Why Should I Use A Firewall With Puppy? Do You?
Why Should I Use A Firewall With Puppy? Do You?
From what I read, a lot of Linux users feel secure enough not to run a firewall.
With puppy as soon as I enable an Internet connection it gives me an option to enable the firewall, "I do". Knowing that if running programs that have open ports, FTP, Messenger, Torrents, can leave open doors, but you allow that with the firewall anyway. (I really don't use any of them)
How much is the Firewall needed when using Puppy / Linux, should I be using it? Is it a must for using public Wifi, not needed if at home?
With puppy as soon as I enable an Internet connection it gives me an option to enable the firewall, "I do". Knowing that if running programs that have open ports, FTP, Messenger, Torrents, can leave open doors, but you allow that with the firewall anyway. (I really don't use any of them)
How much is the Firewall needed when using Puppy / Linux, should I be using it? Is it a must for using public Wifi, not needed if at home?
In the mood for a debate?
Here's a 12-page thread about firewalls with Puppy:
http://www.murga-linux.com/puppy/viewto ... 14&t=66966
Here's a 12-page thread about firewalls with Puppy:
http://www.murga-linux.com/puppy/viewto ... 14&t=66966
Last edited by Dewbie on Wed 11 Jan 2012, 08:40, edited 1 time in total.
I don't use a firewall. I run Puppy Linux from a multisession DVD in a computer with no hard disk drive. Multisession Puppy loads from the DVD into RAM, including all the programs I've installed and all the settings I've changed, from sessions that were saved on the DVD. Usually I don't save a new session to the DVD when I shut down unless I've installed a new program that I liked or changed something I want to keep. If I've been messing around on the internet in places that might be dangerous, I simply shut off the power when I'm done, wiping everything from RAM. The next time I boot up, it's back to the way it was the last time I booted, before I did anything.
I feel that as long as I only save to the DVD if I've been reasonably careful on the internet for that session, there's little chance of contamination. If I do suspect I've picked something up, I can use the boot option that makes multisession Puppy not load into RAM the last n sessions that were saved on the DVD. (I haven't used it in so long I forget what that boot option is.)
I feel that as long as I only save to the DVD if I've been reasonably careful on the internet for that session, there's little chance of contamination. If I do suspect I've picked something up, I can use the boot option that makes multisession Puppy not load into RAM the last n sessions that were saved on the DVD. (I haven't used it in so long I forget what that boot option is.)
I use firewall because i get a big list of blocked connections. (Some IPs are such a strange... Questions without answers: serious side wanna see an attractive women a funny cartoons a simple pictures a musical video Serious side already knows everything what i'm thinking about - serious side is able to name the name of the city what i see on the paper map without watching into my side...)Amgine wrote: ...Use A Firewall With Puppy? Do You?
I use firewall because i have lost the "nvidia-driver.pet" file in the ordinary conditions which was on the file partition of USB flash drive.
Last edited by postfs1 on Tue 24 Jan 2012, 13:24, edited 5 times in total.
I know how i can get the report.Amgine wrote: Where do I get the "Blocked Connection" report?
http://www.murga-linux.com/puppy/viewto ... 209#587209Theme: Security/PrivacyTopic about the "Guarddog" program
Topic about the "Firestarter" program
Topic about the "Gufw" program
Topic about the "FWBuilder" program
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
There is no real need to run the firewall
as Puppy runs without servers and other daemons connected as many
Linux do (look at us we don't run as root - blah blah blah)
. . . for the first few years (two or three) most of us ran Puppy happily with no firewall
Now my router has a firewall - so again no need
. . . however the Puppy firewall is there
so I tend to run it. Does it switch anything off?
I also run from Ethernet but sadly but usefully my router has wifi
- which I must admit is used with the Wii and such like . . .
I would suggest the Pup ad blocker and flashblock in Puppy 5.3.1 is a far more functional and effective measure . . .
as Puppy runs without servers and other daemons connected as many
Linux do (look at us we don't run as root - blah blah blah)
. . . for the first few years (two or three) most of us ran Puppy happily with no firewall
Now my router has a firewall - so again no need
. . . however the Puppy firewall is there
so I tend to run it. Does it switch anything off?
I also run from Ethernet but sadly but usefully my router has wifi
- which I must admit is used with the Wii and such like . . .
I would suggest the Pup ad blocker and flashblock in Puppy 5.3.1 is a far more functional and effective measure . . .
I have no need for a firewall 8)
Good point, I will check out Flashblock, Have you used NoScript or Ghostery? They do a good job of blocking those pesky Google trackers and others as well.
Do any of them really speed up surfing?
I usually run wifi. No ethernet close by.
Do any of them really speed up surfing?
I usually run wifi. No ethernet close by.
- sickgut
- Posts: 1156
- Joined: Tue 23 Mar 2010, 19:11
- Location: Tasmania, Australia in the mountains.
- Contact:
you dont need a firewall with linux unless you have servers that are running with easily guessable passwords. If you can tell me one instance with Puppy where this is not true then i will send you one whole super sickgut fun dollar drawn on some monopoly money, redeemable at sickguts house for one slice of toast.
What do you think about Windows? Does it need one? I know it needs an anti virus, but I did something better and installed Linux . But there too I did not run one when I did. Just "Avast".sickgut wrote:you dont need a firewall with linux unless you have servers that are running with easily guessable passwords. If you can tell me one instance with Puppy where this is not true then i will send you one whole super sickgut fun dollar drawn on some monopoly money, redeemable at sickguts house for one slice of toast.
