How safe is running from hard drive?

[Barkin]

It's still possible for malware to be injected into the browser , even on a Linux computer. Like a hidden addon to the browser which functions as a keylogger , to or redirect your browser (browser hijack).

do you have some examples ..eg addons to avoid for example? sites that do this... what approval messages to be wary off before adding an addon?

You don't have to deliberately add a malicious addon, just by visiting a webpage it can be added, (unless you have JavaScript disabled, e.g. by NoScript addon ) ...

There are not mechanism to restrict the privileges and execution scope of add-ons.
JavaScript functions can hook into the browser interface every time Firefox loads. They can collect keystrokes from Firefox browser interface. The JavaScript XMLHttpRequest object can be used to exchange data with a server in background.

http://www.exploit-db.com/wp-content/themes/exploit/docs/24541.pdf

https://www.google.com/search?q=Malicious+Firefox+Add-Ons+Keylogger

[mikeb]

But then some script kiddie came up the the idea of hiding the exe in a jpg or powerpoint presentation

Actually microsoft added the mechanisms for the script kiddie to exploit...it was a selling point for business lan users to have their office documents make pots of tea and play jingles...wonderful...but expose that to the internet you have a large nightmare.... If Microsoft had not been so criminally neglegent with the software they inflicted on the public starting in the mid nineties the world wide paranoia of seeing the internet as a 'dangerous place' we see would most likely not exist.

You don't have to deliberately add a malicious addon, just by visiting a webpage it can be added, (unless you have JavaScript disabled, e.g. by NoScript addon ) ...

javascript doing such naughties while being on a malicious site...ok... but being used to install an addon to continue it afterwards without user intervention?

related is

Using your expression (I love it!), a "Linux script kiddie" could just as well write a
keylogger for Linux,

certainly...but how would he get this installed and running on linux without user intervention? Bear in mind we are using a system designed and used for public servers.

The posibilities are awkward and convoluted on linux.... A burglar is checking out a street deciding which house to go for... one house has only a front door with a secure multi point lock, the windows are high and non opening and the walls are smooth. The other has a side door thats using a yale lock. The lights are on and its easy to see no ones in. The windows are in poor shape and use those stays that you can easily work loose. Several strong drainpipes exist next to the windows.
Which house does he choose?
Its not security by obscurity, its security by difficulty.

Scripts in jpegs on wine..good point...depends how closely wine is imitating windows. One to test perhaps.

Its always curious to get emails from people who obviously have that malware thats comes via email and that sends out spam to everyone in their address book ...we got that in 2002 when we first had a PC....so the same malware is still floating around doing its thing....many people still use outlook express. Its all too easy...why tackle the hard stuff when the vast majority have a choice of simple methods to proliferate your crap, pseudo 'protected' by programs that can be circumvented by a name or byte order change.

hyperthetical possibilities abound... real threats carry on and are sold to the public daily.

I suppose I want linux users to relax and enjoy what they have.

Mike.

[Oh Carolina]

Hi Musher0,

Thanks for the post.
I tried to follow the method you said to end "World Access" but the results of the file path are as shown in the attachments.I was a bit confused,maybe not computer savvy enough for this (don't want to make a mess of anything) .

My main concern is that I would not want the computer running Puppy Carolina to put the security of the Windows computers that share peripherals and an internet connection at added risk. .No financial or private matters would be processed on the Carolina machine.The Carolina is more a computing corner hobby /internet thing. Any suggestions or advice most welcome.

Hope you have had a good night and have woken to better weather than we have here in U.K.

BFN

Oh Carolina.

[Oh Carolina]

Hi Mike,

Yes I agree that the Microsoft and Apple folk have a lot to answer for .
It's not long ago that we were being assured that the Apple devices were bullet proof and un- targeted..If the only reason Linus is "safer"is that its not a big enough target ,what happens when it gets huge?
Of course if the world wasn't driven by capitalism/consumerism and greed we would have no villains to trouble us.

BFN
Oh Carolina

[musher0]

Hi, Oh Carolina.

