LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
LinkBack Search this Thread
Old 06-11-2007, 09:59 AM   #1
lali.p
Member
 
Registered: Jan 2007
Distribution: Slackware 11.0
Posts: 141

Rep: Reputation: 16
Some security related and other doubts


Hi all
I am using Slackware 11.0 for the past 5 months and thanks to you people i've been able to solve all minor and major problems.
But here are certain queries that i need an answer to:

1)Many a times i see in this forum that people refer to rc.firewall script being there in /etc/rc.d/ folder
However i have a default installation(but updated kernel 2.6.21.1)but i don't have any such script.Is this file rc.firewall by default there(i guess not) or do we need to configure a firewall(which i haven't done yet)and then it's generated ?

2)Recently i found out that any normal user can restart the pc by pressing ctrl+alt+del.
Don't you think thats a stupid idea?
i mean only root should be able to do that and is this feature also available on other distros as well(b'coz i've never tried any other distro other than Slackware).

3)I know this question is absurd to ask here but still .... A microprocessor understands the language of 1's and 0's so why is that when we open a binary file or an exe file in a text editor i see all those other stupid symbols and not 1's and 0's ?

4)i have an active LAN but no rc.netdevice script in /etc/rc.d . i've seen this script being referred in the book "Slackware Linux Essentials"

5)I've learnt a lot of things using Slackware 11.0 from installation to kernel compilation running internet and compiling from source etc(however i still need to learn how to upgrade, write bash scripts, iptables firewall etc)

for the past 1 month my leaning curve has become less steep.i want to completely learn the ins and outs of Linux So can you tell me what next to do

Kindly throw some light
 
Old 06-11-2007, 10:35 AM   #2
folkenfanel
Member
 
Registered: Sep 2004
Location: formerly Fanelia and Zaibach
Distribution: Slackware-current with KDE 4.8.5
Posts: 299

Rep: Reputation: 35
Wink Hi there!

Hi

1) You have to set rc.firewall by yourself by using iptables or any other methods you might consider... There was some sort of webtool to generate your script (I think it was on AlienBob's website).

2) I think the point is that anyway he's got physical access to the PC... I think that happens in all distros although I'm not sure (few distros take you to a console login). I use runlevel 4 -graphical login- with KDM. You can configure KDM to prevent some users to shutdown/restart the PC.

3) Don't know either, but if you open a binary with khexedit you will see an interesting hexadecimal map.

4) I don't think it matters having a rc.netdevice or not. I don't have one. I do think it is just to load the module/s for your card.

5)a) Define upgrade. If you mean security updates to a default install, then check the stable changelog, go to a mirror, download your security updates and then # upgradepkg yourpackage.tgz If you want to "upgrade" to -current, well that's very different. Keep in mind that -current is the development branch.

5)b) You could start by writing something simple...
Code:
#!/bin/bash
# Anything but the first line starting with #
# is commented. 
# Take a look at the scripts at /etc/rc.d
# For an extensive guide on how to use bash, 
# check the bash manual (man bash)

# Write down whatever sh commands (console commands) you like
HI="Hi world"
echo $HI
sleep 1
5)c) man iptables or that script generator (I can't remember the URL)

May the Source be with you!
 
Old 06-11-2007, 10:51 AM   #3
nautilus
Member
 
Registered: Jun 2007
Location: London, Athens
Distribution: Debian, Ubuntu
Posts: 36

Rep: Reputation: 15
Hi lali.b2

I have used slackware very briefly so I'm afraid I cannot answer to 1 & 4. For the rest:

2. Yes, generally it is a stupid idea, although the level of security you need depends on the role each machine plays: you treat differently to your development box than to your production server. Anyway there is a configuration file (depends on your distribution) that you can turn this feature off.

3. You are right, a CPU understands only 1s and 0s. The text editor though understands ASCII code, which is a way to represent 1s and 0s with characters. For example 'A' = 41h = 1000001.

Do

Quote:
man ascii
for more details. In other words, using an editor you will see your 1s and 0s in ASCII code. What you need to see the 1s and 0s is a hex editor. To a little research on that...

5. Here depends what you really want to do with linux. Development? System administration? A good book is "Running Linux" by O'Reilly. It covers basics about running linux in general and also talks about the main distributions and what are the differences between them.
 
