Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 21 Dec 2014, 14:21
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Viruses? can I get them?
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 2 of 5 Posts_count   Goto page: Previous 1, 2, 3, 4, 5 Next
Author Message
ragaman

Joined: 14 Jan 2007
Posts: 186

PostPosted: Wed 15 Apr 2009, 06:40    Post_subject:  

Take a look at this:
virused usb.jpg
Description  Here's a USB drive that is full of viruses. Opened in Puppy which was never affected. This infestation would have dropped Windows to its knees.
jpg

 Download 
Filename  virused usb.jpg 
Filesize  82.71 KB 
Downloaded  609 Time(s) 
Back to top
View user's profile Send_private_message 
steve-in-brazil

Joined: 06 Apr 2009
Posts: 30

PostPosted: Fri 17 Apr 2009, 13:06    Post_subject:  

Maybe you can get some of those viruses to work if you use wine.
Back to top
View user's profile Send_private_message 
ragaman

Joined: 14 Jan 2007
Posts: 186

PostPosted: Fri 17 Apr 2009, 23:54    Post_subject:  

My Puppy does have wine.
Back to top
View user's profile Send_private_message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15122
Location: Paradox Realm

PostPosted: Sat 18 Apr 2009, 02:05    Post_subject:  

The most you can hope for with malware is for a javascript hijack
(sorry MS users - you gonna have to ditch your paranoia addiction and security fixes)
In Puppy 4.2 use monkey menu or Alt + ctrl + C to clear any javascript hijacks

Viruses? We are Linux - inoculation comes as standard. Smile

_________________
Puppy WIKI

Edited_time_total
Back to top
View user's profile Send_private_message Visit_website 
JigOS


Joined: 17 Apr 2009
Posts: 4
Location: here!

PostPosted: Sat 18 Apr 2009, 02:45    Post_subject:  

Quote:
Viruses? We are Linux - inoculation comes as standard. Smile


^ whoo!
Back to top
View user's profile Send_private_message 
ragaman

Joined: 14 Jan 2007
Posts: 186

PostPosted: Sat 18 Apr 2009, 06:24    Post_subject:  

There is one virus though that keeps wiping out my Puppy hard disk install. It's called distro-hopping virus that causes an itch that needs to be scratched.
Back to top
View user's profile Send_private_message 
elglobie

Joined: 21 Aug 2009
Posts: 24

PostPosted: Mon 24 Aug 2009, 16:51    Post_subject: Re: Why you are pretty safe
Sub_title: Linux and viruses
 

stanjam wrote:
Still, you are not as safe running as root in Puppy as you would be as a limited user in say, Fedora or Ubuntu.




Any plans to be able to run puppy as user ?
Back to top
View user's profile Send_private_message 
elglobie

Joined: 21 Aug 2009
Posts: 24

PostPosted: Mon 24 Aug 2009, 16:52    Post_subject:  

ecomoney wrote:
I offer a (not very) commercial service to install puppy as a dual boot (with CD) alongside windows. In our ads we put "No more viruses again EVER, or your money back"



Do you have a link to your service ?
Back to top
View user's profile Send_private_message 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Mon 24 Aug 2009, 18:56    Post_subject: Re: Why you are pretty safe
Sub_title: Linux and viruses
 

elglobie wrote:
stanjam wrote:
Still, you are not as safe running as root in Puppy as you would be as a limited user in say, Fedora or Ubuntu.




Any plans to be able to run puppy as user ?
I'm working on that. It isn't very hard. I just don't have much motivation lately (just a phase - I cycle between work-all-night level motivation and spend-my-time-watching-anime/reading level motivation). But it's coming along. The most important stuff is finished, except Xvesa, which I had working not long ago, but it stopped for some reason.


Meanwhile, in any normal Puppy, you can already run most applications as a limited user with very little effort. For example, if I wanted to run seamonkey as a limited user, I could do this:
su spot seamonkey
Seamonkey will be running as spot, while everything else is root.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send_private_message Visit_website 
Bert


Joined: 30 Jun 2006
Posts: 999

PostPosted: Tue 25 Aug 2009, 07:01    Post_subject:  

So, following Pizzasgood's idea, could something like this be useful?
Laughing

(with thanks to trio for the GUI-making-Gui)
Root-grapje.png
 Description   
 Filesize   85.52 KB
 Viewed   2135 Time(s)

Root-grapje.png


_________________


Back to top
View user's profile Send_private_message 
mikeslr


Joined: 16 Jun 2008
Posts: 841
Location: Union New Jersey USA

PostPosted: Tue 25 Aug 2009, 13:23    Post_subject: Viruses? can I get them? Malware in general
Sub_title: Frugal Install or Run from LiveCD
 

It doesn't surprise me that that some malcontent wrote a virus which infected A Linux Server in general business use. But there's not even a hint of a rumor that a virus was written which effected more than one distribution's servers.

Viruses and Trojans are applications. Unless I'm wrong --I'm no expert-- in order for them to function they have to be able to run under the kernel of a particular operating system, using or including libraries applicable to that kernel. With exceptions such as Puppy 3s compatibility with Slackware 12.0s, you can't directly port an application from one Linux Distribution to another. Similarly, Puppy 4s were not developed using the same base as Puppy 3s: consequently, not every application which runs under Puppy 3 will run under Puppy 4 unless additional libraries are installed. There are hundreds, if not thousands, of distributions if you take into consideration each "Distribution's" version built with a different kernel.

