I am a newbie so please have pity:
While looking at my network configuration, I noticed that the file /etc/simple_network_setup/connections contains an unencrypted copy of my WIFI network WEP key in it. The default permission mode is 644 (rw-r--r--). Would I be safer to CHMOD to 600 (rw-------), so only the owner has rights to view the file? I'm concerned that someone might get access to my system files, see the WEP key for the WIFI network, and use it to access my WIFI without my permission.
I hope I'm not overreacting, however I keep my WIFI secured for a reason.
Thanks in advance for any guidance on this.
George
simple_network_setup
Thanks for the help!rcrsn51 wrote:You are working in Puppy, which only has one user - root. So that file is visible to anyone else who sits down at your computer.I'm concerned that someone might get access to my system files, see the WEP key for the WIFI network, and use it to access my WIFI without my permission.
gen81465, have you considered running Puppy from a multisession DVD? When the computer is not in use, the DVD which contains Puppy and all its configuration files can be removed and stored in a secure location.
As for the possibility that someone could find a way to read your computer files from the network side, I don't know. It would depend greatly on how you have configured Puppy and what programs you have installed.
As for the possibility that someone could find a way to read your computer files from the network side, I don't know. It would depend greatly on how you have configured Puppy and what programs you have installed.
-
gcmartin
Re: simple_network_setup
Hi @gen81465. This an important issue for you. But, to help, I need to ask you 2 questions for us to properly help you here on your thread.gen81465 wrote:I am a newbie ... I hope I'm not overreacting, however I keep my WIFI secured for a reason. ,,,
Questions
- Have you had problems, personally, before? If so what were they?
- Where exactly do you see a threat coming from? (Your LAN, someone sitting at our PC, ???)
Thanks in advance
1. My previous problems were with Windows. Someone was able to hack into my computer (past the firewall) and remotely run programs as if on my computer. I finally noticed some odd files on my computer and figured out what had happened. I changed the passwords and it seemed to stop, but I had to uninstall several spoofing programs.
2. I'm not sure where the problems might come from. Having been a Windows user all my life, I've just come to accept being hacked as part of the price to be paid to Bill Gates for his incessant desire to snoop on everyone.
My concern is that if someone (somehow) accessed the specific file, they would see my WEP pass-code in plain English. Even /etc/passwd encrypts the password. It would seem logical to me that other programs would work accordingly. A previous poster said that Puppy isn't a multiuser system anyway; the only user is "root", so I guess it really isn't as big of an issue as I was making it.
2. I'm not sure where the problems might come from. Having been a Windows user all my life, I've just come to accept being hacked as part of the price to be paid to Bill Gates for his incessant desire to snoop on everyone.
My concern is that if someone (somehow) accessed the specific file, they would see my WEP pass-code in plain English. Even /etc/passwd encrypts the password. It would seem logical to me that other programs would work accordingly. A previous poster said that Puppy isn't a multiuser system anyway; the only user is "root", so I guess it really isn't as big of an issue as I was making it.
-
gcmartin
Thanks for helping us with that. I understand.
Linux is an altogether different animal whose behavior is much different from Microsoft. One fact is that each distro, generally, runs and operates differently This alone is a major detractor for those looking for exploitation. The effort is very very high. Unless you are a government who is targeting, this usually will never be undertaken by anyone. (The payback for the effort is way too costly, especially, when there are so many more Windows machines to attack.)
This thread, here, can be of some help in understanding vulnerability. Members, there, have expressed some key things to understand which make your system a safe place to operate. At least, from the standpoint of what you've described in your response to the questions.
You will probably experience a very comfortable ride without issues of penetration of your Puppy PC/system.
Welcome to Puppyland.
Linux is an altogether different animal whose behavior is much different from Microsoft. One fact is that each distro, generally, runs and operates differently This alone is a major detractor for those looking for exploitation. The effort is very very high. Unless you are a government who is targeting, this usually will never be undertaken by anyone. (The payback for the effort is way too costly, especially, when there are so many more Windows machines to attack.)
This thread, here, can be of some help in understanding vulnerability. Members, there, have expressed some key things to understand which make your system a safe place to operate. At least, from the standpoint of what you've described in your response to the questions.
You will probably experience a very comfortable ride without issues of penetration of your Puppy PC/system.
Welcome to Puppyland.