Old 06-11-2007, 11:01 AM   #4
folkenfanel
Member
 
Registered: Sep 2004
Location: formerly Fanelia and Zaibach
Distribution: Slackware-current with KDE 4.8.5
Posts: 299

Rep: Reputation: 35
Thumbs up This is it!

Hi

This is it! The automatic Easy Firewall Generator for IPTables "Slackware adaptation"



The original was here (don't try it on Slackware): http://easyfwgen.morizot.net/gen/
 
Old 06-11-2007, 03:27 PM   #5
guzzi
Member
 
Registered: Jun 2004
Location: Lawrence, KS
Distribution: Slackware
Posts: 294

Rep: Reputation: 32
Slackware firewall

In /etc/ppp are two firewall scripts written by Roaring Penguin Software Inc. which seem to be installed in that directory when the install everything method is used.

Pick the one that fits your needs the most. I have tried them both, and they work as required.
 
Old 06-12-2007, 07:54 AM   #6
lali.p
Member
 
Registered: Jan 2007
Distribution: Slackware 11.0
Posts: 141

Original Poster
Rep: Reputation: 16
Thank you

Thank you folkenfanel,nautilus and guzzi for your replies.
i am now planning do learn serious programming using c++ and also bash scripting.

Thanks again for your replies.
 
Old 06-12-2007, 08:20 AM   #7
MS3FGX
Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,850

Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
The issue of being able to reboot the machine with Ctrl+Alt+Delete can be resolved by opening /etc/inittab and editing the line that reads:

Code:
# What to do at the "Three Finger Salute".
ca::ctrlaltdel:/sbin/shutdown -t5 -r now
You can change the action to be something else, or just comment it out all together. From a security standpoint, I would have to say this is really a non-issue. Once a person has physical access to the point they can press keys on the keyboard, you are already done for.

After all, if they can get to the keyboard, they could just press the reset button on the case as well, no? Or more importantly, they could boot into single user mode and have root access, or even take the drive out and steal the data from it in the comfort of their own home at their leisure.

rc.netdevice was used to load a module for your network card if required, but with the 2.6 kernel and new technology like udev (both of which are standard on the next version of Slackware) we really don't need to concern ourselves with such things unless there is a specific reason to (I.E, it isn't working); so don't worry about that one.
 
Old 06-12-2007, 08:29 AM   #8
dive
Senior Member
 
Registered: Aug 2003
Location: UK
Distribution: Slackware
Posts: 3,185

Rep: Reputation: 285Reputation: 285Reputation: 285
5) There are quite a few bash scripting guides around on the net. Here's one that I found very useful: http://www.tldp.org/LDP/abs/html/

And for C/C++ http://www.cplusplus.com/

Last edited by dive; 06-12-2007 at 08:30 AM.
 
Old 06-12-2007, 02:00 PM   #9
lali.p
Member
 
Registered: Jan 2007
Distribution: Slackware 11.0
Posts: 141

Original Poster
Rep: Reputation: 16
Smile

Quote:
Originally Posted by MS3FGX
Once a person has physical access to the point they can press keys on the keyboard, you are already done for.

After all, if they can get to the keyboard, they could just press the reset button on the case as well, no? Or more importantly, they could boot into single user mode and have root access, or even take the drive out and steal the data from it in the comfort of their own home at their leisure.

you are right but my question was in the context that say there are 5 terminals with only monitor key board and mouse and each of the terminal is connected to the main computer.Then even though no single person out of 5 people has access to main pc he still can reset the system much to the inconvenience of other 4 users.

Kindly correct me if i'm wrong
 
Old 06-12-2007, 04:18 PM   #10
MS3FGX
Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,850

Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
You could only restart the machine from the local keyboard, or in other words, the one that is physically plugged into the back of the computer.

Clients connected remotely via some form of terminal (serial, network, whatever) would not be able to restart the machine.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Kernel Memory related doubts!!! linuxguy_72 Linux - Kernel 1 05-07-2007 10:40 AM
TWO Security Related Questions as400 Solaris / OpenSolaris 15 07-13-2006 12:50 PM
two security related questions krock923 Linux - Security 2 04-28-2006 04:41 PM
doubts related to rpm lexersrp Linux - General 1 01-23-2005 08:58 AM
Security-Related Question gauge73 Linux - Security 3 02-15-2003 05:20 PM


All times are GMT -5. The time now is 10:31 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration