Puppy Linux Discussion Forum

gen81465 · Joined: 14 Jul 2011 Posts: 3

I am a newbie so please have pity:

While looking at my network configuration, I noticed that the file /etc/simple_network_setup/connections contains an unencrypted copy of my WIFI network WEP key in it. The default permission mode is 644 (rw-r--r--). Would I be safer to CHMOD to 600 (rw-------), so only the owner has rights to view the file? I'm concerned that someone might get access to my system files, see the WEP key for the WIFI network, and use it to access my WIFI without my permission.

I hope I'm not overreacting, however I keep my WIFI secured for a reason.

Thanks in advance for any guidance on this.

George

rcrsn51 · Posted: Thu 14 Jul 2011, 06:42 Post subject:

gen81465 · Joined: 14 Jul 2011 Posts: 3

Flash · Posted: Thu 14 Jul 2011, 08:30 Post subject:

gen81465, have you considered running Puppy from a multisession DVD? When the computer is not in use, the DVD which contains Puppy and all its configuration files can be removed and stored in a secure location.

As for the possibility that someone could find a way to read your computer files from the network side, I don't know. It would depend greatly on how you have configured Puppy and what programs you have installed.

gcmartin · Joined: 14 Oct 2005 Posts: 2640 Location: Earth

gen81465 · Joined: 14 Jul 2011 Posts: 3

1. My previous problems were with Windows. Someone was able to hack into my computer (past the firewall) and remotely run programs as if on my computer. I finally noticed some odd files on my computer and figured out what had happened. I changed the passwords and it seemed to stop, but I had to uninstall several spoofing programs.

2. I'm not sure where the problems might come from. Having been a Windows user all my life, I've just come to accept being hacked as part of the price to be paid to Bill Gates for his incessant desire to snoop on everyone.

My concern is that if someone (somehow) accessed the specific file, they would see my WEP pass-code in plain English. Even /etc/passwd encrypts the password. It would seem logical to me that other programs would work accordingly. A previous poster said that Puppy isn't a multiuser system anyway; the only user is "root", so I guess it really isn't as big of an issue as I was making it.

gcmartin · Joined: 14 Oct 2005 Posts: 2640 Location: Earth

Thanks for helping us with that. I understand.

Linux is an altogether different animal whose behavior is much different from Microsoft. One fact is that each distro, generally, runs and operates differently This alone is a major detractor for those looking for exploitation. The effort is very very high. Unless you are a government who is targeting, this usually will never be undertaken by anyone. (The payback for the effort is way too costly, especially, when there are so many more Windows machines to attack.)

This thread, here, can be of some help in understanding vulnerability. Members, there, have expressed some key things to understand which make your system a safe place to operate. At least, from the standpoint of what you've described in your response to the questions.

You will probably experience a very comfortable ride without issues of penetration of your Puppy PC/system.

Welcome to Puppyland.