LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 01-27-2004, 12:17 AM   #1
mohapi
Member
 
Registered: Mar 2003
Distribution: Debian
Posts: 208

Rep: Reputation: 30
Devil-Linux cd firewall


Does anyone have experience with the Devil-Linux cd firewall ?
 
Old 02-02-2004, 12:27 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
I haven't directly used Devil Linux, but from their homepage, it looks like it just uses the standard iptables/netfiler firewall with the patch-o-matic base add-ons and includes the firewallbuilder GUI.

Try asking a specific question, as there are a number of people here who are iptables gurus and can help you out.
 
Old 02-02-2004, 03:31 PM   #3
mohapi
Member
 
Registered: Mar 2003
Distribution: Debian
Posts: 208

Original Poster
Rep: Reputation: 30
I currently use IPcop v1.2 on an old Pentium 100 box, but would like less noise and hassle if the box shuts down for any reason. I got the Devil-Linux cd burned and ready to run, I just need to buy a floppy to set the config up.
 
Old 03-13-2005, 12:36 AM   #4
floppywhopper
Member
 
Registered: Aug 2004
Location: Albany, Western Australia
Distribution: Mageia 2, SME Server 8
Posts: 616
Blog Entries: 2

Rep: Reputation: 54
Buuuuuuuuump

After all the recent discussions about Linux boxes getting root-kitted, compromised etc etc, I too am now looking at using a Live CD firewall and Devil Linux is the one I'm having an extra good look at.

So anyone using Devil Linux, I would appreciate comments please

One question I would like answered, is a distro like this susceptible to root kits and other nasties.

floppy
 
Old 03-14-2005, 12:36 PM   #5
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally posted by floppywhopper
Buuuuuuuuump

After all the recent discussions about Linux boxes getting root-kitted, compromised etc etc, I too am now looking at using a Live CD firewall and Devil Linux is the one I'm having an extra good look at.

So anyone using Devil Linux, I would appreciate comments please

One question I would like answered, is a distro like this susceptible to root kits and other nasties.

floppy
yes, any distro is susceptible to exploits, even live cd distros... a nasty can be installed in RAM without needing write access to the cd... a lot of folks (i'm not saying you're one of them) think that because the cd isn't writable they are 100% safe, which is not true... of course the live cd read-only nature does give you some convenience when it comes to these situations - if you get hit by a nasty you can reboot and the nasty will be wiped from the RAM - but you'd still have to deal with the vulnerability that allowed the exploit before bringing the system back online... sometimes the workaround could be as simple as blocking the port for the affected daemon while you get your updated ISO... but if you are working completely remotely, their will be a window of opportunity between the time the network is brought-up (upon reboot) and the time you issue the workaround - during this window you could get owned once again... so it would be optimal to have physical access so you could do the fix/workaround BEFORE putting the box back online...

having said that, it should be noted that devil linux uses a grsecurity patched kernel and most of it's binaries are compiled with the gcc stack smashing protector option, so you get a higher-level of security than you would on most other live distros... the possibilities of getting owned on devil linux via something like a buffer-overflow (for example) are lower than on typical live cd distros...

http://www.grsecurity.net/

http://www.research.ibm.com/trl/projects/security/ssp/

just my two cents...


Last edited by win32sux; 03-14-2005 at 01:25 PM.
 
Old 03-14-2005, 05:42 PM   #6
floppywhopper
Member
 
Registered: Aug 2004
Location: Albany, Western Australia
Distribution: Mageia 2, SME Server 8
Posts: 616
Blog Entries: 2

Rep: Reputation: 54
Thats very interesting , thanks for the info

While I didn't make any assumptions about live CD security, I have to admit that I didn't know that about RAM infections ... thats why I asked. Anyway the system is anything but remote LOL its under the table where I'm working now.

The more I learn the more I realise how little I know
always learning ......

any other comments about Devil Linux or Live Cd firewalls appreciated.

floppy
 
Old 07-13-2005, 06:46 AM   #7
ih83
LQ Newbie
 
Registered: Aug 2003
Posts: 5

Rep: Reputation: 0
Loading USB drive for config files

In devil linux, u have to either provide a floppy disk or USB disk so that Devil can read and write configuration files to and fro. The thing is I do not know what parameters u have to pass on to mount the USB disk (something with DL_config=.....)


Please help!

THanx
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
list of commands for Devil-Linux cyniq Linux - Newbie 1 11-13-2005 11:49 PM
Devil Linux webwolf70 Linux - Distributions 2 05-09-2005 09:24 PM
Devil Linux and webapps momilla Linux - Software 0 10-22-2004 03:30 AM
How can I add software to Devil Linux CD? momilla Linux - Newbie 1 09-12-2004 04:18 AM
Devil-Linux OMEGA-DOOM Linux - Newbie 2 09-03-2004 04:51 AM


All times are GMT -5. The time now is 02:11 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration