How safe is running from hard drive?

[musher0]

Hi, NickAu.

Using your expression (I love it!), a "Linux script kiddie" could just as well write a
keylogger for Linux, for that matter, to know what you or I are doing at the moment,
and make some bucks selling the info to the NSA, its Canadian affiliate the CSEC,
Google Analytics, or some major advertiser, or whomever.

I doubt that that info would be of any interest, but still, it's theoretically possible!

If you have confidentiality concerns, load your jpg in mtpaint for Linux and your
powerpoint in OpenOffice for Linux, and re-save them from the Linux program. in
other words use Linux programs whenever possible.

Better still, Linux has versions of anti-malware programs that you can use directly
from a Linux system on various Windows files (can't remember the precise names
at the moment, but they do exist). So use those on the files before you load the
files in your Linux system if you prefer to work that way.

Worthy of mention: nowadays all major Internet providers scan the files that transit
through them with an anti-virus.

Linux is generally 500 % more secure than W., but an evil-minded Linux user
could still try to do us harm through our computers.

We have to be careful with our fears, they can become paranoia in no time.

Let's use our rational mind here. Why would two Puppy forum contributors (e. g.
you and me) exchanging on a technical subject be of interest to anyone except
Puppy-ists?

The OpenBSD site says that they detected only two risks in their system in the
past 10 years. Maybe we should all migrate to OpenBSD?

Then again, OpenBSD has been reported to be the system used by CSIS (the
Canadian CIA), and funded by them in the early years. Is that myth or reality,
nobody knows... So maybe if you use OpenBSD, Canadian spies will be all over
your computer?

Are you getting my meaning? If you start on a "fear" slope like that, who knows
when and where you'll stop? Even the safest OS will appear to you as wanting
with regards to security.

In short, I don't think we should be overly concerned if we are honest citizens and
if we follow general practices of "safe computing" as outlined above in this thread.

Best regards. BFN.

musher0

[musher0]

Hi, NickAu.

Me again. Not that you'd need any of them, IMO, but here's a starting page for a
search on < Linux anti-virus > :

http://www.info.com/searchw?qkw=linux+a ... &qhqn=&KW=

As I said, it's not that you need any anti-virus if your main system is a Linux system,
but if you're a professional designer or writer of some sort working on Linux, you
might still want to scan your clients' files as a courtesy to them, to re-assure them
that the files you send back to them are virus-free.

Besides, if you're a professional, you also want to have the reputation of being a
responsible Internet citizen to keep your clients.

BFN.

musher0

[NickAu]

Thank you for the reply.
And yes i get a lot of files from W.os users that may or may not be infected and occasionally forward them on. Thats why I asked.And I use wine.

Worthy of mention: nowadays all major Internet providers scan the files that transit
through them with an anti-virus.

Can you say crypotlocker? ( comes as an email attachment) they may be able to do it but I doubt they are.

http://en.wikipedia.org/wiki/CryptoLocker

I see ClamAV in ppm cool. I know it from W.os too.
Sorry if im a pain in the a** but other than a few attempts at mint and unbuntu im a fish out of water on linux.

[musher0]

Hello, NickAu.

Thinking about your keylogger possibility, I thought of reviving the link to my lsof pet.

Here's lsof: http://limelinx.com/fkh2m

It's sort of like ps but more complete. (The ps command lists all programs running in
the computer's memory.)

lsof lists all your open programs, Internet and printer ports, everything, with more info
than ps.

You run it in console. To know which Internet ports are open at any given moment,
type

Code: Select all

lsof -i

Typing < lsof > on its own will give you a list about a mile long...

More info here: http://murga-linux.com/puppy/viewtopic. ... 409#710409
on a "security" thread similar to this one.

The opera browser typically opens 4 ports for itself, firefox as many as 8 ports. If you
have a keylogger, it will show an as additional URL. (Never happened to me, though.)

Feeling like a fish out of water, eh? Reminds me of my early days with Puppy, every-
thing seemed so strange, 5 years ago now. But please stick with us a while, you'll see
that Puppy is not that difficult; once you get accustomed to it, some things will even
appear simpler in Puppy than in W. Also, the bunch here is very friendly and helpful;
and that's a real bonus.

BFN.

musher0

[musher0]

Hello again, NickAu.

Just read your info on cryptolocker. Ouch. At the bottom of the article, it says that the
thieves pocketed 27 million US dollars in +/- six months doing this? Re-ouch.

However, as wikipedia says, it's targeting only Windows computers.

Nevertheless, it would be good practice to backup all your important files on a separate
Linux partition, and then unmount that partition for the day. Re-open that partition only
as necessary, to do the next back-up. That way, you keep your files -- and your clients
-- safe.

If you don't have a large hard drive you can divide into partitions, a thumb drive
especially for this purpose will do fine. When finished with your back-up, unmount and
remove the thumb drive. I imagine you already know this.

If the partition is closed, not connected or even not there, no one can access it, even
by accident.

