Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 23 Nov 2014, 09:41
All times are UTC - 4
 Forum index » Off-Topic Area » Security
How safe is running from hard drive?
Post new topic   Reply to topic View previous topic :: View next topic
Page 3 of 4 [52 Posts]   Goto page: Previous 1, 2, 3, 4 Next
Author Message
mikeb


Joined: 23 Nov 2006
Posts: 8644

PostPosted: Sun 26 Jan 2014, 13:12    Post subject:  

Quote:
Just one more thought:-Would Puppy Carolina be happy to share my 160 Gig hard drive with another member of the Linux family??


YES!


Smile
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4329
Location: Gatineau (Qc), Canada

PostPosted: Sun 26 Jan 2014, 13:43    Post subject:  

anikin wrote:
Hi musher0,

This world-access tip is the best I've seen on Linux security. A quick question - what's the underlying command, that performs it? I'd like to apply the trick to an external, unsquashed main sfs. Any ideas?

Thank you in advance.


HI, anikin.

Thanks for the kudo. Yeah, once you know the trick, it's a bit of a revolution! Smile
And it's so simple to do.

Rox performs the < chmod ug+rwx > command on the selected files and folders.
You can of course use the command by typing it in a terminal. The command means:

"Change ownership of the file or folder to user and group, and make it (the file or folder)
readable, writable and executable."

Therefore, the third option, world access, is excluded (ignored). The world stays outside! Smile

You may fine-tune it for documents, images and text, without the execute part (any file
that does not need to be executed, but only viewed and edited), like so:
< chmod ug+rw file.abw >
OR
< chmod ug+rw file.png >
for example.

As I mentioned before, go easy on the command, don't use it "in bulk" for many folders.
If you do, there's a good chance it'll freeze your system, especially if you use it on more
than one higher level folder at a time.

BFN.

musher0

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)

Last edited by musher0 on Sun 26 Jan 2014, 21:12; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website 
Barkin


Joined: 12 Aug 2011
Posts: 742

PostPosted: Sun 26 Jan 2014, 14:06    Post subject:  

musher0 wrote:
@mikeb:

You wrote:
>
Quote:
related is Quote:
Using your expression (I love it!), a "Linux script kiddie" could just as well write a
keylogger for Linux,

certainly...but how would he get this installed and running on linux without user intervention?
Bear in mind we are using a system designed and used for public servers.


You're right. The hacker would need proper permission to install his nasty code on
the Linux computer, and that's impossible from the outside. I had forgotten about that.

BFN.

musher0


But the malicious addon is a browser thing, not a Linux thing.

Keylogger addons are available for FireFox browser , e.g. , you just need to get one into somone's FireFox browser,
( i.e. this type keylogger is browser-specific, not OS-specific : it will work on Firefox running on Windows or Linux ).
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4329
Location: Gatineau (Qc), Canada

PostPosted: Sun 26 Jan 2014, 14:20    Post subject:  

HI, barkin.

You mean ANTI-keylogger addon, yes?

BFN.

musher0

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
musher0


Joined: 04 Jan 2009
Posts: 4329
Location: Gatineau (Qc), Canada

PostPosted: Sun 26 Jan 2014, 14:21    Post subject:  

Almost forgot: do you know of any available for the opera browser?
_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
Oh Carolina

Joined: 25 Jan 2014
Posts: 11
Location: England

PostPosted: Sun 26 Jan 2014, 14:30    Post subject: How safe is running from hard drive?
Subject description: Will Puppy Carolina share
 

Hi Mikeb,

Thanks,glad to here that , will go and browse to find Carolina a drive mate.

BFN
Oh Carolina Very Happy
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8644

PostPosted: Sun 26 Jan 2014, 15:31    Post subject:  

Quote:
Keylogger addons are available for FireFox browser , e.g. , you just need to get one into somone's FireFox browser,
( i.e. this type keylogger is browser-specific, not OS-specific : it will work on Firefox running on Windows or Linux ).


ok.. But how is javascript installing a firefox addon. Or are you talking about a user installed addon?

mike
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3393
Location: Oregon

PostPosted: Sun 26 Jan 2014, 17:37    Post subject:  

musher0 wrote:


Finally, and this is perhaps the killer argument, a W. malware written on W. cannot
run on Linux. Linux cannot execute a W. program natively, period. [/list]


musher0


I was always a bit curious about that last statement.
What about those users that want to run windows games through linux and have installed wine?
Would wine give the malicious script or application written for windows the opportunity to execute?

This goes along with the problems I had been having with my Desktop in locking up and getting blue screen crash dumps in windows as well as lockups there too.

