Firewall / Network Security Question

Talk here about security in general. Posting illegals software is prohibited. All stuffs in this forum must be considered as for "Educational purpose only".
Koss98
White ninja
White ninja
Posts: 10
Joined: 28 Apr 2017, 18:36
Distribution: 3.2.2
Location: Canada

Firewall / Network Security Question

Post#1 by Koss98 » 01 May 2017, 14:28

Edit: I forgot to mention that I'm on unsecured wifi most of the time

How secure is Porteus with firewall turned off? I was fiddling with rc.local sometime ago and the edit somehow interfered with the firewall (should've used the "startup script" feature in the Settings Centre), which I had previously set to "block all". When I checked the settings later I found that the firewall had now been set to "off", and I confirmed that this was also the case in practice. I've read that firewalls aren't essential for distributions like Ubuntu as they have no tcp/udp ports open by default. Furthermore, Linux supposedly has a firewall built into its kernel, though I have no idea what that implies.

Are these the case for Porteus? Should I change my online passwords, delete my Porteus installation and start over, lest my machine had been compromised at some point by an attacker while I was unaware? I feel lost as I'm woefully ignorant when it comes to information security. :fool:

Evan
Shogun
Shogun
Posts: 466
Joined: 11 Apr 2016, 09:00
Distribution: Distribution: *

Re: Firewall / Network Security Question

Post#2 by Evan » 02 May 2017, 05:40

Koss98 wrote:How secure is Porteus with firewall turned off?
A question i've been meaning to ask myself as i wondered if there was any type of Netbios or Network discovery running for Samba and such.

donald
Full of knowledge
Full of knowledge
Posts: 2063
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: Firewall / Network Security Question

Post#3 by donald » 02 May 2017, 07:44

First of all: there is no 100 % security -- You should always use your common sense.
This leads to the Question:
why would i want to disable the firewall while connected with a public network?

However,
Linux doesn't have a bunch of dodgy ports open to the outside world.
An incoming try to connect is only a problem if there are applications listening
for these incoming connections.
Unless there is a specific program listening on a port, the port is closed
just as tightly with no firewall running.
If nothing is listening on a given port than all the skript-kiddies in the world
aren't going to get into your machine. -- A closed port is a secure port.

Best solution:
simply not having potentially vulnerable services listening by default.

Some commands you may find useful.
lsof -i -P -n
netstat -vatn
netstat -tulpn
iptables -L -v

Btw
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.

User avatar
francois
Contributor
Contributor
Posts: 6434
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus nemesis
Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.

Re: Firewall / Network Security Question

Post#4 by francois » 02 May 2017, 17:37

All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
This is the best answer for linux naive users :)
Thanks.
Prendre son temps, profiter de celui qui passe.

Koss98
White ninja
White ninja
Posts: 10
Joined: 28 Apr 2017, 18:36
Distribution: 3.2.2
Location: Canada

Re: Firewall / Network Security Question

Post#5 by Koss98 » 02 May 2017, 17:58

:good:

That's the kind of answer I wanted. A lot of the advice I've found online are theoretical, vague, or meant for power users running servers. As a typical desktop user I just need some practical advice and a general grasp of things so I can feel reasonably assured about the security of my system.

anajames
Black ninja
Black ninja
Posts: 33
Joined: 12 Jun 2017, 08:38
Distribution: Gentoo Linux
Location: USA

Re: Firewall / Network Security Question

Post#6 by anajames » 29 Jun 2017, 12:13

francois wrote:
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
This is the best answer for linux naive users :)
Thanks.
I think it should be a regular practice, changing passwords on a monthly basis. Provide no room for infringement.

sarahah
Ronin
Ronin
Posts: 1
Joined: 06 Sep 2017, 10:34
Distribution: N/A
Contact:

Firewall / Network Security Question

Post#7 by sarahah » 06 Sep 2017, 11:22

donald wrote:
02 May 2017, 07:44
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
I also totally agree with this thought. :)
_______________________
Last edited by sarahah on 18 Sep 2017, 12:28, edited 1 time in total.

Falcony
Full of knowledge
Full of knowledge
Posts: 237
Joined: 01 Jan 2011, 12:44
Location: Russia

Firewall / Network Security Question

Post#8 by Falcony » 18 Sep 2017, 08:29

Porteus based on Slackware - which is vanilla systems - that's why it is not intended for server or router purposes.

Yep, it is true, Of couse you may use Slackware/Slax/Porteus as server - but it will required much do of hardening - which is untrivial

There is sonme script which allow to do it quick for Slackware https://github.com/pyllyukko/harden.sh/ ... /README.md
Possible for porteus also - but again porteus is for desktop - no repos with server sofware - stable one and updated ones - that is the main reason to look up for other system for router.

User avatar
Blaze
DEV Team
DEV Team
Posts: 3869
Joined: 28 Dec 2010, 11:31
Distribution: ⟰ Porteus current ☯ all DEs ☯
Location: ☭ Russian Federation, Lipetsk region, Dankov
Contact:

Firewall / Network Security Question

Post#9 by Blaze » 11 May 2020, 18:14

How MikroTik w/o RouterOS with a good Firewall rules.
Linux 6.6.11-porteus #1 SMP PREEMPT_DYNAMIC Sun Jan 14 12:07:37 MSK 2024 x86_64 Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz GenuineIntel GNU/Linux
MS-7A12 » [AMD/ATI] Navi 23 [Radeon RX 6600] [1002:73ff] (rev c7) » Vengeance LPX 16GB DDR4 K2 3200MHz C16

Post Reply