BFN.

musher0

[Barkin]

It's still possible for malware to be injected into the browser , even on a Linux computer. Like a hidden addon to the browser which functions as a keylogger , to or redirect your browser (browser hijack).

do you have some examples ..eg addons to avoid for example? sites that do this... what approval messages to be wary off before adding an addon?

You don't have to deliberately add a malicious addon, just by visiting a webpage it can be added, (unless you have JavaScript disabled, e.g. by NoScript addon ) ...

There are not mechanism to restrict the privileges and execution scope of add-ons.
JavaScript functions can hook into the browser interface every time Firefox loads. They can collect keystrokes from Firefox browser interface. The JavaScript XMLHttpRequest object can be used to exchange data with a server in background.

http://www.exploit-db.com/wp-content/themes/exploit/docs/24541.pdf

https://www.google.com/search?q=Malicious+Firefox+Add-Ons+Keylogger

[mikeb]

But then some script kiddie came up the the idea of hiding the exe in a jpg or powerpoint presentation

Actually microsoft added the mechanisms for the script kiddie to exploit...it was a selling point for business lan users to have their office documents make pots of tea and play jingles...wonderful...but expose that to the internet you have a large nightmare.... If Microsoft had not been so criminally neglegent with the software they inflicted on the public starting in the mid nineties the world wide paranoia of seeing the internet as a 'dangerous place' we see would most likely not exist.

You don't have to deliberately add a malicious addon, just by visiting a webpage it can be added, (unless you have JavaScript disabled, e.g. by NoScript addon ) ...

javascript doing such naughties while being on a malicious site...ok... but being used to install an addon to continue it afterwards without user intervention?

related is

Using your expression (I love it!), a "Linux script kiddie" could just as well write a
keylogger for Linux,

certainly...but how would he get this installed and running on linux without user intervention? Bear in mind we are using a system designed and used for public servers.

The posibilities are awkward and convoluted on linux.... A burglar is checking out a street deciding which house to go for... one house has only a front door with a secure multi point lock, the windows are high and non opening and the walls are smooth. The other has a side door thats using a yale lock. The lights are on and its easy to see no ones in. The windows are in poor shape and use those stays that you can easily work loose. Several strong drainpipes exist next to the windows.
Which house does he choose?
Its not security by obscurity, its security by difficulty.

Scripts in jpegs on wine..good point...depends how closely wine is imitating windows. One to test perhaps.

Its always curious to get emails from people who obviously have that malware thats comes via email and that sends out spam to everyone in their address book ...we got that in 2002 when we first had a PC....so the same malware is still floating around doing its thing....many people still use outlook express. Its all too easy...why tackle the hard stuff when the vast majority have a choice of simple methods to proliferate your crap, pseudo 'protected' by programs that can be circumvented by a name or byte order change.

hyperthetical possibilities abound... real threats carry on and are sold to the public daily.

I suppose I want linux users to relax and enjoy what they have.

Mike.

[Oh Carolina]

Hi Musher0,

Thanks for the post.
I tried to follow the method you said to end "World Access" but the results of the file path are as shown in the attachments.I was a bit confused,maybe not computer savvy enough for this (don't want to make a mess of anything) .

My main concern is that I would not want the computer running Puppy Carolina to put the security of the Windows computers that share peripherals and an internet connection at added risk. .No financial or private matters would be processed on the Carolina machine.The Carolina is more a computing corner hobby /internet thing. Any suggestions or advice most welcome.

Hope you have had a good night and have woken to better weather than we have here in U.K.

BFN

Oh Carolina.

[Oh Carolina]

Hi Mike,

Yes I agree that the Microsoft and Apple folk have a lot to answer for .
It's not long ago that we were being assured that the Apple devices were bullet proof and un- targeted..If the only reason Linus is "safer"is that its not a big enough target ,what happens when it gets huge?
Of course if the world wasn't driven by capitalism/consumerism and greed we would have no villains to trouble us.

BFN
Oh Carolina

[musher0]

Hi, Oh Carolina.

Thanks for your kind words.

I'm not familiar with the Carolina Puppy. I stayed away from it because it uses the
xfce window manager, which I find clumsy to use and thus I don't like it too much.
(This is only a personal opinion, of course.)

In any case, my little lesson will only be useful to you if you work it from the
ROX-Filer. Is there a ROX-Filer on Carolina? You may want to type < rox > in a
console to see if anything shows up. If the ROX-Filer is launched, then from there,
you can modify the "world" settings as indicated above.

The Puppy is in a corner, eh? In my day, that's where the boss had his/her office...

As to the safety of Windows computers that may be linked to the PuppyLinux one:
there is no danger at all -- as should be clear by now from the posts on this thread.

The only risk would be of retransmitting a Windows document file that is already
infected, but that can't harm the Puppy itself. And as I mentioned, there are some
Linux versions of anti-viruses that you can use to scan and clean Windows files
from a Linux system -- out of courtesy to your fellow workers.

