surfing w/o harddrive using knoppix, secure?

Miah · 02-27-2007, 05:00 PM

I am going to try surfing web with no anti-anything software.

I'm planning on removing my hd, running knoppix from a usb pen drive, downloading to a second pen drive.

Anyone see any problems?

I will erase the usb knoppix after

Thank you if you respond!

nx5000 · 02-27-2007, 06:14 PM

Not wanting to scare you but the most ingenious virii do not install one thing on the harddisk, they stay in RAM as long as the machine is on.
You want to run it from a usb key rather than a harddisk. What's the difference? You can also wipe out your harddisk everyday if you have some time to waste...

Or maybe your talking of a writeprotected stick, which is like running it from the CD?
In this case, no file will be altered ok. No write possible..
Still your personnal information (from your 2nd stick or whatever writeable storage including RAM) can be extracted/modified
And your machine can still be used as a relay to attack others.

In theory, I'm not sure there is an advantage of such system.
In practice, unless you have some very interesting information on your system, most people only get hit by automated tools (with no AI behind) and they might fail with your setup if write access to / is disable.
If also you are sure that your second usb stick cannot run binary (by using special mount options) then it will be impossible for the attacker to leave a backdoor so that he comes back later if you have patched the first breach.

Being paranoid a bit?

Miah · 02-28-2007, 10:35 AM

Thank you for responding, nx 5000. Often I'm too cryptic because I'm at library (time constraints).

I dislike intrusiveness of Norton etc. When new Norton was installed at my library everything slowed down.

Also I'm too "thrifty" to pay Norton etc. I'd rather buy linux CD's and hardware.

You have shown me an advantage to running Knoppix from ROM CD, I was thinking mainly of speed with the usb stick-and the freed up cd drive.

I want to remove my hd to save and protect my OS's and applications-don't want to wipe my quadruple boot setup!

I am not sure my 2nd stick cannot run binary-any tip on where to look for the mount options you referred to? Also, what does "with no AI behind" mean?

My concern is that I will pick up something bad in the download stick and bring it back to my desktop. My plan is take a laptop to a wireless internet cafe, remove my quadruple boot hd, surf with knoppix,download to 2nd usb, power down (RAM), erase knoppix usb, and bring home info to install on my desktop.

My desktop is not online so my usb stick is the only way in. I guess maybe I am paranoid-but that doesn't mean "they" are not out to get me!

Thanks again! Miah in Maine.

nx5000 · 02-28-2007, 12:20 PM

Quote:

I am not sure my 2nd stick cannot run binary-any tip on where to look for the mount options you referred to? Also, what does "with no AI behind" mean?

man mount:

Quote:

nodev Do not interpret character or block special devices on the file system.

noexec Do not allow direct execution of any binaries on the mounted file system. (Until
recently it was possible to run binaries anyway using a command like /lib/ld*.so
/mnt/binary. This trick fails since Linux 2.4.25 / 2.6.0.)

nosuid Do not allow set-user-identifier or set-group-identifier bits to take effect. (This
seems safe, but is in fact rather unsafe if you have suidperl(1) installed.)

In fstab, you should have these options set for your usb stick.

AI=Artificial Intelligence

Norton? Yeah a bit intrusive

I would tend to say a bit useless from what I have seen compared to other antivirus but some like it, some are forced to buy it with their new PC.

Anyway, I dislike antivirus because it's not a sure science and it's always possible to debug the antivirus to find its weakness.