I agree with gposil in this old thread:
http://murga-linux.com/puppy/viewtopic. ... 60&t=49025
Why are we going over this again?
Security in Puppy Linux: running as Root
That old thread was well worth a read. I thought I would repost Aragon's contribution regarding secure hardware:musher0 wrote:I agree with gposil in this old thread:
- Attachments
-
- secure hware.jpg
- (35.13 KiB) Downloaded 1078 times
-
gcmartin
Helping a user
@Snayak asks some very good questions.
Some of our most honored security persons should address these. And, it probably should be done, not so much as a security question, but in terms of how he presents his questions of us.
Microsoft, nor Apple, nor mainstream Linux, nor Unix are viewed as single user. (security issues aside for a moment)
BarryK started his Linux project distro in a effort to keep it as simple as possible for ease of understanding and ease of implementation. As such he took steps to "trim" the system to what he felt is a easy to implement system that should you have a router and an ethernet cable will get you a desktop office that will connect to the internet. This is notwithstanding that there are other LAN services present. His PUPPY implementation will make use much of what the LAN has to offer without ever offering any services from the PC to the LAN. This, in essence, intended to be a client ONLY distro.
Over the years, community members have added/attempted to add services to this client model such that PUP can extends services to other members on the LAN. Examples of these "server" services are FTP, SMB, NMB, etc. such that files/folders/applications that are created or exist on the PUP can be used by other LAN members just as those non-PUP LAN members have been providing to the LAN for years.
Today, excepting for couple of PUP distro, PUPPY continues to follow that model. But, what has changed is that knowledgible members can add server services to the LAN such that PUPs can participate just as those other non-PUPs provide the LAN.
There are several reasons why PUPPY started as it did. The most prevalenet is that it started when dial-up internet was the most prevalent internet service available in the world. 2nd, many users still had 486s/Pentium1-2-3 class PC that were due for retirement. By getting Puppy, one could recommission those old PCs and the download sizes were somewhat reasonable.
Today, much of that has changed. And, Puppy, at least for 32bit, has also been positioned to take advantage of internet speeds, shorten download times, internet reliability, 1995+ processors, and the 2006 model where PC manufacturers mandated a 1GB+ RAM model for all PCs sold with Microsoft loaded.
I know NONE of what I have shared addresses security, but, it at the very least provides a little understanding of what I have seen in my Puppy lifetime.
Several security discussions have arose over the years. And, as such, many ideas have been promoted.
Puppy will probably continue its current model for awhile as it does offer some very useful benefits. There are some things Puppy could do better, but, most of the changes that come are from members who offer an alternative. And over time, the good ideas are spotted and incorporated into the Woof build process for distro builder's inclusion. And, for those fuller server versions that provide OOTB services, they, too, are as secure as they come.
Security is NOT a back burner item, either in Linux or in Puppy.
I have been keeping a watchful eye over the years in this forum of discoveries of security breaches. Thus far, in observation, there has been much discussion, much from scares and warnings, ideas about multi-user(s), and thoughts. This far, I have not seen any reports of PUPPY being used as a launch threat within its LAN, nor Puppy being penetrated, thus far. But, in watching, no one as yet has provided a security monitor that would provide alerts in the Puppy LAN or the Puppy PC of a security breach or a PC security announcer to the console user. .
But, I am apprehensive that someone will be coming forward...hopefully or as someone percieves a real need in this product as it continues to mature.
Here to help
Some of our most honored security persons should address these. And, it probably should be done, not so much as a security question, but in terms of how he presents his questions of us.
Microsoft, nor Apple, nor mainstream Linux, nor Unix are viewed as single user. (security issues aside for a moment)
BarryK started his Linux project distro in a effort to keep it as simple as possible for ease of understanding and ease of implementation. As such he took steps to "trim" the system to what he felt is a easy to implement system that should you have a router and an ethernet cable will get you a desktop office that will connect to the internet. This is notwithstanding that there are other LAN services present. His PUPPY implementation will make use much of what the LAN has to offer without ever offering any services from the PC to the LAN. This, in essence, intended to be a client ONLY distro.
Over the years, community members have added/attempted to add services to this client model such that PUP can extends services to other members on the LAN. Examples of these "server" services are FTP, SMB, NMB, etc. such that files/folders/applications that are created or exist on the PUP can be used by other LAN members just as those non-PUP LAN members have been providing to the LAN for years.
