LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 02-03-2010, 05:43 PM   #1
carolus
Member
 
Registered: Feb 2008
Posts: 45

Rep: Reputation: 15
is firewall needed for live CD with dialup internet?


Is there any point to running a personal firewall when using a linux live CD or DVD with a dialup internet connection? My chief concern is compromise of the underlying Windows installation. I do not need corporate-grade security.
 
Old 02-03-2010, 05:54 PM   #2
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 163Reputation: 163
If you don't mount the windows drives in linux, no. In 99% of cases no. However, that being said, better safe than sorry... the default firewall that ships with most distributions is typically fine and leaves nothing open that shouldn't be.

If you're not online of course a firewall is of no benefit, it's really does nothing to decrease performance in that case though either.
 
Old 02-03-2010, 07:02 PM   #3
carolus
Member
 
Registered: Feb 2008
Posts: 45

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by rweaver View Post
the default firewall that ships with most distributions is typically fine and leaves nothing open that shouldn't be.
The live versions don't always include firewalls. Debian, for example. Does that matter? At home I'm behind a router, but at our summer cabin I'm on dialup.
 
Old 02-03-2010, 07:33 PM   #4
GoinEasy9
Member
 
Registered: Feb 2004
Location: Manorville, New York, USA
Distribution: siduction, Fedora 19, openSUSE Tumbleweed
Posts: 379
Blog Entries: 1

Rep: Reputation: 46
There's no real need to run a firewall with a live cd. Especially if windows isn't mounted. Unless you create the live cd yourself and enable persistence, nothing will be saved to the cd. When you end your session with the live cd, the image disappears from the computers memory. Besides, running Linux doesn't compromise Windows, running Windows compromises Windows.
 
Old 02-03-2010, 08:12 PM   #5
carolus
Member
 
Registered: Feb 2008
Posts: 45

Original Poster
Rep: Reputation: 15
With root access an intruder could mount any partition and alter any files. But I'm thinking that would be too much trouble for an untargeted attack on an uncommon configuration over a slow connection with a variable IP address.
 
Old 02-04-2010, 12:03 AM   #6
GoinEasy9
Member
 
Registered: Feb 2004
Location: Manorville, New York, USA
Distribution: siduction, Fedora 19, openSUSE Tumbleweed
Posts: 379
Blog Entries: 1

Rep: Reputation: 46
Not only would it be too much trouble, but the odds of it happening are astronomical. Although the root password on a live cd would probably be "root" (not a plus for security), how about adding the variable of the length of time a live cd would actually be connected to the internet using dialup. An intruder has to find you first.
 
Old 02-04-2010, 12:44 AM   #7
Web31337
Member
 
Registered: Sep 2009
Location: Russia
Distribution: Gentoo, LFS
Posts: 399
Blog Entries: 71

Rep: Reputation: 65
isn't it better to stop ssh/change root password at system boot?
 
Old 02-04-2010, 12:41 PM   #8
GoinEasy9
Member
 
Registered: Feb 2004
Location: Manorville, New York, USA
Distribution: siduction, Fedora 19, openSUSE Tumbleweed
Posts: 379
Blog Entries: 1

Rep: Reputation: 46
I was also thinking about removing or disabling ntfs-3g, but once again, it is a live cd, unless your going to be using it as a replacement for an installed operating system, what are the chances of being found?
 
Old 02-04-2010, 01:14 PM   #9
carolus
Member
 
Registered: Feb 2008
Posts: 45

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by GoinEasy9 View Post
what are the chances of being found?
Just suppose I got compromised by a random broadcast attack that is so well designed that it temporarily takes over with root privileges, installs malware in the Windows partition that keylogs my banking transactions, then sends home a report the next time I connect to the internet? Anything that I could do, the intruder can undo, at least in principle. Even reinstalling ntfs-3g, if I have gone to the trouble of remastering the live CD without ntfs-3g.

Pretty far-fetched, but the crooks are professionals, and I don't have a real grasp of their capabilities.
 
Old 02-04-2010, 02:49 PM   #10
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 163Reputation: 163
Quote:
Originally Posted by carolus View Post
Just suppose I got compromised by a random broadcast attack that is so well designed that it temporarily takes over with root privileges, installs malware in the Windows partition that keylogs my banking transactions, then sends home a report the next time I connect to the internet? Anything that I could do, the intruder can undo, at least in principle. Even reinstalling ntfs-3g, if I have gone to the trouble of remastering the live CD without ntfs-3g.

Pretty far-fetched, but the crooks are professionals, and I don't have a real grasp of their capabilities.
What you're talking about there is no a random broadcast attack, that is a customized attack dedicated to compromising a specific individuals system and frankly, with a laptop out in the woods, it would be several thousand fold easier to watch the place, break in and walk out with the actual device. Keep in mind in an attack like that a firewall isn't going to make or break you and if you operate under that mindset then you had best just never connect to a network period. If you want to make yourself really paranoid go read about red and blue pill from blackhat.

Your machine could already be compromised by someone who is letting your windows / linux run in a hypervisor logging everything you do or say and since it's at a higher privilege level than the operating system it's undetectable for the most part.
 
Old 02-04-2010, 04:56 PM   #11
GoinEasy9
Member
 
Registered: Feb 2004
Location: Manorville, New York, USA
Distribution: siduction, Fedora 19, openSUSE Tumbleweed
Posts: 379
Blog Entries: 1

Rep: Reputation: 46
Quote:
Pretty far-fetched, but the crooks are professionals, and I don't have a real grasp of their capabilities.
Well, their capabilities are pretty impressive. They are very smart and cunning, and have gone over to the dark side. Now, considering how smart they are, do you think they are going to spend any time at all trying to break into an individual computer, especially one connected to the internet by a dialup connection? Unless your known to have millions of dollars in bank accounts and have been targeted by some evil international consortium, no one is going to be even interested in your computer.
If you read about the exploits that are out there you can see one general fact. Malware is 99.9% installed by the user, not by some twisted hacker in cyberspace. Visit an unfamiliar web site and/or download an unverifiable program/app/wallpaper/game (you get the picture) you may introduce something evil into your operating system. Worrying about someone breaking in, especially with your setup, really doesn't deserve the time your giving it.
 
Old 02-05-2010, 09:43 AM   #12
carolus
Member
 
Registered: Feb 2008
Posts: 45

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by Web31337 View Post
isn't it better to stop ssh/change root password at system boot?
Why stop ssh? I think live disks usually install only the client, not the server, but isn't even the server reasonably safe?
 
  


Reply

Tags
dialup, firewall


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Centos Firewall...needed if already behind a firewall? JohnRock Linux - Networking 7 05-22-2009 03:49 PM
dialup internet on SUSE anubhuti_k Linux - Distributions 1 07-14-2005 01:56 PM
dialup firewall/5.3 TheBman *BSD 1 12-05-2004 10:17 PM
how to connect to internet using dialup yousaf Red Hat 3 08-12-2004 02:54 AM
Firewall and dialup subzero0 Mandriva 3 01-16-2004 11:36 PM


All times are GMT -5. The time now is 06:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration