is firewall needed for live CD with dialup internet?
Is there any point to running a personal firewall when using a linux live CD or DVD with a dialup internet connection? My chief concern is compromise of the underlying Windows installation. I do not need corporate-grade security.
|
If you don't mount the windows drives in linux, no. In 99% of cases no. However, that being said, better safe than sorry... the default firewall that ships with most distributions is typically fine and leaves nothing open that shouldn't be.
If you're not online of course a firewall is of no benefit, it's really does nothing to decrease performance in that case though either. |
Quote:
|
There's no real need to run a firewall with a live cd. Especially if windows isn't mounted. Unless you create the live cd yourself and enable persistence, nothing will be saved to the cd. When you end your session with the live cd, the image disappears from the computers memory. Besides, running Linux doesn't compromise Windows, running Windows compromises Windows.
|
With root access an intruder could mount any partition and alter any files. But I'm thinking that would be too much trouble for an untargeted attack on an uncommon configuration over a slow connection with a variable IP address.
|
Not only would it be too much trouble, but the odds of it happening are astronomical. Although the root password on a live cd would probably be "root" (not a plus for security), how about adding the variable of the length of time a live cd would actually be connected to the internet using dialup. An intruder has to find you first.
|
isn't it better to stop ssh/change root password at system boot?
|
I was also thinking about removing or disabling ntfs-3g, but once again, it is a live cd, unless your going to be using it as a replacement for an installed operating system, what are the chances of being found?
|
Quote:
Pretty far-fetched, but the crooks are professionals, and I don't have a real grasp of their capabilities. |
Quote:
Your machine could already be compromised by someone who is letting your windows / linux run in a hypervisor logging everything you do or say and since it's at a higher privilege level than the operating system it's undetectable for the most part. |
Quote:
If you read about the exploits that are out there you can see one general fact. Malware is 99.9% installed by the user, not by some twisted hacker in cyberspace. Visit an unfamiliar web site and/or download an unverifiable program/app/wallpaper/game (you get the picture) you may introduce something evil into your operating system. Worrying about someone breaking in, especially with your setup, really doesn't deserve the time your giving it. |
Quote:
|
All times are GMT -5. The time now is 04:15 AM. |