Puppy Linux Discussion Forum

[sickgut]

I put it to the puppy communty that the firewall loading as default on puppy is a waste of resources and is not needed.

The amount of tech knowledge here on this forum is vast, it represents the large part of the knowledgeable tinkerers and may even be refered to as leet.

So the purpose of this post is to try and assess the real actual threat that exists to a linux system that has no firewall. What would you actually do to a linux system to breach it, that you cannot do to the same system that has a firewall?

I do not want "People say you can do this..." kinda answers or philosophical answers of why you should have a firewall. The only answer that will cause me to detract my statement that a software firewall on puppy is useless is an actual step by step or a demonstration that you can actually do to the system to compromise it.

Until i actually see proof of an actual threat that has been weighed and balanced then i will maintain my statement that the software firewall loading as default in puppy 5.25 is a complete waste of resources. I also believe that the only rason it exists and loads as default is because Windows has the same thing.

If my statements are incorrect then please provide actual demonstratable proof. Like i said teh combined knowlesge of this place is extreem. Having said that if no one here can provide a demonstration of breaching a puppy linux system with no firewall and actually damage the system in an apreciable way, I doubt there is any real threat to a puppy system with no firewall and i suggest it be removed from starting as default.

Have fun.
sickgut@gmail.com

[Flash]

If you run Puppy from a multisession DVD in a computer that has no hard disk drive, as I do, then I can't see the need for a firewall. Even if something from the internet did manage to take over Puppy, which as far as I know has never happened, to restore Puppy to the way it was, I just reboot without saving.

[Jasper]

Hi sickgut,

I am interested so I just ran comprehensive "ShieldsUp" security tests with my firewall off and with my firewall on and in both cases the results were identically perfect.

Whilst that tends to support your argument, since my firewall seems to have neither an important nor a significant impact on my resources I would rather use the firewall unless someone can prove that it is useless (rather than have someone prove that it is useful).

My regards

PS My freeware Windows firewall has three security levels (as well as a learn mode):

Allow most (i.e. everything not specifically blocked).
Block most (i.e everything not specifically allowed).
Block all (i.e, everything in and out).

[Bruce B]

Do you think you have an idea of how much resources the firewall takes?

If so, how do you compute these so-called, "wasted resources?"

~

[Bernie_by_the_Sea]

[rcrsn51]

In my experience, if your computer is behind a router or modem that performs NAT (ie. you have a local IP address like 192.168.x.y), then security testers like ShieldsUp will report that your system is safe. Supposedly, that's because they cannot see past the router.

[Jasper]

Hi Bernie_by_the_Sea,

/root/.usr/share/applications/firewallstate.desktop and the icon changed when I turned the firewall off.

I believe that many firewalls work so I assume that the Puppy firewall works (though I have no idea how well, how powerfully or how flexibly it may work).

My regards

[Bruce B]

[sickgut]

point of my post is to question the usefullness of the firewall. the waste of resources is more of an expression than a technical thing. just like my ex calling me a waste of space tho i could probably scientificly prove that i am only a 75% waste of space due to recent fat reduction in my physique.

so basicly i dont care how much resources the firewall takes its not the point of the post.

also another thing i didnt mention is that when you start adding things that have no use it confuses people. Like ive already had to deal with the questions related to me decieving people about linux due to the firewall. after advising some people that puppy really doesnt need a firewall, all of a sudden im a dirtly liar because the new puppy has a firewall. Why would puppy have a firewall as standard if it didnt need to use it?

its like when people ask you about virus protection for linux when they go through their linux OS and find a linux antivirus program then google for antivirus programs for linux and run 4 of them at once. There is no real substantial virus threat in mass circulation that anyone using linux needs to worry about, yet an antivirus program for linux in itself suggests to the newbie linux user mind that linux is vulnerable to viruses just like windows. This is an example.

There is a reason why windows does have a firewall enabled as standard and that is because of the huge amount of spyware trojans virusses out there that infect a windows system then open up ports etc for people to log in and things. There is a genuine real threat to a windows xp or whatever computer that doesnt have a firewall enabled, especially if it is not behind a hardware firewall.

The purpose of my post was to suggest that unlike windows, linux doesnt have this threat in any real capacity that everyday linux users need to worry about. I am even asking people to actually try and break a puppy system that has no firewall in a completely non realistic way that normal everyday linux users dont need to worry about. and i am suggesting that even under these conditions that puppy doesnt need a firewall at all, one little tiny bit whatsoever, hence making people realise that firewall software loading as default and making the newbie mind actually worry about firewalls and such and have them believe that puppy actually needs a firewall, is completely silly.

[SirDuncan]

[Luluc]

Linux without a firewall is perfectly safe until:

- you run a browser with Flash, Javascript or other scripting technology -- but no firewall will help you with that;

- you run services that interface with the internal network (e.g. a Wifi spot) or the Internet: Apache, Web servers, email servers, FTP, SSH etc.

If, for example, you like to leave sshd running so that you can access your own machine remotely, or if you run Apache for Web development, then a firewall will have some purpose.

Note that many ISPs have their own firewall and usually block incoming requests on low ports like 22 or 80. So even if you are running Apache on default port 80, you can access your test site on http://127.0.0.1 or http://192.168.1.x or something like that on your browser, but people out in the wild will not be able to access it. In that case, you are automatically sheltered.

[r1tz]

[Luluc]

[sickgut]

so what if someone accesses your sshd login? you would have to be extreemly silly to not have a decent password attached to it. in this case (also the same case with 100's of thousands of vps servers with linux on them that are mainly accessed via ssh to administer them etc that generally have no firewalls, i have one myself) the sshd program itself provides the security.

most people dont have the sshd port blocked with a firewall because often the idea of having sshd running in the first place is to access your computer from a network that is outside of your home and from a wifi hotspot or friends computer you have no idea of the ip address you should allow through your firewall to grant you access .

but if you believe your sshd argument has weight then im sure that you can demonstrate a step by step way of accessing a linux system running sshd that is propperly configured and is password protected. Ofcause is not a password you could possibly know or the experiment is moot, and show us how having a firewall prevents someone hacking your sshd server and entering the correct password, then ill eat my hat.

the idea here is to actually breach a puppy linux system that has no firewall, and not be able to do it again if there is a firewall in place.

no use saying someone could do this or do that..... just do it and show us.

[r1tz]