Porteus

Edit: I forgot to mention that I'm on unsecured wifi most of the time

How secure is Porteus with firewall turned off? I was fiddling with rc.local sometime ago and the edit somehow interfered with the firewall (should've used the "startup script" feature in the Settings Centre), which I had previously set to "block all". When I checked the settings later I found that the firewall had now been set to "off", and I confirmed that this was also the case in practice. I've read that firewalls aren't essential for distributions like Ubuntu as they have no tcp/udp ports open by default. Furthermore, Linux supposedly has a firewall built into its kernel, though I have no idea what that implies.

Are these the case for Porteus? Should I change my online passwords, delete my Porteus installation and start over, lest my machine had been compromised at some point by an attacker while I was unaware? I feel lost as I'm woefully ignorant when it comes to information security.

Koss98 wrote:How secure is Porteus with firewall turned off?

A question i've been meaning to ask myself as i wondered if there was any type of Netbios or Network discovery running for Samba and such.

First of all: there is no 100 % security -- You should always use your common sense.
This leads to the Question:
why would i want to disable the firewall while connected with a public network?

However,
Linux doesn't have a bunch of dodgy ports open to the outside world.
An incoming try to connect is only a problem if there are applications listening
for these incoming connections.
Unless there is a specific program listening on a port, the port is closed
just as tightly with no firewall running.
If nothing is listening on a given port than all the skript-kiddies in the world
aren't going to get into your machine. -- A closed port is a secure port.

Best solution:
simply not having potentially vulnerable services listening by default.

Some commands you may find useful.
lsof -i -P -n
netstat -vatn
netstat -tulpn
iptables -L -v

Btw
All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.

All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.

This is the best answer for linux naive users
Thanks.

That's the kind of answer I wanted. A lot of the advice I've found online are theoretical, vague, or meant for power users running servers. As a typical desktop user I just need some practical advice and a general grasp of things so I can feel reasonably assured about the security of my system.

francois wrote:

All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.

This is the best answer for linux naive users
Thanks.

I think it should be a regular practice, changing passwords on a monthly basis. Provide no room for infringement.

donald wrote: ↑

02 May 2017, 07:44

All you guys and gals using porteus at home, you are most likely behind a router which shields you.(to some degree)
Nonetheless, it make sense to change the default Passwords and to keep the running firewall.

I also totally agree with this thought.
_______________________

Porteus based on Slackware - which is vanilla systems - that's why it is not intended for server or router purposes.

Yep, it is true, Of couse you may use Slackware/Slax/Porteus as server - but it will required much do of hardening - which is untrivial

There is sonme script which allow to do it quick for Slackware https://github.com/pyllyukko/harden.sh/ ... /README.md
Possible for porteus also - but again porteus is for desktop - no repos with server sofware - stable one and updated ones - that is the main reason to look up for other system for router.

How MikroTik w/o RouterOS with a good Firewall rules.