Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 23 Oct 2014, 00:04
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Viruses in PUPPY Linux, YES, "Viruses in Linux"
Post new topic   Reply to topic View previous topic :: View next topic
Page 5 of 5 [70 Posts]   Goto page: Previous 1, 2, 3, 4, 5
Author Message
Bruce B


Joined: 18 May 2005
Posts: 11130
Location: The Peoples Republic of California

PostPosted: Sat 25 Jun 2011, 14:31    Post subject: Re: Reacting to Media?  

Sky Aisling wrote:
Bruce wrote:

Quote:
My rule is try not to interact with the media...


What do you mean, not to interact with the media? What do you mean by the word *media*?


In the context - the media is flash objects. A movie you watch as an example. Maybe an advertisement.

Some videos encourage you to click on a hyperlink embedded in the video. I don't click on those things. This is an example of what I mean by not interacting.

~

_________________
New! Puppy Linux Links Page
Back to top
View user's profile Send private message 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Sat 25 Jun 2011, 18:12    Post subject:  

nooby wrote:
Thanks Bruce. What user name and password has Puppy?
When are one supposed to set up such for root?


Root has a default password set (as you will see if you open one of the TTYs available, behind your GUI, and try to log in on the that text console...)

Type: <cntl><alt>F1-4 to access those TTYs... F1 is the window, upon which X is launched. F2 and F3 are available console windows. F4 brings you back to the GUI interface.

The default password is "woofwoof". The command "passwd" will let you change it. (this doesn't change that you are already running as root, and automagically logged in, so anything you do has permissions).

_________________
Add swapfile
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sun 26 Jun 2011, 03:11    Post subject:  

Thanks RetroTechGuy ,

now that you remind me then I do recognize the password woofwoof.
and that one get automatically logged in.

Very embarrassingly but I got lost trying to get this part

Quote:
if you open one of the TTYs available, behind your GUI, and try to log in on the that text console...)


Not your fault I am incredibly dense at times. I've used Puppy daily now since a year or so and have remotely heard the word TTY being mention but never had any motivation to know what it refers to.

When I came from the Country and arrived at our Big City then I saw a TTY at the Tele Museum and then later I even sat at one in the Royal HighSchool HAM RadioClub and wow them are impressive.

TeleTYping?

One guy told us about that he was tele something into his Kindle using Puppy so that maybe is something similar then? One use the computer OS and Console as a tele type terminal and send commands to the other computer over some TTY protocol?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Sun 26 Jun 2011, 13:08    Post subject:  

nooby wrote:
Thanks RetroTechGuy ,

now that you remind me then I do recognize the password woofwoof.
and that one get automatically logged in.

Very embarrassingly but I got lost trying to get this part

Quote:
if you open one of the TTYs available, behind your GUI, and try to log in on the that text console...)


Not your fault I am incredibly dense at times. I've used Puppy daily now since a year or so and have remotely heard the word TTY being mention but never had any motivation to know what it refers to.


Well, in Linux, it's among your "devices": tty0, tty1, tty2...

They are basic (nongraphical) console windows. Your first tty window has X running from it, and you have 2 more that are "unused" (and you can switch to those, log in, run "top" or "ps xua" to identify troublesome processes, and kill them from the command line).

When you crash out of X, you end up on a command-line console window -- and from there, can type "poweroff" to completely shut down. Or from this window, you can restart X via "xinit" (and I believe that a couple other commands are synonymous).

Quote:
When I came from the Country and arrived at our Big City then I saw a TTY at the Tele Museum and then later I even sat at one in the Royal HighSchool HAM RadioClub and wow them are impressive.

TeleTYping?


Basically,...Yup...

http://www.linusakesson.net/programming/tty/index.php

_________________
Add swapfile
Back to top
View user's profile Send private message 
The Fly Roper


Joined: 20 Apr 2011
Posts: 4

PostPosted: Sun 26 Jun 2011, 13:17    Post subject:  

Hi everyone. Longtime reader. Love puppy madly.

So here's my thought, which, in spite of the fact that these threads come up at least once a month, isn't brought up enough.

