Edit: I forgot to mention that I'm on unsecured wifi most of the time
How secure is Porteus with firewall turned off? I was fiddling with rc.local sometime ago and the edit somehow interfered with the firewall (should've used the "startup script" feature in the Settings Centre), which I had previously set to "block all". When I checked the settings later I found that the firewall had now been set to "off", and I confirmed that this was also the case in practice. I've read that firewalls aren't essential for distributions like Ubuntu as they have no tcp/udp ports open by default. Furthermore, Linux supposedly has a firewall built into its kernel, though I have no idea what that implies.
Are these the case for Porteus? Should I change my online passwords, delete my Porteus installation and start over, lest my machine had been compromised at some point by an attacker while I was unaware? I feel lost as I'm woefully ignorant when it comes to information security.
Firewall / Network Security Question
Re: Firewall / Network Security Question
A question i've been meaning to ask myself as i wondered if there was any type of Netbios or Network discovery running for Samba and such.Koss98 wrote:How secure is Porteus with firewall turned off?
-
- Full of knowledge
- Posts: 2075
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: Firewall / Network Security Question
First of all: there is no 100 % security -- You should always use your common sense.
This leads to the Question:
why would i want to disable the firewall while connected with a public network?
However,
Linux doesn't have a bunch of dodgy ports open to the outside world.
An incoming try to connect is only a problem if there are applications listening
for these incoming connections.
Unless there is a specific program listening on a port, the port is closed
just as tightly with no firewall running.
If nothing is listening on a given port than all the skript-kiddies in the world
aren't going to get into your machine. -- A closed port is a secure port.
Best solution:
simply not having potentially vulnerable services listening by default.
Some commands you may find useful.
lsof -i -P -n
netstat -vatn
netstat -tulpn
iptables -L -v
Btw
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
This leads to the Question:
why would i want to disable the firewall while connected with a public network?
However,
Linux doesn't have a bunch of dodgy ports open to the outside world.
An incoming try to connect is only a problem if there are applications listening
for these incoming connections.
Unless there is a specific program listening on a port, the port is closed
just as tightly with no firewall running.
If nothing is listening on a given port than all the skript-kiddies in the world
aren't going to get into your machine. -- A closed port is a secure port.
Best solution:
simply not having potentially vulnerable services listening by default.
Some commands you may find useful.
lsof -i -P -n
netstat -vatn
netstat -tulpn
iptables -L -v
Btw
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
- francois
- Contributor
- Posts: 6435
- Joined: 28 Dec 2010, 14:25
- Distribution: xfce plank porteus nemesis
- Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.
Re: Firewall / Network Security Question
This is the best answer for linux naive usersAll you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
Thanks.
Prendre son temps, profiter de celui qui passe.
Re: Firewall / Network Security Question
That's the kind of answer I wanted. A lot of the advice I've found online are theoretical, vague, or meant for power users running servers. As a typical desktop user I just need some practical advice and a general grasp of things so I can feel reasonably assured about the security of my system.
Re: Firewall / Network Security Question
I think it should be a regular practice, changing passwords on a monthly basis. Provide no room for infringement.francois wrote:This is the best answer for linux naive usersAll you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.
Thanks.
Firewall / Network Security Question
I also totally agree with this thought.
_______________________
Last edited by sarahah on 18 Sep 2017, 12:28, edited 1 time in total.
Firewall / Network Security Question
Porteus based on Slackware - which is vanilla systems - that's why it is not intended for server or router purposes.
Yep, it is true, Of couse you may use Slackware/Slax/Porteus as server - but it will required much do of hardening - which is untrivial
There is sonme script which allow to do it quick for Slackware https://github.com/pyllyukko/harden.sh/ ... /README.md
Possible for porteus also - but again porteus is for desktop - no repos with server sofware - stable one and updated ones - that is the main reason to look up for other system for router.
Yep, it is true, Of couse you may use Slackware/Slax/Porteus as server - but it will required much do of hardening - which is untrivial
There is sonme script which allow to do it quick for Slackware https://github.com/pyllyukko/harden.sh/ ... /README.md
Possible for porteus also - but again porteus is for desktop - no repos with server sofware - stable one and updated ones - that is the main reason to look up for other system for router.
- Blaze
- DEV Team
- Posts: 3888
- Joined: 28 Dec 2010, 11:31
- Distribution: ⟰ Porteus current ☯ all DEs ☯
- Location: ☭ Russian Federation, Lipetsk region, Dankov
- Contact:
Firewall / Network Security Question
How MikroTik w/o RouterOS with a good Firewall rules.
Linux 6.6.11-porteus #1 SMP PREEMPT_DYNAMIC Sun Jan 14 12:07:37 MSK 2024 x86_64 Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz GenuineIntel GNU/Linux
MS-7A12 » [AMD/ATI] Navi 23 [Radeon RX 6600] [1002:73ff] (rev c7) » Vengeance LPX 16GB DDR4 K2 3200MHz C16
MS-7A12 » [AMD/ATI] Navi 23 [Radeon RX 6600] [1002:73ff] (rev c7) » Vengeance LPX 16GB DDR4 K2 3200MHz C16