Page 1 of 1
Firewall / Network Security Question
Posted: 01 May 2017, 14:28
by Koss98
Edit: I forgot to mention that I'm on unsecured wifi most of the time
How secure is Porteus with firewall turned off? I was fiddling with rc.local sometime ago and the edit somehow interfered with the firewall (should've used the "startup script" feature in the Settings Centre), which I had previously set to "block all". When I checked the settings later I found that the firewall had now been set to "off", and I confirmed that this was also the case in practice. I've read that firewalls aren't essential for distributions like Ubuntu as they have no tcp/udp ports open by default. Furthermore, Linux supposedly has a firewall built into its kernel, though I have no idea what that implies.
Are these the case for Porteus? Should I change my online passwords, delete my Porteus installation and start over, lest my machine had been compromised at some point by an attacker while I was unaware? I feel lost as I'm woefully ignorant when it comes to information security.
Re: Firewall / Network Security Question
Posted: 02 May 2017, 05:40
by Evan
Koss98 wrote:How secure is Porteus with firewall turned off?
A question i've been meaning to ask myself as i wondered if there was any type of Netbios or Network discovery running for Samba and such.
Re: Firewall / Network Security Question
Posted: 02 May 2017, 07:44
by donald
First of all: there is no 100 % security -- You should always use your common sense.
This leads to the Question:
why would i want to disable the firewall while connected with a public network?
However,
Linux doesn't have a bunch of dodgy ports open to the outside world.
An incoming try to connect is only a problem if there are applications listening
for these incoming connections.
Unless there is a specific program listening on a port, the port is closed
just as tightly with no firewall running.
If nothing is listening on a given port than all the skript-kiddies in the world
aren't going to get into your machine. -- A closed port is a secure port.
Best solution:
simply not having potentially vulnerable services listening by default.
Some commands you may find useful.
lsof -i -P -n
netstat -vatn
netstat -tulpn
iptables -L -v
Btw
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
Re: Firewall / Network Security Question
Posted: 02 May 2017, 17:37
by francois
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
This is the best answer for linux naive users
Thanks.
Re: Firewall / Network Security Question
Posted: 02 May 2017, 17:58
by Koss98
That's the kind of answer I wanted. A lot of the advice I've found online are theoretical, vague, or meant for power users running servers. As a typical desktop user I just need some practical advice and a general grasp of things so I can feel reasonably assured about the security of my system.
Re: Firewall / Network Security Question
Posted: 29 Jun 2017, 12:13
by anajames
francois wrote:All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
This is the best answer for linux naive users
Thanks.
I think it should be a regular practice, changing passwords on a monthly basis. Provide no room for infringement.
Firewall / Network Security Question
Posted: 06 Sep 2017, 11:22
by sarahah
donald wrote: ↑02 May 2017, 07:44
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
I also totally agree with this thought.
_______________________
Firewall / Network Security Question
Posted: 18 Sep 2017, 08:29
by Falcony
Porteus based on Slackware - which is vanilla systems - that's why it is not intended for server or router purposes.
Yep, it is true, Of couse you may use Slackware/Slax/Porteus as server - but it will required much do of hardening - which is untrivial
There is sonme script which allow to do it quick for Slackware
https://github.com/pyllyukko/harden.sh/ ... /README.md
Possible for porteus also - but again porteus is for desktop - no repos with server sofware - stable one and updated ones - that is the main reason to look up for other system for router.
Firewall / Network Security Question
Posted: 11 May 2020, 18:14
by Blaze
How MikroTik w/o RouterOS with a good Firewall rules.