said that, I've never had one go kaput in 25-odd years of having computers....)
-
Bruce B
Because its much easier, you don't have to give yourself extra permission to mess everything up.Why is it naughty to run as root?
Because you are the system and network administrator and must be responsible as such. On a personal computer you cannot avoid being the system and network administrator anyway, its the default title that comes with computer ownership.
Because in the unlikely event that your computer was compromised from the outside -> in, the hacker would have root priviledges.
The upside of being root is you are driving your own machine. Secretly I love it.
Identity theft! What I worry about most in this area is someone breaking into a big database and getting all the stored information from some stupid business, bank or government agency.Frankly, I don't care much about viruses, or the webpage people spying on me and knowing that I am a bore and only look at really ordinary webpages. The only ones that bother me are the villains stealing all of my information and running off to the Bahamas as me....
Want lessons on encrypting your very personal files? The ones you store on the computer?
What I'd worry about is running Windows.I was interested to know if something awful happened to the Puppy, whether it would wreck windows. I like the idea of having a completely separate program to use if one goes kaput. (Having said that, I've never had one go kaput in 25-odd years of having computers....)
The best way I know to wreck it is using its defaults, surfing the Internet and having a very false sense of security by using Zone Alarm.
You install Zone Alarm, you run the Internet Explorer for the first time. You are asked to make a value decision. Do you trust the Internet Exploiter?
Sure, why not?
There you go. Not to mention the flaws in the Internet Explorer, it also is willing to host other applications. They will slip through the firewall and the malware writers know this.
Will Puppy messing up ruin your Windows? Hmmm, not a bad idea, but I rather doubt it.
Puppy has some very powerful tools in it, which could make files and even Windows disappear. Windows has similiarly powerful tools also. But none of these tools run by themselves and you are not likely to accidently use them.
Hope I've been helpful.
There aren't any on my computer...Want lessons on encrypting your very personal files? The ones you store on the computer?
I distrust MS more than any other company I deal with. They have NO right to do things to MY computer.
You mean the mafia isn't trying to get my credit card number? But it was on the newsWhat I worry about most in this area is someone breaking into a big database and getting all the stored information from some stupid business, bank or government agency.