Thanks for your kind words.

I'm not familiar with the Carolina Puppy. I stayed away from it because it uses the
xfce window manager, which I find clumsy to use and thus I don't like it too much.
(This is only a personal opinion, of course.)

In any case, my little lesson will only be useful to you if you work it from the
ROX-Filer. Is there a ROX-Filer on Carolina? You may want to type < rox > in a
console to see if anything shows up. If the ROX-Filer is launched, then from there,
you can modify the "world" settings as indicated above.

The Puppy is in a corner, eh? In my day, that's where the boss had his/her office...

As to the safety of Windows computers that may be linked to the PuppyLinux one:
there is no danger at all -- as should be clear by now from the posts on this thread.

The only risk would be of retransmitting a Windows document file that is already
infected, but that can't harm the Puppy itself. And as I mentioned, there are some
Linux versions of anti-viruses that you can use to scan and clean Windows files
from a Linux system -- out of courtesy to your fellow workers.

Conversely, looking at the possibility from the PuppyLinux end, the two OS's are
incompatible, so PuppyLinux cannot infect a Windows computer or be a nuisance
to shared peripherals. There are no known viruses for Linux systems yet, it's not
enough fun for a hacker. (Let's hope it'll stay that way.)

However, I've heard that samba (the sharing program / protocol) can be wrongly
configured, but that's not a security risk per se!

Speaking of samba, I've never used it, I'm a free-lancer and work solo, mostly,
so I never had any need for it. Maybe some other Puppy-ist can answer you in
more detail about it.

Good luck and best regards.

musher0

[musher0]

@mikeb:

You wrote:
>

related is Quote:
Using your expression (I love it!), a "Linux script kiddie" could just as well write a
keylogger for Linux,

certainly...but how would he get this installed and running on linux without user intervention?
Bear in mind we are using a system designed and used for public servers.

You're right. The hacker would need proper permission to install his nasty code on
the Linux computer, and that's impossible from the outside. I had forgotten about that.

BFN.

musher0

[anikin]

Hi musher0,

This world-access tip is the best, I've seen on Linux security. A quick question - what's the underlying command, that performs it? I'd like to apply the trick to an external, unsquashed main sfs. Any ideas?

Thank you in advance.

[mikeb]

If the only reason Linus is "safer" is that its not a big enough target ,what happens when it gets huge?

Its not security by obscurity, its security by difficulty.

Secure from the ground up. I made Windows secure...for linux I didn't have to do anything. Bear in mind a major percentage of websites are running Linux so not as obscure as you might think and thats a tough enviroment when it comes to security.

Apple use a Unix like system like Linux is...not aware they had major security problems with it...though mocrosoft now have a share of the business now?

Samba...not a fan..never used it though I did get an infection via netbios ports after 2 minutes of a fresh 2000 install online working direct to the net on a usb modem. There is a hack to fix that, though router firewalls effectively protect you .

I use NFS for windows file sharing.

I do wonder if Microsoft are very stupid or clever...the security holes introduced in the late nineties were soon detected and the situation even came to court over the browser integration in 1999. Why is the same system/software still included?. Perhaps selling an operating systems that stuffs itself after a year or 2 is good bisiness, or businessmen make lousy software engineers....we may never know.

mike

[mikeb]

This world-access tip is the best, I've seen on Linux security. A quick question - what's the underlying command, that performs it? I'd like to apply the trick to an external, unsquashed main sfs. Any ideas?

If you feel the urge slax modules use 400 permissions... read only by system only.
chmod 0400 /path/to/file.sfs
or perhaps 0444 would be sufficient.
mike

[Oh Carolina]

Hi Guys (and Girls if any),

Have learned something from this thread and thank all contributors.

Will go and try out my newly resurrected ( by Puppy Carolina )machine and hopefully find out more about the world of Linux.

Just one more thought:-Would Puppy Carolina be happy to share my 160 Gig hard drive with another member of the Linux family??

Thanks again for everyone's help

BFN

Oh Carolina.

[mikeb]

Just one more thought:-Would Puppy Carolina be happy to share my 160 Gig hard drive with another member of the Linux family??

YES!

[musher0]

Hi musher0,

This world-access tip is the best I've seen on Linux security. A quick question - what's the underlying command, that performs it? I'd like to apply the trick to an external, unsquashed main sfs. Any ideas?

Thank you in advance.

HI, anikin.

Thanks for the kudo. Yeah, once you know the trick, it's a bit of a revolution!
And it's so simple to do.

Rox performs the < chmod ug+rwx > command on the selected files and folders.
You can of course use the command by typing it in a terminal. The command means:

"Change ownership of the file or folder to user and group, and make it (the file or folder)
readable, writable and executable."

Therefore, the third option, world access, is excluded (ignored). The world stays outside!

You may fine-tune it for documents, images and text, without the execute part (any file
that does not need to be executed, but only viewed and edited), like so:
< chmod ug+rw file.abw >
OR
< chmod ug+rw file.png >
for example.

As I mentioned before, go easy on the command, don't use it "in bulk" for many folders.
If you do, there's a good chance it'll freeze your system, especially if you use it on more
than one higher level folder at a time.

BFN.

musher0

[Barkin]

@mikeb:

You wrote:
>

related is Quote:
Using your expression (I love it!), a "Linux script kiddie" could just as well write a
keylogger for Linux,

certainly...but how would he get this installed and running on linux without user intervention?
Bear in mind we are using a system designed and used for public servers.

You're right. The hacker would need proper permission to install his nasty code on
the Linux computer, and that's impossible from the outside. I had forgotten about that.

BFN.

musher0

But the malicious addon is a browser thing, not a Linux thing.

Keylogger addons are available for FireFox browser , e.g. , you just need to get one into somone's FireFox browser,
( i.e. this type keylogger is browser-specific, not OS-specific : it will work on Firefox running on Windows or Linux ).

[musher0]

HI, barkin.

You mean ANTI-keylogger addon, yes?

BFN.

musher0

[musher0]

Almost forgot: do you know of any available for the opera browser?

[Oh Carolina]

Hi Mikeb,

Thanks,glad to here that , will go and browse to find Carolina a drive mate.

BFN
Oh Carolina

[mikeb]

Keylogger addons are available for FireFox browser , e.g. , you just need to get one into somone's FireFox browser,
( i.e. this type keylogger is browser-specific, not OS-specific : it will work on Firefox running on Windows or Linux ).

ok.. But how is javascript installing a firefox addon. Or are you talking about a user installed addon?

mike

[8-bit]

Finally, and this is perhaps the killer argument, a W. malware written on W. cannot
run on Linux. Linux cannot execute a W. program natively, period. [/list]


musher0

I was always a bit curious about that last statement.
What about those users that want to run windows games through linux and have installed wine?
Would wine give the malicious script or application written for windows the opportunity to execute?

This goes along with the problems I had been having with my Desktop in locking up and getting blue screen crash dumps in windows as well as lockups there too.

And I have checked the hard drives, processor, and memory with tests from the Windows recovery manager, chkdsk in windows and using e2fsck in linux.

And I still think some nasty has gotten onto one or both of my drives.

I am currently running from a CD boot of Puppy 5.7.1 with one session save to the CD and NO lockups at all when running that way.
I should mention that I was running Slacko 5.5 with wine installed before these problems started.

Sorry to slightly derail this thread, but it goes along with the Topic as to one users experience.

[Barkin]

HI, barkin.

You mean ANTI-keylogger addon, yes?

No an actual keylogger addon for Firefox, not ant-keylogger ...

Keylogger 1.6
by Lipo-Codes

About this Add-on
This addon logs (writes down) every single key press performed on the computer while surfing the Firefox browser.

https://addons.mozilla.org/EN-US/firefox/addon/keylogger-220858/

[mikeb]

So its an addon rather than something installed without the users knowledge via javascript...just wanted to clarify

mike