root mode: heresia? ... and more largely security

Non release banter
markds
Legendary
Legendary
Posts: 43
Joined: 28 Dec 2012, 02:58
Distribution: Slackware
Location: Singapore

Re: root mode everywhere: heresia?

Post#46 by markds » 29 Jan 2016, 20:42

Can you name a few in the cheap range routers that could be bought by the forum members?
TP-Link TL-WR2543ND (older model but very flexible in what it can do, only issue is WAN2LAN throughput is capped at 180Mbps)

Several of the TP-Link models with open wrt/dd wrt supports multiple vlans, many to one NAT, hotspot, etc, is my absolute favourite brand when it comes to a reliable and cheap solution.

ASUS RT-N56U
ASUS RT-N65U

The ASUS routers are so much better with padawan or merlin. These 2 are the cheaper ones but by no means lightweights. They can support a full 1Gbps connection even though the WAN2LAN throughput is stated as 930Mbps or so. I'm on a 1Gbps line and I've tested these and they work great with Padawan and Merlin.

*Gotta go - obscurity is calling!*

markds
Legendary
Legendary
Posts: 43
Joined: 28 Dec 2012, 02:58
Distribution: Slackware
Location: Singapore

Re: root mode everywhere: heresia?

Post#47 by markds » 29 Jan 2016, 20:53

fullmoonremix wrote:Salutations... :good:

For use with DD-WRT on eBay @ modest prices...
Linksys WRT54G series: WRT54GS

Best Regards... :beer:
Good overall wireless routers, but very dated. I still use a GL model with open-wrt for my home hotspot which I initially built using a RPi incorporating freeradius and an SMS gateway so people could get their temp passwords but later moved to a linux run NUC when I consolidated my various appliance systems all over the house into a single server. Only issue with these linksys models is that they are basically 10/100 and not GBit routers but if you're using them only for 54g wireless then it shouldn't matter.

Cheers!

User avatar
francois
Contributor
Contributor
Posts: 5132
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus artix
Location: C'est l'hiver: la neige soudainement est là à Montréal.

Re: root mode everywhere: heresia?

Post#48 by francois » 30 Jan 2016, 00:44

@ markds:

ASUS RT-N56U is 100$ CAN
ASUS RT-N65U is about twice the price

Would the cheapest one yield a good performance wifi wise over film streaming on kodi?
Carpe diem.

User avatar
phhpro
Full of knowledge
Full of knowledge
Posts: 545
Joined: 10 Nov 2013, 20:35
Distribution: .

Re: root mode everywhere: heresia?

Post#49 by phhpro » 30 Jan 2016, 01:04

...
Last edited by phhpro on 04 Feb 2016, 03:32, edited 1 time in total.

User avatar
francois
Contributor
Contributor
Posts: 5132
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus artix
Location: C'est l'hiver: la neige soudainement est là à Montréal.

Re: root mode: heresia? ... and more largely security

Post#50 by francois » 30 Jan 2016, 02:05

I changed the tiltle to be more inclusive. Do you feel better? :twisted:

Your "jeuxde mots" are still appreciated. :wink:
Carpe diem.

User avatar
phhpro
Full of knowledge
Full of knowledge
Posts: 545
Joined: 10 Nov 2013, 20:35
Distribution: .

Re: root mode: heresia? ... and more largely security

Post#51 by phhpro » 30 Jan 2016, 04:15

...
Last edited by phhpro on 04 Feb 2016, 03:32, edited 1 time in total.

markds
Legendary
Legendary
Posts: 43
Joined: 28 Dec 2012, 02:58
Distribution: Slackware
Location: Singapore

Re: root mode everywhere: heresia?

Post#52 by markds » 30 Jan 2016, 08:47

Asus routers are really premium stuff for the soho user
francois wrote:@ markds:

ASUS RT-N56U is 100$ CAN
ASUS RT-N65U is about twice the price

Would the cheapest one yield a good performance wifi wise over film streaming on kodi?
The cheaper ones don't come with external antennas and that can be an issue. My movies are huge - I go for very hi def 12 - 20GB files so wireless streaming is a no-no for me. If you're looking at smaller (< 3GB), most wireless can handle it.