Today, excepting for couple of PUP distro, PUPPY continues to follow that model. But, what has changed is that knowledgible members can add server services to the LAN such that PUPs can participate just as those other non-PUPs provide the LAN.
There are several reasons why PUPPY started as it did. The most prevalenet is that it started when dial-up internet was the most prevalent internet service available in the world. 2nd, many users still had 486s/Pentium1-2-3 class PC that were due for retirement. By getting Puppy, one could recommission those old PCs and the download sizes were somewhat reasonable.
Today, much of that has changed. And, Puppy, at least for 32bit, has also been positioned to take advantage of internet speeds, shorten download times, internet reliability, 1995+ processors, and the 2006 model where PC manufacturers mandated a 1GB+ RAM model for all PCs sold with Microsoft loaded.
I know NONE of what I have shared addresses security, but, it at the very least provides a little understanding of what I have seen in my Puppy lifetime.
Several security discussions have arose over the years. And, as such, many ideas have been promoted.
Puppy will probably continue its current model for awhile as it does offer some very useful benefits. There are some things Puppy could do better, but, most of the changes that come are from members who offer an alternative. And over time, the good ideas are spotted and incorporated into the Woof build process for distro builder's inclusion. And, for those fuller server versions that provide OOTB services, they, too, are as secure as they come.
Security is NOT a back burner item, either in Linux or in Puppy.
I have been keeping a watchful eye over the years in this forum of discoveries of security breaches. Thus far, in observation, there has been much discussion, much from scares and warnings, ideas about multi-user(s), and thoughts. This far, I have not seen any reports of PUPPY being used as a launch threat within its LAN, nor Puppy being penetrated, thus far. But, in watching, no one as yet has provided a security monitor that would provide alerts in the Puppy LAN or the Puppy PC of a security breach or a PC security announcer to the console user. .
But, I am apprehensive that someone will be coming forward...hopefully or as someone percieves a real need in this product as it continues to mature.
Here to help
Dear gcmartin,
Very useful thoughts - I have been around here, too, for years and have been contributing - but not so much on the security front. But security is not a trivial question...and many supposedly secure systems are breached. We will get ideas, I am certain, and provide some solutions where security is critical. We are not the dumbest guys in the world...
With kind regards,
vovchik
Very useful thoughts - I have been around here, too, for years and have been contributing - but not so much on the security front. But security is not a trivial question...and many supposedly secure systems are breached. We will get ideas, I am certain, and provide some solutions where security is critical. We are not the dumbest guys in the world...
With kind regards,
vovchik
I have Windows Vista on one hard drive and A bunch of versions of puppy on another on my PC.
I had an antivirus program, AVG free installed with Vista.
Then I found and installed a utility on Vista that would allow access to linux partitions.
Darned if the antivirus took some of my Puppy files and put them in it's locker.
I am pretty sure it is a false positive that is causing it.
I do not want to have to go to the locker and restore a Puppy file or files every time this happens.
So should I restore and exempt those files and then remove that utility that allows Vista and the antivirus to see the linux partitions and their contents?
Or should I take note of what Puppy files got put in the locker and download them again after removing the utility that is allowing access to the linux partitions?
I had an antivirus program, AVG free installed with Vista.
Then I found and installed a utility on Vista that would allow access to linux partitions.
Darned if the antivirus took some of my Puppy files and put them in it's locker.
I am pretty sure it is a false positive that is causing it.
I do not want to have to go to the locker and restore a Puppy file or files every time this happens.
So should I restore and exempt those files and then remove that utility that allows Vista and the antivirus to see the linux partitions and their contents?
Or should I take note of what Puppy files got put in the locker and download them again after removing the utility that is allowing access to the linux partitions?
-
gcmartin
I sure that others will offer other views, but here one that I have used for the past 14 years.8-bit wrote: ... I do not want to have to go to the locker and restore a Puppy file or files every time this happens.
So should I restore and exempt those files and then remove that utility that allows Vista and the antivirus to see the linux partitions and their contents?
Or should I take note of what Puppy files got put in the locker and download them again after removing the utility that is allowing access to the linux partitions?