So puppy runs as root. Let's think about the worst case scenario for root user being compromised in puppy, which is (in its current design) a single-user, home system.

You go to a site that attaches malware to puppy. It's a morphing virus that's difficult to track, since the code changes every time it propagates. It attaches to the kernel, which is on most systems the most desirable target.

Puppy user turns off computer. Kernel disappears. Poof.

Puppy user turns on computer. Kernel is brand new, in perfect state from boot disc. So are most of the system files, since they also live on the boot disc.

Puppy lives in a sandbox. Now although, since, while running as root, an attacker could theoretically open any disc drive attached to the device, they might be able to open some drives. Still, turn it off and turn it on, and you've just outwitted the attacker.

A static configuration, such as the one on the puppy disc, solves SO MANY security problems. On a system where all your system files are permanently on the hard drive, running as root means you would either 1) have to find the attacked, modified file, or 2) reinstall the whole system from the ground up and hope the attacker wasn't lurking in your data drives (which I sure hope you put on separate partitions!)

Now, none of these attacks are easy, or particularly likely, ESPECIALLY if you're browsing sensibly. I proposed attacking the kernel because it's one of the few things every subspecies of linux has in common. But let's presume, for the sake of argument, that somebody actually did compromise system files. Now, if you're running a save file, they've attached to a file that you're saving there.

OMG!!!!1!!!1111 You've lost, at most, 1.25 Gigs of stuff! And you almost certainly will know what is important on your save file. Just pull the stuff you care about off of it, create a new save file, and 'shred -u' the last one. Boom, virus gone, completely new OS, and you've lost, what, half an hour?

Now, I'm not saying this is a suitable system for fully automated servers. That's a completely different story. But for a single user system, from a recoverability perspective Puppy is hard to beat. Add the speed and usability that are both priorities of the excellent dev team and you've got a real winner of a system.
Back to top
View user's profile Send private message 
Bruce B


Joined: 18 May 2005
Posts: 11130
Location: The Peoples Republic of California

PostPosted: Sun 26 Jun 2011, 14:31    Post subject:  

Who knows where the kernel even is?

I simply installed Puppy in typical Frugal install. I left the name as vmlinuz, but I could have renamed it.

Even on a typical Frugal install, it is hard to speculate the name of the directory the user made.

Also there is a way to make it unchangeable to the extent even root can't delete or modify it.

~

_________________
New! Puppy Linux Links Page
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Sun 26 Jun 2011, 17:47    Post subject:  

Crazy idea.

What if one rename the needed lupu525.sfs to a password?
And the dir to another password. That way the criminals would have no way to get where them are? Unless whoami reveals such maybe?

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Sky Aisling


Joined: 27 Jun 2009
Posts: 909
Location: Port Townsend, WA. USA

PostPosted: Sun 26 Jun 2011, 19:18    Post subject:  

nooby Writes:

Quote:
What if one rename the needed lupu525.sfs to a password?
And the dir to another password. That way the criminals would have no way to get where them are?


Good Thinking, nooby.
Back to top
View user's profile Send private message 
Sky Aisling


Joined: 27 Jun 2009
Posts: 909
Location: Port Townsend, WA. USA

PostPosted: Sun 26 Jun 2011, 20:03    Post subject:  

In the context of this discussion...

Is a Frugal Install 'safer' than a Full Install?
If so, why?

I, like The Fly Roper, prefer using a Live CD, however, there are times that installation to HDD is preferred.
Back to top
View user's profile Send private message 
The Fly Roper


Joined: 20 Apr 2011
Posts: 4

PostPosted: Mon 27 Jun 2011, 09:17    Post subject:  

well, on a frugal install you could make a hash using the sha*sum programs (sha1sum, sha256sum, sha512sum), store that in a secure, offline location, and calculate the sum again on bootup. In fact, that wouldn't be a tough feature to add to puppy in general. If those sums work out, you can be absolutely certain that the files you're running against have not been modified. You might want to do many rounds, though. Like 5000 or so.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 5 of 5 [70 Posts]   Goto page: Previous 1, 2, 3, 4, 5
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0798s ][ Queries: 13 (0.0061s) ][ GZIP on ]