Asus routers are really premium stuff for the soho user and I would say that the cheaper TP-Link routers are just as capable as the Asus ones, especially the more recent TP-Link models. They are very flexible and with the 3rd party firmware it's definitely something you should look at.

User avatar
francois
Contributor
Contributor
Posts: 5132
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus artix
Location: C'est l'hiver: la neige soudainement est là à Montréal.

Re: root mode: heresia? ... and more largely security

Post#53 by francois » 30 Jan 2016, 14:44

Mark, can you explain in simple terms but also concretely how a hacker could get around someone who always work in root mode?

Thanks.
Carpe diem.

Bogomips
Full of knowledge
Full of knowledge
Posts: 2563
Joined: 25 Jun 2014, 15:21
Distribution: 3.2.2 Cinnamon & KDE5
Location: London

Re: root mode: heresia? ... and more largely security

Post#54 by Bogomips » 30 Jan 2016, 15:17

Going on three years now, since gave up on Wi-Fi following heavy neigbourhood interference. Now just use domestic electrical circuit. Also has password protection. 8)
Linux porteus 4.4.0-porteus #3 SMP PREEMPT Sat Jan 23 07:01:55 UTC 2016 i686 AMD Sempron(tm) 140 Processor AuthenticAMD GNU/Linux
NVIDIA Corporation C61 [GeForce 6150SE nForce 430] (rev a2) MemTotal: 901760 kB MemFree: 66752 kB

User avatar
francois
Contributor
Contributor
Posts: 5132
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus artix
Location: C'est l'hiver: la neige soudainement est là à Montréal.

Re: root mode: heresia? ... and more largely security

Post#55 by francois » 30 Jan 2016, 17:22

So your advice would be to use strong root password, a password secure modem of the tplink or asus type as mentioned on wich you could install a secure modem software as mentioned above with some ethernet ports without wifi. Thus the only risk would be the net access, that could be limited to brief exposition as needed. 8)
Carpe diem.

markds
Legendary
Legendary
Posts: 43
Joined: 28 Dec 2012, 02:58
Distribution: Slackware
Location: Singapore

Re: root mode: heresia? ... and more largely security

Post#56 by markds » 30 Jan 2016, 20:10

francois wrote:Mark, can you explain in simple terms but also concretely how a hacker could get around someone who always work in root mode?

Thanks.
I wouldn't be able to. As I said previously, the chances of being hacked as root or a guest account are the same. It's not who you use to login as. It's your network and machine. If your network is "secured" (at least as much as it can be) then the hacker can't reach your machine. If he does reach your machine then it's a matter of whether your services are patched enough to keep the hacker out. Do your patches, updates, that's key - it diminishes the attack vectors a hacker can use. If your machine is not patched or updated and exploits in your services are open, the it won't matter who you use to log in.

In the first few comments of this thread, some one mentioned that if you work as root and a hacker hacks your application they will have root. This is false unless you are running a service as root and the application is vulnerable. This has nothing to do with you being root and logging on or being a guest. A service is what starts up and runs when the machine is switched on and because of the nature of the service may need to run as a privileged user (eg:root). In the old days Apache was like that - run as root and was easily broken by buffer overflows and the like, giving the attached root privileges. Or XSS vulnerabilities of using specially crafted commands in MySQL web interfaces that can execute command as root because the MySQL service is running as root. But none of these have anything to do with who you login as. Whether it's root you work as or a guest user, it's irrelevant. All these services are already running before you even log on. It's just a matter of how well these services have been written and secured while they run.

As I keep reiterating, who you log in as is just a preference of the user. If you don't feel like using root especially on a single user machine, then it's nothing to do with security, just fear of screwing something up. But whatever it is, it is just the user's preference.

Secure your network using a good routerr running firmware you can trust. Enable ids and firewall on the router. Use your end machines with an arp tool like arpwatch, Xarp or Winarp to do simple detection if a mitm attack is happening, limit wireless usage and stick to a wire unless absolutely necessary to go wireless. Patch your OS and apps and for goodness sakes don't answer strange emails or click links sent blindly.

Cheers mate.

User avatar
phhpro
Full of knowledge
Full of knowledge
Posts: 545
Joined: 10 Nov 2013, 20:35
Distribution: .

Re: root mode: heresia? ... and more largely security

Post#57 by phhpro » 30 Jan 2016, 22:01

...
Last edited by phhpro on 04 Feb 2016, 03:33, edited 1 time in total.

markds
Legendary
Legendary
Posts: 43
Joined: 28 Dec 2012, 02:58
Distribution: Slackware
Location: Singapore

Re: root mode: heresia? ... and more largely security

Post#58 by markds » 31 Jan 2016, 04:18

phhpro wrote:
markds wrote:the chances of being hacked as root or a guest account are the same. It's not who you use to login as
The chances are indeed, with the tiny difference that being hacked while logged in as root is a dream come true for every wanna-be hack-a-poo. That's just about as bad as it can be. Not only are you exposing the current box, but also granting access to everything else connected either hard or soft, read: the entire LAN / WAN / etc. is on the dish. Are you sure you're in the proper business? Mind me, certainly no offense, but that statement is totally off the wall.
No, it just shows you don't understand the concept of being logged on and services and hacking in general. I'm beginning to wonder if you understand basic Unix and networking in general. And speaking of "wanna-be hack-a-poo"s, when's the last time you hacked anything?

People can hack in as root even if you are logged in as some guest account. You don't even need to be logged on for someone to hack in and gain root access. Log in as guest if you want and do a ps -ef and see all the processes that are already running as root. Those run regardless of who you log in as. Or maybe you are under the misguided concept that your Linux box is just like your windows machine where you turn it on only when you need to use it?

Why don't you go and find out about Unix, privileged escalation, mitm, what hacking is all about before you come onto a forum and pretend to act like you know more than everyone else.

This is exactly the reason I left all the forums.

aus9

Re: root mode: heresia? ... and more largely security

Post#59 by aus9 » 31 Jan 2016, 11:06

guys

francois has changed the thread subject but normal protocols still apply. If you are going to debate someone please cite known references and altho I am guilty of this myself try and not look you are questioning the other person....meaning showing disrespect.

healthy debate is good.....rather than say something is the case or something you said is not the case how about citing some references?

I think francois from day one, has been asking the question is it safe to login as root. He has a number of replies some for and some against.

Lets try and clean up the main theme and I will send anyone who is naughty to the naughty corner. I have been there its a lonely place

OK?

offtopic ask 2 doctor gurus what is wrong with me?
Dr 1 there is nothing wrong with me
Dr 2 everything

So without good links what do I do? We need to educate our members and take them on a journey....spoon feeding is allowed sometimes

fullmoonremix

Re: root mode: heresia? ... and more largely security

Post#60 by fullmoonremix » 31 Jan 2016, 12:24

Salutations... :good:

IMHO... :oops: not a panacea or utopia. None the less... truly words to the wise. I'll sign up for this any day of the week...
Secure your network using a good routerr running firmware you can trust. Enable ids and firewall on the router. Use your end machines with an arp tool like arpwatch, Xarp or Winarp to do simple detection if a mitm attack is happening, limit wireless usage and stick to a wire unless absolutely necessary to go wireless. Patch your OS and apps and for goodness sakes don't answer strange emails or click links sent blindly.


I'll sign up for this too... :wink:
(again... no utopia or panacea)

"Sandboxing"...
Secure by design
Adaptive Domain Environment for Operating Systems
Grsecurity
Microkernel: Security
Fault detection and isolation
Docker (software
Kiosk software: Security
List of copy protection schemes: Computer Software protection schemes
File:Honeypot diagram.jpg

IMHO... :oops: this thread might get a higher level of exposure in "Security".

...just a thought.

Best Regards... :beer:
Last edited by fullmoonremix on 31 Jan 2016, 13:19, edited 11 times in total.

Post Reply