Whenever I install Linux, I have ALWAYS installed to a LInux formatted partition. In most cases, unless you extend Microsoft or Apple somehow, it will not link/mount/assign a drive letter that Microsoft OS will path for application usage. The SWAP is provided for system stability and performance, while the Linux partition exist for Puppy-Linux use while providing insulation from Microsoft when Microsoft is active.
For example I have several PC where I have partitioned their HDD to include a SWAP partition and an EXT2 or EXT3 or EXT4 partition while keeping the Microsoft partition intact.
By doing so, Microsoft will not provide I/O path for application use
Here to help
AVG free...
" I am pretty sure it is a false positive that is causing it. "
an absolutely crappy AV.
Remove same.
You will notice the speed difference....especially Vista.
:::::::::::
Use Avira.
http://www.avira.com/en/avira-free-antivirus
You can select what you don't want scanned.
It nags you....
you can disable most of it.
"""
September 27, 2012, 10:07 am
No Advertising Pop-ups for Avira Free AntiVirus Users
Users of Avira Free AntiVirus who install the Avira SearchFree toolbar
will no longer have pop-up ads displayed to them.
This SearchFree toolbar includes Browser Tracking Blocker and
Website Safety Advisor so users get the double benefit of no ads
and more secure browsing.
Now Avira lets you ‘live Free’ completely ad-free."
http://techblog.avira.com/2012/09/27/av ... curity/en/
Their search use to be Ask...
which in the past they used to block.
Old post....about 8 down near the middle of page.
How to Remove the Ask Toolbar in Avira:
http://www.murga-linux.com/puppy/viewtopic.php?p=586216
http://fred151.net/?p=projects/nonotifyavira
::::::
http://www.avira.com/en/avira-free-antivirus#tab2
Download it here...not the author's site.
I always use >>> Internode link.....as it's much faster.
http://www.majorgeeks.com/Avira_AntiVir ... _d955.html
""""""""
AVG Remover 2013 at Majorgeeks
http://majorgeeks.com/AVG_Remover_d7000.html
" AVG Remover eliminates all the parts of your AVG installation
from your computer, including registry items, installation files,
user files, etc. AVG Remover is the last option to be used in case
the AVG uninstall / repair installation process has failed repeatedly. "
Majorgeeks is a great download site.
Avoid Cnet at all costs.
Chris.
" I am pretty sure it is a false positive that is causing it. "
an absolutely crappy AV.
Remove same.
You will notice the speed difference....especially Vista.
:::::::::::
Use Avira.
http://www.avira.com/en/avira-free-antivirus
You can select what you don't want scanned.
It nags you....
you can disable most of it.
"""
September 27, 2012, 10:07 am
No Advertising Pop-ups for Avira Free AntiVirus Users
Users of Avira Free AntiVirus who install the Avira SearchFree toolbar
will no longer have pop-up ads displayed to them.
This SearchFree toolbar includes Browser Tracking Blocker and
Website Safety Advisor so users get the double benefit of no ads
and more secure browsing.
Now Avira lets you ‘live Free’ completely ad-free."
http://techblog.avira.com/2012/09/27/av ... curity/en/
Their search use to be Ask...
which in the past they used to block.
Old post....about 8 down near the middle of page.
How to Remove the Ask Toolbar in Avira:
http://www.murga-linux.com/puppy/viewtopic.php?p=586216
http://fred151.net/?p=projects/nonotifyavira
::::::
http://www.avira.com/en/avira-free-antivirus#tab2
Download it here...not the author's site.
I always use >>> Internode link.....as it's much faster.
http://www.majorgeeks.com/Avira_AntiVir ... _d955.html
""""""""
AVG Remover 2013 at Majorgeeks
http://majorgeeks.com/AVG_Remover_d7000.html
" AVG Remover eliminates all the parts of your AVG installation
from your computer, including registry items, installation files,
user files, etc. AVG Remover is the last option to be used in case
the AVG uninstall / repair installation process has failed repeatedly. "
Majorgeeks is a great download site.
Avoid Cnet at all costs.
Chris.
Dear All,
Thanks to gcmartin for his nice post. I too was not bothered about security till last month.
Last month I started using IRC. Soon I found that somebody caught me and said, why are you using irc as root? I was surprised. He immediately told me my residence address. I was afraid! I thought, he started tracking me. I immediately closed my chat and never going back to irc, with a fear.
So, came and ask here. Immediately got a reply that, don't use puppy! I must say sorry to our friend gposil. In this connection, I shall be happy to say that, puppy, itself is a virus, that does not affect computers but affects humans and that to affects mind. I am infected by puppy, and can you please advice, how can I leave it? Now, I shall blame puppy, who taught me about irc. I recently get to know about irc from attym chat that comes with puppy!
Lets say, I will use irc as root with puppy's firewall, I shall not run any bots/scripts from others, I shall not accept any files from others, I shall not use any irc commands without knowing what it does, shall not use the advices others may give over irc, can anybody still can be an intruder to my pc and steal private informations?
I mean, following all the good practices for security, is there still a chance that one can intrude?
Sincerely,
Srinivas Nayak
Thanks to gcmartin for his nice post. I too was not bothered about security till last month.
Last month I started using IRC. Soon I found that somebody caught me and said, why are you using irc as root? I was surprised. He immediately told me my residence address. I was afraid! I thought, he started tracking me. I immediately closed my chat and never going back to irc, with a fear.
So, came and ask here. Immediately got a reply that, don't use puppy! I must say sorry to our friend gposil. In this connection, I shall be happy to say that, puppy, itself is a virus, that does not affect computers but affects humans and that to affects mind. I am infected by puppy, and can you please advice, how can I leave it? Now, I shall blame puppy, who taught me about irc. I recently get to know about irc from attym chat that comes with puppy!
Lets say, I will use irc as root with puppy's firewall, I shall not run any bots/scripts from others, I shall not accept any files from others, I shall not use any irc commands without knowing what it does, shall not use the advices others may give over irc, can anybody still can be an intruder to my pc and steal private informations?
I mean, following all the good practices for security, is there still a chance that one can intrude?
Sincerely,
Srinivas Nayak
[Precise 571 on AMD Athlon XP 2000+ with 512MB RAM]
[Fatdog 720 on Intel Pentium B960 with 4GB RAM]
[url]http://srinivas-nayak.blogspot.com/[/url]
[Fatdog 720 on Intel Pentium B960 with 4GB RAM]
[url]http://srinivas-nayak.blogspot.com/[/url]
http://en.wikipedia.org/wiki/CNETcthisbear wrote: Avoid Cnet at all costs.
Chris.
You mean for download of software? Okay
What then do you know about what snayak
asks us about the IRC channel. I had same experience
as him and a guy told me that "I will kill you" and him
living just 30 minutes by car from me that scared the hell out of me.
And this where the Puppy channel on IRC. So I never used it again.
as snayak ask would such a mean spirited person be able to break in?
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
I have seen very little information about configuring Puppy's firewall. How many ports are open? How exposed are we? I know that someone , somehow, is tracking my emails and using my outgoing emails as a means of targeting me with spam, but I don't have any idea if it is because I use puppy, or if it is something to do with my email provider.snayak wrote:Lets say, I will use irc as root with puppy's firewall,
Without a tightly configured firewall I think we are all very exposed.
Unless you ask the freenode folks to cloak your account, anyone can see your IP address when you are on IRC....and from that, it's possible to determine your location.nooby wrote: What then do you know about what snayak
asks us about the IRC channel. I had same experience
as him and a guy told me that "I will kill you" and him
living just 30 minutes by car from me that scared the hell out of me.
And this where the Puppy channel on IRC. So I never used it again.
So, you can log into the #freenode channel and ask that you be given a cloak...once you have one, you IP addess does not show up.
If you are on IRC and someone threatens you, you can submit a complaint....the Freenode staff takes threats seriously and will help you.
If you take steps to understand how the technology works, you have a better chance of protecting yourself.
thanks for this assurance. Now I am not that bright that I can do that.tlchost wrote:...
If you are on IRC and someone threatens you, you can submit a complaint....the Freenode staff takes threats seriously and will help you.
If you take steps to understand how the technology works, you have a better chance of protecting yourself.
"If you take steps to understand how the technology works"
I just use my computer I know very little about the software.
I know a bit more about the hardware but that is not so much either.
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
@tlchost
I have suggested some idea on banking security.
http://murga-linux.com/puppy/viewtopic. ... 382#662382
I know, nooby is going to kill me for I said in the above post, I am convinced of using puppy as root.
I really mean, non-root still can impose some security threat and we still can improve our security as root too.
For the ideas, thanks are due to 666Philb.
Sincerely,
Srinivas Nayak
May be nooby is saying on behalf of common men. I salute.If you say so....I doubt it.
I have suggested some idea on banking security.
http://murga-linux.com/puppy/viewtopic. ... 382#662382
I know, nooby is going to kill me for I said in the above post, I am convinced of using puppy as root.
I really mean, non-root still can impose some security threat and we still can improve our security as root too.For the ideas, thanks are due to 666Philb.
Sincerely,
Srinivas Nayak
[Precise 571 on AMD Athlon XP 2000+ with 512MB RAM]
[Fatdog 720 on Intel Pentium B960 with 4GB RAM]
[url]http://srinivas-nayak.blogspot.com/[/url]
[Fatdog 720 on Intel Pentium B960 with 4GB RAM]
[url]http://srinivas-nayak.blogspot.com/[/url]
-
gcmartin
IRC - A problem ???
I AM NOT an IRC user, nor am I an expert on IRC security exposures.snayak wrote: ... For the ideas, thanks are due to 666Philb. ...
But, as I do understand how information is transported over the net, ALL methods require an origination and destination address. REQUIRED for Internet transport. Further, applications requests and use ports as a means of identifying who they are talking to.
Any public IP address is suppose to be a REGISTERED IP address. That is to say that some location, ISP, vendor, corporation, or person, has paid and owns an IP address range that has a physical location address associated.
So, for example, in many cases, the IP address that is assigned for use via your ISP (the internet on-ramp you are using) has a physical location associated; sometimes its the ISP's. That IP address can be looked up and the physical address can be shown to anyone interested. Also, if you have an IP address, you "can" ask your ISP to identify it physically, and they will.
Some ISP, maybe even yours, registers or assigns your physical address with the IP address you are given for internet use.
Are you exposed...my initial response is NO! And, I need not go into the reasons why,
Could you get infected...maybe...but, I would guess if this were a common problem, it would have been identified and addressed many years ago. IRC has been around that long.
Lastly, you have already identified one approach. Be cautious of the items you personally would download that would expose critical information.
But, you may be on to something and YOU MAY BE ABLE TO HELP THIS COMMUNITY ADDRESS IT, if so.
Here to help
I wouldnt worry that much about IRC. Yes it broadcasts your IP address, but thats the way IRC works. That in itself isnt a vulnerability or threat. However your IP address along with tons of other information you post about yourself online can add up to a threat... IF... someone really wanted to get you. You've got to stop and ask yourself, (no disrespect intended) but are you really worth someone's effort to go out of their way to go after?snayak wrote:Dear All,
Thanks to gcmartin for his nice post. I too was not bothered about security till last month.
Last month I started using IRC. Soon I found that somebody caught me and said, why are you using irc as root? I was surprised. He immediately told me my residence address. I was afraid! I thought, he started tracking me. I immediately closed my chat and never going back to irc, with a fear.
So, came and ask here. Immediately got a reply that, don't use puppy! I must say sorry to our friend gposil. In this connection, I shall be happy to say that, puppy, itself is a virus, that does not affect computers but affects humans and that to affects mind. I am infected by puppy, and can you please advice, how can I leave it? Now, I shall blame puppy, who taught me about irc. I recently get to know about irc from attym chat that comes with puppy!
Lets say, I will use irc as root with puppy's firewall, I shall not run any bots/scripts from others, I shall not accept any files from others, I shall not use any irc commands without knowing what it does, shall not use the advices others may give over irc, can anybody still can be an intruder to my pc and steal private informations?
I mean, following all the good practices for security, is there still a chance that one can intrude?
Sincerely,
Srinivas Nayak
I'd say you're more at risk by what you post online. I'm going to guess you were using this same screen name. If so... some one could google search it (after all your name is unique). Once they google search it they'd find your posts here. So they'd know you run puppy linux. Anyone researching Puppy LInux would find out everything runs as root... so he wouldnt need an IRC vulnerability to find that out.
Of course if he's on this forum then he can see your signature. Which would lead whoever to know your real name, where you work, what you do, etc.
All of which is way more information than the IP address your IRC client is revealing.
If you are worried for personal safety, think a bit more about what you post on the internet. If someone was wanting to come after you... that information would be far more valuable than your irc client.
But to be clear... I dont think anyone is out to get you.