Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I haven't directly used Devil Linux, but from their homepage, it looks like it just uses the standard iptables/netfiler firewall with the patch-o-matic base add-ons and includes the firewallbuilder GUI.
Try asking a specific question, as there are a number of people here who are iptables gurus and can help you out.
I currently use IPcop v1.2 on an old Pentium 100 box, but would like less noise and hassle if the box shuts down for any reason. I got the Devil-Linux cd burned and ready to run, I just need to buy a floppy to set the config up.
After all the recent discussions about Linux boxes getting root-kitted, compromised etc etc, I too am now looking at using a Live CD firewall and Devil Linux is the one I'm having an extra good look at.
So anyone using Devil Linux, I would appreciate comments please
One question I would like answered, is a distro like this susceptible to root kits and other nasties.
After all the recent discussions about Linux boxes getting root-kitted, compromised etc etc, I too am now looking at using a Live CD firewall and Devil Linux is the one I'm having an extra good look at.
So anyone using Devil Linux, I would appreciate comments please
One question I would like answered, is a distro like this susceptible to root kits and other nasties.
floppy
yes, any distro is susceptible to exploits, even live cd distros... a nasty can be installed in RAM without needing write access to the cd... a lot of folks (i'm not saying you're one of them) think that because the cd isn't writable they are 100% safe, which is not true... of course the live cd read-only nature does give you some convenience when it comes to these situations - if you get hit by a nasty you can reboot and the nasty will be wiped from the RAM - but you'd still have to deal with the vulnerability that allowed the exploit before bringing the system back online... sometimes the workaround could be as simple as blocking the port for the affected daemon while you get your updated ISO... but if you are working completely remotely, their will be a window of opportunity between the time the network is brought-up (upon reboot) and the time you issue the workaround - during this window you could get owned once again... so it would be optimal to have physical access so you could do the fix/workaround BEFORE putting the box back online...
having said that, it should be noted that devil linux uses a grsecurity patched kernel and most of it's binaries are compiled with the gcc stack smashing protector option, so you get a higher-level of security than you would on most other live distros... the possibilities of getting owned on devil linux via something like a buffer-overflow (for example) are lower than on typical live cd distros...
While I didn't make any assumptions about live CD security, I have to admit that I didn't know that about RAM infections ... thats why I asked. Anyway the system is anything but remote LOL its under the table where I'm working now.
The more I learn the more I realise how little I know
always learning ......
any other comments about Devil Linux or Live Cd firewalls appreciated.
In devil linux, u have to either provide a floppy disk or USB disk so that Devil can read and write configuration files to and fro. The thing is I do not know what parameters u have to pass on to mount the USB disk (something with DL_config=.....)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.