Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 17 Apr 2014, 02:24
All times are UTC - 4
 Forum index » House Training » Users ( For the regulars )
firewall useless for puppy
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 12 of 12 [172 Posts]   Goto page: Previous 1, 2, 3, ..., 10, 11, 12
Author Message
increa

Joined: 21 May 2011
Posts: 21

PostPosted: Mon 23 May 2011, 13:03    Post subject: Firewall blocking what my computer sends.  

miriam wrote:
One point I'd like to learn more about is configuring the firewall to deny all programs, except certain ones I trust, access to the net.


Non-Puppy comment: I use free "Zone Alarm" to do this in Windows.
Back to top
View user's profile Send private message 
increa

Joined: 21 May 2011
Posts: 21

PostPosted: Mon 23 May 2011, 13:22    Post subject: System Threat  

One last thought in this thread for this morning:

It's often not one specific thing (get through my firewall) that creates a threat. Here's an example where individual non-threat pieces built into enough of a threat that I secured my system.

I enabled the Haiwatha web server. Even opened up to respond to all IP addresses (like a honey pot, I was interested who was on the hotel network and would choose to browse into my computer).

Then I enabled the Puppy personal blog. All okay, until I READ the default files served up by the server and the blog. In the blog default post, it gives the password for the "secure" spot account. Well, that file is intended to only be read by the local user at 127.0.0.1. But, by opening my web server up, the blog program now provided that password to everybody.

So, anybody could admin my blog, dump whatever they want there and as a minimum bury my computer in downloaded trash. That will crash any hard drive when it becomes full. Or the database will die first.

So... I went back and turned off the web server. OR, what I could have done is install a firewall so that only packets from within my local network could get to the web server Puppy. In this case, the firewall ~would~ have protected me. That's a pretty tangible example, I think. However, I solved the problem a different way.

However, I still run the Puppy firewall because it's overhead is a simple XOR statement against a port or IP number. Takes about a microsecond. I can afford that cost to cover my ~other~ braindead actions such as web serving my own blog post that gives my own password to the world.
Back to top
View user's profile Send private message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Mon 23 May 2011, 14:15    Post subject:  

increa wrote:
In the blog default post, it gives the password for the "secure" spot account. Well, that file is intended to only be read by the local user at 127.0.0.1. But, by opening my web server up, the blog program now provided that password to everybody.


I think that should be brought to Barry K's attention somewhat urgently, as a security bug!

Aitch Smile
Back to top
View user's profile Send private message 
puppyite


Joined: 23 Jul 2009
Posts: 758
Location: U.S., Midwest, Central Time Zone, GMT-6

PostPosted: Mon 23 May 2011, 16:48    Post subject:  

About Hiawatha:
I would think that anyone who runs a web server on their local machine would know that it should have a password set before it will start or at least give some warning if a password isn’t set.

I have no experience using the Hiawatha web server in Puppy Linux so I don’t know if it has a default password set up or not. If not then that may be a problem if the user starts it and no warning is given.

_________________
Learn more about Puppy Linux: Puppy Linux FAQ
Protect your privacy: Scroogle.org - Ixquick
Back to top
View user's profile Send private message Visit poster's website 
SimpleWater

Joined: 19 Apr 2011
Posts: 95

PostPosted: Mon 06 Jun 2011, 03:32    Post subject:  

After doing research, i have found the solution for the flash cookies. There is actually an extension for firefox called "Betterprivacy"(essential). It is made specially for deleting super cookies and is very easy customizable. If your worried about javascript then theres "noscript"(nonessential). Another firefox add-on. Something else you can do is go into your about:config and look for dom.storage.enabled and set the value to false.

I also tried to find warning threads about malware. I searched other big distros like ubuntu forums, and nothing of course. This is linux i don't think the word "malware" exist in linux yet. You might want to include your sources when you make big claims like that bernie.

When html5 becomes a standard, then you can ditch flash
Back to top
View user's profile Send private message 
Bernie_by_the_Sea


Joined: 09 Feb 2011
Posts: 329

PostPosted: Wed 08 Jun 2011, 18:42    Post subject:  

SimpleWater wrote:
I also tried to find warning threads about malware. I searched other big distros like ubuntu forums, and nothing of course. This is linux i don't think the word "malware" exist in linux yet. You might want to include your sources when you make big claims like that bernie.

Exactly what “big” claims would those be, Simple? I said NOTHING about any Linux malware. What I said was IF you have WINDOWS on your machine and IF you’re running some flavor of Linux, it is possible for a hacker (and I prefer that word for both good and evil programmers) to reach and install malware in your WINDOWS system AND in your boot system via Flash via Linux. Some of this malware is not OS dependent but works directly on the boot system affecting any and all operating systems on that computer. Puppy is especially susceptible to this sort of malware since it runs as root.

Malware in Linux has been known since 1994 -- the first example modified the kernel to change system calls. It was very effective and almost impossible to detect at that time. Linux malware is very real but adherents of the cult don’t like to hear this. A Linux hacker using a rootkit was arrested as far back as 2002. See http://packetstormsecurity.org/news/view/10653/Linux-Rootkit-Author-Arrested-in-the-UK.html

Last year the open source Linux version of Unreal had a Trojan but the Windows version did not. It wasn't even noticed for seven months. See http://blogs.computerworld.com/16316/think_linux_is_free_from_malware_think_again_its_been_hacked

Linux OpenOffice had a virus called Bad Bunny about four years ago.

There are more than two thousand known Linux malware products including viruses, Trojans and worms. Some of these are definitely loose in the wild. There are more than two dozen Linux antivirus applications, most of them commercial selling for real money. Ask yourself why some people buy these products for Linux from such companies as Kaspersky, McAfee and Symantec paying as much if not more for Linux antivirus programs as they do for Windows antivirus programs.

As for “sources” there are dozens of published papers on Linux malware and its detection and removal. For one such “source” see
http://www.symantec.com/connect/articles/detecting-rootkits-and-kernel-level-compromises-linux

_________________
Frugal: Knoppix 6.4.4 DVD
USB: DSL 4.4.10
Full: WinXP Pro
Puppy (Feb. 4 - May 12, 2011) led me back to Linux.
Back to top
View user's profile Send private message 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Wed 08 Jun 2011, 19:17    Post subject:  

@BbtS have you found any 'bad things' with your specially modified puppy?
i haven't read the whole thread.
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 12 of 12 [172 Posts]   Goto page: Previous 1, 2, 3, ..., 10, 11, 12
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » Users ( For the regulars )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0857s ][ Queries: 12 (0.0203s) ][ GZIP on ]