And I have checked the hard drives, processor, and memory with tests from the Windows recovery manager, chkdsk in windows and using e2fsck in linux.

And I still think some nasty has gotten onto one or both of my drives.

I am currently running from a CD boot of Puppy 5.7.1 with one session save to the CD and NO lockups at all when running that way.
I should mention that I was running Slacko 5.5 with wine installed before these problems started.

Sorry to slightly derail this thread, but it goes along with the Topic as to one users experience.
Back to top
View user's profile Send private message 
Barkin


Joined: 12 Aug 2011
Posts: 742

PostPosted: Sun 26 Jan 2014, 17:52    Post subject:  

musher0 wrote:
HI, barkin.

You mean ANTI-keylogger addon, yes?

No an actual keylogger addon for Firefox, not ant-keylogger ...
addons.mozilla.org wrote:
Keylogger 1.6
by Lipo-Codes

About this Add-on
This addon logs (writes down) every single key press performed on the computer while surfing the Firefox browser.
https://addons.mozilla.org/EN-US/firefox/addon/keylogger-220858/
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8644

PostPosted: Sun 26 Jan 2014, 17:58    Post subject:  

So its an addon rather than something installed without the users knowledge via javascript...just wanted to clarify

mike
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4329
Location: Gatineau (Qc), Canada

PostPosted: Sun 26 Jan 2014, 18:06    Post subject:  

Hi, 8-bit

Euh... running a W. program through wine on Linux is NOT the same thing as running a
W. program directly in Linux. You simply can't run a W. program directly in Linux. Try it
and you'll see: nothing will happen.

I'd suggest a search in the Internet about your problem to be sure, but it would be logical
that the malware thinks it's running on a real W. system and try to attack the wine structure.

But once out of wine, back in your real Linux, the malware can't do anything: it's not the
same folder structure, and W. executables just won't run in Linux.

BFN.

musher0

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
musher0


Joined: 04 Jan 2009
Posts: 4329
Location: Gatineau (Qc), Canada

PostPosted: Sun 26 Jan 2014, 18:10    Post subject:  

Barkin wrote:
musher0 wrote:
HI, barkin.

You mean ANTI-keylogger addon, yes?

No an actual keylogger addon for Firefox, not ant-keylogger ...
addons.mozilla.org wrote:
Keylogger 1.6
by Lipo-Codes

About this Add-on
This addon logs (writes down) every single key press performed on the computer while surfing the Firefox browser.
https://addons.mozilla.org/EN-US/firefox/addon/keylogger-220858/


But why would I want to spy on the keys I myself type... ? Unless I'm a nutcase...

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
mikeb


Joined: 23 Nov 2006
Posts: 8644

PostPosted: Sun 26 Jan 2014, 18:31    Post subject:  

Quote:
Unless I'm a nutcase...

Well we wanted to say something but was looking for the right moment
Back to top
View user's profile Send private message 
Sylvander

Joined: 15 Dec 2008
Posts: 3517
Location: West Lothian, Scotland, UK

PostPosted: Sun 26 Jan 2014, 20:57    Post subject:  

8-bit wrote:
This goes along with the problems I had been having with my Desktop in locking up and getting blue screen crash dumps in windows as well as lockups there too.

And I have checked the hard drives, processor, and memory with tests from the Windows recovery manager, chkdsk in windows and using e2fsck in linux.

And I still think some nasty has gotten onto one or both of my drives.

Lets say you had 1 or more "improper-poweroff" events...
Then you scanned and fixed the PFS [partition-filesystem], so that the PFS was now OK...
The act of scanning&fixing might create "orphan file fragments", so that the folder/file system might then have gaps or missing portions, so would no longer function fully [not function as it aught]...
Since certain files are incomplete.
The way to then fix that would be to restore...
Perhaps an image backup [I like to ALWAYS have backups]...
Or scan&fix the PFS then restore all of the partitions' folders/files [I normally use Puppy->Xfe to do this].
Whatever would return a good/complete folder/file/PFS system.

8-bit wrote:
I am currently running from a CD boot of Puppy 5.7.1 with one session save to the CD and NO lockups at all when running that way.

Which suggests [that at least] the PFS is OK.
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4329
Location: Gatineau (Qc), Canada

PostPosted: Sun 26 Jan 2014, 21:00    Post subject:  

mikeb wrote:
Quote:
Unless I'm a nutcase...

Well we wanted to say something but was looking for the right moment


Funny guy! Laughing Laughing

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 3 of 4 [52 Posts]   Goto page: Previous 1, 2, 3, 4 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0926s ][ Queries: 12 (0.0086s) ][ GZIP on ]