is firewall needed for live CD with dialup internet?
 

Is there any point to running a personal firewall when using a linux live CD or DVD with a dialup internet connection? My chief concern is compromise of the underlying Windows installation. I do not need corporate-grade security.

If you don't mount the windows drives in linux, no. In 99% of cases no. However, that being said, better safe than sorry... the default firewall that ships with most distributions is typically fine and leaves nothing open that shouldn't be.

If you're not online of course a firewall is of no benefit, it's really does nothing to decrease performance in that case though either.

The live versions don't always include firewalls. Debian, for example. Does that matter? At home I'm behind a router, but at our summer cabin I'm on dialup.

There's no real need to run a firewall with a live cd. Especially if windows isn't mounted. Unless you create the live cd yourself and enable persistence, nothing will be saved to the cd. When you end your session with the live cd, the image disappears from the computers memory. Besides, running Linux doesn't compromise Windows, running Windows compromises Windows.

With root access an intruder could mount any partition and alter any files. But I'm thinking that would be too much trouble for an untargeted attack on an uncommon configuration over a slow connection with a variable IP address.

Not only would it be too much trouble, but the odds of it happening are astronomical. Although the root password on a live cd would probably be "root" (not a plus for security), how about adding the variable of the length of time a live cd would actually be connected to the internet using dialup. An intruder has to find you first.

isn't it better to stop ssh/change root password at system boot?

I was also thinking about removing or disabling ntfs-3g, but once again, it is a live cd, unless your going to be using it as a replacement for an installed operating system, what are the chances of being found?

Just suppose I got compromised by a random broadcast attack that is so well designed that it temporarily takes over with root privileges, installs malware in the Windows partition that keylogs my banking transactions, then sends home a report the next time I connect to the internet? Anything that I could do, the intruder can undo, at least in principle. Even reinstalling ntfs-3g, if I have gone to the trouble of remastering the live CD without ntfs-3g.

Pretty far-fetched, but the crooks are professionals, and I don't have a real grasp of their capabilities.

What you're talking about there is no a random broadcast attack, that is a customized attack dedicated to compromising a specific individuals system and frankly, with a laptop out in the woods, it would be several thousand fold easier to watch the place, break in and walk out with the actual device. Keep in mind in an attack like that a firewall isn't going to make or break you and if you operate under that mindset then you had best just never connect to a network period. If you want to make yourself really paranoid go read about red and blue pill from blackhat.

Your machine could already be compromised by someone who is letting your windows / linux run in a hypervisor logging everything you do or say and since it's at a higher privilege level than the operating system it's undetectable for the most part.

Well, their capabilities are pretty impressive. They are very smart and cunning, and have gone over to the dark side. Now, considering how smart they are, do you think they are going to spend any time at all trying to break into an individual computer, especially one connected to the internet by a dialup connection? Unless your known to have millions of dollars in bank accounts and have been targeted by some evil international consortium, no one is going to be even interested in your computer.
If you read about the exploits that are out there you can see one general fact. Malware is 99.9% installed by the user, not by some twisted hacker in cyberspace. Visit an unfamiliar web site and/or download an unverifiable program/app/wallpaper/game (you get the picture) you may introduce something evil into your operating system. Worrying about someone breaking in, especially with your setup, really doesn't deserve the time your giving it.

Why stop ssh? I think live disks usually install only the client, not the server, but isn't even the server reasonably safe?