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
What do you think about Windows?
Is that a malware magnet on your CPU or are you
just pleased for everyone to see you . . .
Norton (once a good company) and similar scam artists sell you garbage
because you are ignorant. Windows costs lives.
Try Puppy School.
I will do a security tutorial soon . . .
http://puppylinux.org/wikka/PuppySchool
Is that a malware magnet on your CPU or are you
just pleased for everyone to see you . . .
Norton (once a good company) and similar scam artists sell you garbage
because you are ignorant. Windows costs lives.
Try Puppy School.
I will do a security tutorial soon . . .
http://puppylinux.org/wikka/PuppySchool
Amgine
NoScript allows JavaScript, Java, Flash web sites of your choice only.
RequestPolicy blocks cross-site requests by webpages you visit.
these two block different potential attacks.
using these two gives me lighting fast browsing similar to text only based browsers like Dillo but with some graphic enrichment.
NoScript allows JavaScript, Java, Flash web sites of your choice only.
RequestPolicy blocks cross-site requests by webpages you visit.
these two block different potential attacks.
using these two gives me lighting fast browsing similar to text only based browsers like Dillo but with some graphic enrichment.
What !!!! Shouldn't secure boot protect me against that .Is that a malware magnet on your CPU or are you
just pleased for everyone to see you . . . Embarassed
I will be looking forward to your tutorial.
Thank you, I will download that.Amgine
NoScript allows JavaScript, Java, Flash web sites of your choice only.
RequestPolicy blocks cross-site requests by webpages you visit.
these two block different potential attacks.
using these two gives me lighting fast browsing similar to text only based browsers like Dillo but with some graphic enrichment.
Re: Why Should I Use A Firewall With Puppy? Do You?
The "doors" you refer to are of course ports. Data communication occurs on these ports. Data has only one of two directions to flow, (1) in and/or (2) out.Amgine wrote: With puppy as soon as I enable an Internet connection it gives me an option to enable the firewall, "I do". Knowing that if running programs that have open ports, FTP, Messenger, Torrents, can leave open doors {cut}
The port a connectivity application binds to is (for the most part with some possible exceptions) used exclusively by that application.
The application will usually use that port to send requests out, meaning to say in the outbound direction.
The requests it sends are to specific IP(s) and port(s). The inbound data, meaning the answers to these requests almost always arrive at ports other than the one they were sent from.
The answers to the requests are 'expected' and allowed in. Unexpected data or non requested data is not allowed in.
Summary at this point: Open ports are not to be construed or conceptualized as an entry/exit point where any data may simply enter in or exit at will. There would be tight programming constraints at each and every open port.
Just as importantly, what the data can do when it is allowed in and out of the ports?!
Changing subject
I found a software firewall which can be used on Windows machines. The name was Kerio Personal. It allowed specific control of inbound and outbound data, ports, applications, protocol and much more.
I have not seen a similar firewall available for our Linux machines. I have not found a Linux firewall worth using considering I already have NAT technology firewall built into my router.
I use the router to block all unsolicited inbound traffic except PORT 113 which I route to a non-existent computer on the local network.
Summary: It isn't that I feel 'safe' not using a Linux firewall, rather that I think it is unnecessary considering the router is already doing the job.
~
After reading this post, I thought I painted too safe a picture. Some of these connectivity applications can be hijacked or compromized allowing a remote computer to wreak havoc on your machine. Things are not necessarily safe and I don't think using a firewall even helps in these scenerios.
~
With this, is it just a matter of I am as safe as my security (WPA not WEP) and password?Some of these connectivity applications can be hijacked or compromized allowing a remote computer to wreak havoc on your machine. Things are not necessarily safe and I don't think using a firewall even helps in these scenerios.
I don't think any of the above provides protection.Amgine wrote:With this, is it just a matter of I am as safe as my security (WPA not WEP) and password?Some of these connectivity applications can be hijacked or compromized allowing a remote computer to wreak havoc on your machine. Things are not necessarily safe and I don't think using a firewall even helps in these scenerios.
More specifics.
Hiawatha, my HTTP server might be used as a service on the Internet. This might mean I have it set up so anyone can access and use its services. A vulnerability in Hiawatha could be exploited by anyone because my computer is serving everyone.
Firefox on the other hand is not server and not providing any services. If I simply have it open the same as I might have Hiawatha open, I am not at risk.
The risk factors with Firefox come into play when I start using it by communicating with other servers on the Internet. There is still not a danger unless I'm communiting with servers which have software designed to exploit Firefox vulnerabilities. (a bit simplistic on my part, but you get the general idea.
While using this forum, I'm making two types of HTTP requests. POST and GET. If all I did with Firefox was use it to send and receive data from this forum, I don't believe I would need any kind of security implemented. The reason why is I don't believe this server is exploiting any weaknesses on any Browsers, including Firefox.
Of course if my 'belief' about the benign nature of this forum is wrong, well, that is another story.
If you want to be safe from exploits on the Internet, choose and use your connectivity applications wisely.
The little editor Leafpad should be 100% safe to use. The reason why is not because it has a lot of security built into. The reason is because it has no connectivity built into it.
Sometimes things happen. The kind of problems I've had with computers and dangers listed below.
1) I broke a fingernail.
2) I bumped my elbow on the keyboard drawer and it hurt for a long time
3) I broke an open CD Drive tray with my knee.
4) I installed malware from a source I trusted and took revenge after I figured it out.
~