I know nothing about "Full Installed" Puppies. It is, however, my understanding that running from a Frugal Install or a LiveCD, Puppies employ a layered file system. On bootup, Puppy first decompresses and loads the "Save" file, which contains your settings and the applications you've installed to "base" system. The "base" system is then decompressed and integrated with the decompressed "Save" file. When you install a new application, or change your settings, they are written to the Save file and do not become part of your "base" system unless and until you remaster.
Absent remaster, the next time you bootup, a pristine "base" system is again decompressed. Unless and until someone figures out how to write to a compressed "base" system, the worst that can happen is that the "Save" file would be "corrupted": the solution to which is to rebooted from a LiveCD, with Puppy pfix=RAM, delete the Save file and start again to add your favorite applications and set your desired settings. [Hint: if you have favorite applications you'll always want to use, download and save them in addition to just allowing Pet Package Manager install them].
The greatest threat using Puppy Linux, therefore, would be exposure to 'phishing.' There are several things you can do to minimize that. Of course, use Puppy's Firewall. Of course, avoid known "attack sites." If you use Opera or Firefox, set or do not unset their phishing protection. If you use Mozilla based web browsers such as Firefox and Seamonkey, install "NoScript." And there's one other step you can take not available under Windoz. Other than your HOME Drive or Partition, Puppy does not automatically mount drives and partitions. Install a second hard drive, create a separate partition or plug in a special purpose USB Key where you'll store your valuable data. Don't mount it while you're on line.
You can also try the Truecrypt Pet. But, to be on the safe side, back up your valuable data when changed to 'almost-always off-line' media.

mikeslr
Back to top
View user's profile Send_private_message 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Tue 25 Aug 2009, 15:06    Post_subject:  

Quote:
With exceptions such as Puppy 3s compatibility with Slackware 12.0s, you can't directly port an application from one Linux Distribution to another. Similarly, Puppy 4s were not developed using the same base as Puppy 3s: consequently, not every application which runs under Puppy 3 will run under Puppy 4 unless additional libraries are installed.
It isn't as bad as it might seem. Firefox for example used to run on just about any Linux, with no effort. The latest ones aren't quite as portable but they still work on most recent Linuxes out of the box (well, assuming you don't use a CLI only distro).

Generally, the likelihood that a program will work on any given distro is inversely proportional to how complex it is.

One way to make things much more portable is to compile them statically. That way their dependencies are built in, so they don't need to rely on you already having them.

Also, if you use shell scripts, those can potentially run on most any Linux, though there are things to watch out for (different sets of utilities, different default shells, etc.) But they're completely independent of things like 32 vs. 64 bit, kernel versions, libraries, etc. And they can potentially run on Unix/BSD, not just Linux. You have to be even more careful about which utilities are available then though.

Over the summer, I did an internship that involved a Sun Solaris machine. I needed to examine some directory structures, but they didn't have the 'tree' program I use in Linux, and I couldn't get it to compile on that machine. So I wrote a shell script that implemented a crude imitation, along with a number of other scripts to help with various other tasks I had, and they all work just fine in Solaris, Puppy, and whatever distro my webhost uses (I don't remember - RH or CentOS I think). They'd probably work in Windows too, if you installed Cygwin.



BTW, the save file is not compressed, though it can be encrypted.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send_private_message Visit_website 
purple_ghost

Joined: 09 Nov 2005
Posts: 414

PostPosted: Sat 29 Aug 2009, 17:03    Post_subject: Is this true?  

Since I am not an expert perhaps some of the more knowledgeable here can tell me about these ideas.

Some of us use a live CD of Puppy with the hard drive still set to boot Windows. I would postulate that it might be possible for Puppy to allow some Malware to be installed on the hard drive, which would not run with Puppy, but might later run with the Windows install.

While penetrating Linux might be difficult because of so many different distros with different software install means, plus differences with kernels, where apps start from and such, the first distro that a hacker is likely to try to attack is Ubuntu. If Puppy is going to be based on Ubuntu, it would also be vulnerable. Perhaps they would try Debian, then they only need to access whatever Debian installer Puppy is using.

Someone has previously suggested that a safer means to use Puppy would be to run it from a Multi-Session CD/DVD., where no session is ever saved back onto the optical drive. The hard drive itself is never mounted. Files from web sessions is saved onto a flash key, which one can later scan, scan, scan before copying any thing from the flash drive to the hard drive. Or perhaps, it has been suggested that if that information is placed onto a CD/DVD ( but not the multi-session, since that might corrupt Puppy-???) it will never start to run on its own when using those data files with another OS.

Is it possible for a hacker to remotely mount a hard drive?

While it seems a contradiction to Puppy's intended audience, because it requires more hardware resources in place of the minimal hardware resources Puppy was aimed at, it has been suggested that using a Virtual Machine would also could be more secure, if the user was careful. ??

_________________
Google Search of Forum: http://wellminded.com/puppy/pupsearch.html
Back to top
View user's profile Send_private_message 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Sat 29 Aug 2009, 20:36    Post_subject:  

Quote:
Is it possible for a hacker to remotely mount a hard drive?
Depends on what kind of access the hacker has gained. He would need to have root permissions or the permissions of a user who has been configured to be able to mount drives (this isn't configured by default). He would also need the ability to execute the "mount" command.
_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send_private_message Visit_website 
purple_ghost

Joined: 09 Nov 2005
Posts: 414

PostPosted: Sun 30 Aug 2009, 15:38    Post_subject: Pizzasgood please interpret for me.  

Are you saying that if the hacker rightly guess the target was using Puppy Linux, it would be trivial?

So could you do it? What is the easiest way to protect ones hard drive while using Puppy and leaving ones computer on-line to a high speed connection twenty four hours a day?

_________________
Google Search of Forum: http://wellminded.com/puppy/pupsearch.html
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 2 of 5 Posts_count   Goto page: Previous 1, 2, 3, 4, 5 Next
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0934s ][ Queries: 12 (0.0043s) ][ GZIP on ]