Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 24 Jul 2014, 09:03
All times are UTC - 4
 Forum index » Off-Topic Area » Security
LightweightPortableSecurity vs Puppy - Puppy wins
Post new topic   Reply to topic View previous topic :: View next topic
Page 5 of 5 [69 Posts]   Goto page: Previous 1, 2, 3, 4, 5
Author Message
mollo

Joined: 22 Apr 2012
Posts: 18
Location: Spain

PostPosted: Mon 11 Feb 2013, 12:35    Post subject: LPS Firewall???  

Hi
I didn't want to start a new topic for this LPS related question but where is the firewall in LPS??, I tried to write iptables -L and ipchains -L but the result was nothing or not found, I'm new to Linux written commands but looking at that result makes me think that there's no firewall at all in LPS and I suppose that is a backdoor no mater how many times you reboot your OS, isn't it?, with all ports open, it's not important how secure are your browser settings as anyone can spy what you are doing typing or whatever, is that correct??, I read somewhere that Linux has the firewall built in its kernel, is this correct for the LPS distro too??, if so, is there a way to install iptables or any other GUI for adding or changing firewall settings??.
One last question, I was trying both LPS 1.3.6 and 1.3.5 and found that strangely the 1.3.5 you can still download at the LPS site has a different md5 than the md5 value I found in another site which kept the 1.3.5 hashes data (LPS site doesn't keep an archive of md5 sums), can anybody confirm the correct md5 for LPS 1.3.5 Public iso??
Thanks in advance for any answer and sorry for my poor English.
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 8904
Location: Stratford, Ontario

PostPosted: Mon 11 Feb 2013, 12:46    Post subject:  

Open a terminal and type
Code:
lsmod | grep iptable

That may tell you if the firewall is already running.

[Edit] I looked in LPS and it does not appear to have the kernel modules for the firewall, which sounds counter-intuitive for a security Linux.

But if LPS is not running any services and has no open ports, then maybe it's smart enough to know that it doesn't need a firewall.
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Mon 11 Feb 2013, 13:51    Post subject:  

this being for the Military personal of US Army or Navy or any Military
would it not be logical to expect them monitor each usage for to find out
if anything bad is going on among themselves?

So sure the OS is very safe but maybe also very nosy to find out
whom are doing what?

Just me wild guessing.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
mollo

Joined: 22 Apr 2012
Posts: 18
Location: Spain

PostPosted: Mon 11 Feb 2013, 19:54    Post subject:  

Thanks rcrsn51 for your fast reply, then I suppose it's impossible or very difficult to install those missing kernel modules for the firewall?
LPS has Java, Flash and others and those are "running services" so a firewall is mandatory, correct?, how do I know if LPS has all ports closed except the one/ones needed for Internet?, is it possible to create a distro with all ports closed without the need for a firewall?, I thought the task for opening or closing ports was done by the firewall.
Is there any online test for checking ports like the acid tests for the browser?
Thanks

nooby:
LPS Public it's just that, a public version just made by the U. S. Air Force, anyways, there's nothing suspicious in its licence agreement, in fact, it's a short and clear licence agreement, but if LPS has no firewall means that anyone can see what you are doing, correct?.
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 8904
Location: Stratford, Ontario

PostPosted: Mon 11 Feb 2013, 20:04    Post subject:  

mollo wrote:
Is there any online test for checking ports like the acid tests for the browser?

I booted LPS on Machine A and Puppy on Machine B. From B, I ran PeasyPort and scanned all 65535 ports of A. There were no open ports.
Back to top
View user's profile Send private message 
mollo

Joined: 22 Apr 2012
Posts: 18
Location: Spain

PostPosted: Tue 12 Feb 2013, 00:01    Post subject:  

rcrsn51:
Thanks for that test but how is that possible, I mean, don't you need port 80 to be open to access Internet??, if there are no open ports how can you access www or send mails?, thanks again.

Do anybody have the correct md5 value for both public and public deluxe isos of LPS 1.3.5??
Thanks
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 8904
Location: Stratford, Ontario

PostPosted: Tue 12 Feb 2013, 00:13    Post subject:  

It's the web server that has port 80 open, not the client. LPS is not running a web server.
Back to top
View user's profile Send private message 
mollo

Joined: 22 Apr 2012
Posts: 18
Location: Spain

PostPosted: Wed 13 Feb 2013, 00:44    Post subject:  

Your desktop or laptop with Puppy, Windows or any other OS is also a client but you need firewalls in all of them to open or close ports, if your pc (client) had all ports closed then you won't be able to access Internet (server), send/receive mails and so on, correct?, then no matter if your pc runs LPS or Puppy, you need a firewall yes or yes so noone can invade your pc through one of its open ports, correct?
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 8904
Location: Stratford, Ontario

PostPosted: Wed 13 Feb 2013, 09:40    Post subject:  

Murga-linux.com runs a web server. It advertises its presence to the rest of the world on Port 80. Knowing that, an attacker could bombard the server with specially-crafted data aimed at Port 80 in hopes of confusing the server and making something bad happen. Hopefully, the software running on the server is smart enough to prevent this, or it is running a firewall that rejects any strange-looking data.

When you run the web browser on LPS, you are NOT opening Port 80. Instead LPS opens a temporary port from a pool of 65535 choices. This is why you can have two different browsers running at the same time - each one gets a temporary port to communicate with a server.

An attacker has no idea that your computer is temporarily using Port 12345. And even if it did, what would your own firewall do? Block Port 12345? Then you would lose your connection to the remote server!

And how would you set up your firewall in advance to block a randomly-chosen port?

Things like Java and Flash are NOT services. They do not advertise their presence on your computer to the rest of the world.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 5 of 5 [69 Posts]   Goto page: Previous 1, 2, 3, 4, 5
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0608s ][ Queries: 13 (0.0049s) ][ GZIP on ]