MandrivaThis Forum is for the discussion of Mandriva (Mandrake) Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have no problems with firestarter on my MDK9.1. I've checked and only have 4 ports open. I did notice that if I let it run in a shell than yes their are more port open than I would like, But since my firewall dosn't have a monitor I set it up to run in the gui.
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986
Rep:
I am using a Netgear router to access the internet. I have no Mandrake firewall installed. I went to www.grc.com and did the shields up! test. everything with stealth!
So does this mean that i do not need a firewall?
I also use my firewall machine for a file server, ssh server, smb server and a place for relatives to have a place to swap files that are to large to email to each-other and for my kids to login to to get their homework and II still have only 4 ports open
I haven't tried gaurddog, I use shorewall, it works great as well and comes with mandrake 9.1.
also for those that asked about the linksys or other soho routers, they don't have features to allow specific ip addresses access or the ability to create a DMZ, but they do provide some security. I'm not sure if they have vulnerabilities.
mrnikeswsh - if you have MNF you really don't need the linksys, your MNF will do the functions that the linksys does, unless it's a wireless WAP/router. You would set your gateway interface to do DHCP and configure it as the outside interfaces. and your inside interface would be 192.168.0.1 and it can run as a DHCP server for the inside computers.
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986
Rep:
I know that in Windows XP, a software could uknowingly send information out. I know this because I have Zone Alarm on my Windows XP machine and Adobe and Norton will try to send out information. If I did not have Zone Alarm, these programs would access the internet without my permission.
Can programs in linux unknowingly access the internet?
Hello Micro420! I'm not a Linux guru, I'm in Linux for less than
one year. But as you know, none can login into your pc remotely
provided you don't give him/her permission and, as you remember,
you need to be root to open accounts to new users. This prevents
your PC to be hacked, in theory... provided you have your OS
updated! Always there are vulnerabilities to be exploited by
hackers. Your question: "Can programs in linux unknowingly access
the internet?" I think is one that can not be answered
categorically yes or not. For exemple, CD rippers usually contact
automatically CDDB data bases to request album, author and song
titles. I think other programs do the same for other reasons but
these don't atack your privacy and cannot be considerated as
spyware or trojans, they have the related internet activity
necessary for making exclusively the functions they were created.
But who knows? Do anyone think a well trained hacker can exploit
some kind of vulnerability of a program and insert something that
converts it into spyware? Or, moreover, can a hacker substitute
files on a ftp server? I know these questions are well out of this
thread but a well configurated firewall will prevent of sending any
externally requested data and internal spyware activity.
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986
Rep:
Quote:
Originally posted by oski Hello Micro420! I'm not a Linux guru, I'm in Linux for less than
one year. But as you know, none can login into your pc remotely
provided you don't give him/her permission and, as you remember,
you need to be root to open accounts to new users. This prevents
your PC to be hacked, in theory... provided you have your OS
updated! Always there are vulnerabilities to be exploited by
hackers. Your question: "Can programs in linux unknowingly access
the internet?" I think is one that can not be answered
categorically yes or not. For exemple, CD rippers usually contact
automatically CDDB data bases to request album, author and song
titles. I think other programs do the same for other reasons but
these don't atack your privacy and cannot be considerated as
spyware or trojans, they have the related internet activity
necessary for making exclusively the functions they were created.
But who knows? Do anyone think a well trained hacker can exploit
some kind of vulnerability of a program and insert something that
converts it into spyware? Or, moreover, can a hacker substitute
files on a ftp server? I know these questions are well out of this
thread but a well configurated firewall will prevent of sending any
externally requested data and internal spyware activity.
What if someone makes a software that can check for viruses or updates your CD software by sending out information but it maliciously grabs your cookie files from you web browser to send it to an outside server so that they can track your web surfing habits? if something can go out without you knowing, then there could be a slight chance that someone may use that to find out something about your computer without your consent. This is scary! Time to install firewall!
courtrrb
Distribution: Mandrake Anybody who's using shorewall been able to ssh into the firewall machine and then from the firewall machine ssh into a system on your lan?
you can set up rules to accomplish this, but I would not give access to the firewall, I would port map ssh (port 22) to the host you want access to. I would also set ssh to only accept connections with a key. You can also change the port ssh accepts a connection on.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.