Conversely, looking at the possibility from the PuppyLinux end, the two OS's are
incompatible, so PuppyLinux cannot infect a Windows computer or be a nuisance
to shared peripherals. There are no known viruses for Linux systems yet, it's not
enough fun for a hacker. (Let's hope it'll stay that way.)

However, I've heard that samba (the sharing program / protocol) can be wrongly
configured, but that's not a security risk per se!

Speaking of samba, I've never used it, I'm a free-lancer and work solo, mostly,
so I never had any need for it. Maybe some other Puppy-ist can answer you in
more detail about it.

Good luck and best regards.

musher0

[musher0]

@mikeb:

You wrote:
>

related is Quote:
Using your expression (I love it!), a "Linux script kiddie" could just as well write a
keylogger for Linux,

certainly...but how would he get this installed and running on linux without user intervention?
Bear in mind we are using a system designed and used for public servers.

You're right. The hacker would need proper permission to install his nasty code on
the Linux computer, and that's impossible from the outside. I had forgotten about that.

BFN.

musher0

[anikin]

Hi musher0,

This world-access tip is the best, I've seen on Linux security. A quick question - what's the underlying command, that performs it? I'd like to apply the trick to an external, unsquashed main sfs. Any ideas?

Thank you in advance.

[mikeb]

If the only reason Linus is "safer" is that its not a big enough target ,what happens when it gets huge?

Its not security by obscurity, its security by difficulty.

Secure from the ground up. I made Windows secure...for linux I didn't have to do anything. Bear in mind a major percentage of websites are running Linux so not as obscure as you might think and thats a tough enviroment when it comes to security.

Apple use a Unix like system like Linux is...not aware they had major security problems with it...though mocrosoft now have a share of the business now?

Samba...not a fan..never used it though I did get an infection via netbios ports after 2 minutes of a fresh 2000 install online working direct to the net on a usb modem. There is a hack to fix that, though router firewalls effectively protect you .

I use NFS for windows file sharing.

I do wonder if Microsoft are very stupid or clever...the security holes introduced in the late nineties were soon detected and the situation even came to court over the browser integration in 1999. Why is the same system/software still included?. Perhaps selling an operating systems that stuffs itself after a year or 2 is good bisiness, or businessmen make lousy software engineers....we may never know.

mike

[mikeb]

This world-access tip is the best, I've seen on Linux security. A quick question - what's the underlying command, that performs it? I'd like to apply the trick to an external, unsquashed main sfs. Any ideas?

If you feel the urge slax modules use 400 permissions... read only by system only.
chmod 0400 /path/to/file.sfs
or perhaps 0444 would be sufficient.
mike

[Oh Carolina]

Hi Guys (and Girls if any),

Have learned something from this thread and thank all contributors.

Will go and try out my newly resurrected ( by Puppy Carolina )machine and hopefully find out more about the world of Linux.

Just one more thought:-Would Puppy Carolina be happy to share my 160 Gig hard drive with another member of the Linux family??

Thanks again for everyone's help

BFN

Oh Carolina.

[mikeb]

Just one more thought:-Would Puppy Carolina be happy to share my 160 Gig hard drive with another member of the Linux family??

YES!

[musher0]

Hi musher0,

This world-access tip is the best I've seen on Linux security. A quick question - what's the underlying command, that performs it? I'd like to apply the trick to an external, unsquashed main sfs. Any ideas?

Thank you in advance.

HI, anikin.

Thanks for the kudo. Yeah, once you know the trick, it's a bit of a revolution!
And it's so simple to do.

Rox performs the < chmod ug+rwx > command on the selected files and folders.
You can of course use the command by typing it in a terminal. The command means:

"Change ownership of the file or folder to user and group, and make it (the file or folder)
readable, writable and executable."

Therefore, the third option, world access, is excluded (ignored). The world stays outside!

You may fine-tune it for documents, images and text, without the execute part (any file
that does not need to be executed, but only viewed and edited), like so:
< chmod ug+rw file.abw >
OR
< chmod ug+rw file.png >
for example.

As I mentioned before, go easy on the command, don't use it "in bulk" for many folders.
If you do, there's a good chance it'll freeze your system, especially if you use it on more
than one higher level folder at a time.

BFN.

musher0

[Barkin]

@mikeb:

You wrote:
>

related is Quote:
Using your expression (I love it!), a "Linux script kiddie" could just as well write a
keylogger for Linux,

certainly...but how would he get this installed and running on linux without user intervention?
Bear in mind we are using a system designed and used for public servers.

You're right. The hacker would need proper permission to install his nasty code on
the Linux computer, and that's impossible from the outside. I had forgotten about that.

BFN.

musher0

But the malicious addon is a browser thing, not a Linux thing.

Keylogger addons are available for FireFox browser , e.g. , you just need to get one into somone's FireFox browser,
( i.e. this type keylogger is browser-specific, not OS-specific : it will work on Firefox running on Windows or Linux ).

[musher0]

HI, barkin.

You mean ANTI-keylogger addon, yes?

BFN.

musher0

[musher0]

Almost forgot: do you know of any available for the opera browser?