Hi,
I just did a HD install of Knoppix, and I was wondering if Knoppix has a built in firewall upon HD installation, and how good is Knoppix with security issues?

Security in Knoppix/Debian is pretty good on its own, not like "some other" OS - since Knoppix/Debian is in Unix/Linux, not many viri can attack it.

As for firewalls, sorry to report that Knoppix does not contain one, but you have a few choices, as will almost "anything" in Linux, many choices...

I installed GuardDog, you also can use FireStarter - but I prefer GuardDog - its easy to apt-get install, and once loaded, its easy to run - one of those "set it, and forget it" packages...

If I didn't see it loading during boot, I'd never know it was running...

Cuddles

Hi, thanks for your reply.

I went and installed Knoppix for a friend who isn't that computer savvy, and being a Linux newbie mysefl I was wondering if you could tell me how to use apt-get.
To be honest, I've never used it before.... so if you wouldn't mind, could you drop me a walkthrough about installing GuardDog?

Cheers,

Neo-Rio,

No problem...

Apt-Get (Crash Course) 101 - from my extensive knowledge on the subject (about two months)

You basically will be using four commands: (mostly)

(1) apt-get update
(2) apt-cache search [something]
(3) apt-get -u install [something]
(4) apt-get upgrade

I haven't had very much luck with the "apt-get upgrade" lately, so, I won't cover that one - I am extremely bias on that command right now.

All four of the commands should be done as root, I usually open a root shell, or SuperUser Shell within my own "user" login, and do the above commands at the prompt.

You should do a "apt-get update" before doing any othe the other commands, that way the databases that are local on your system are as current as possible.

Apt-cache search [something] can be used to locate a package that you are looking for, and you replace [something] with what you are looking for.

Apt-get -u install [something] is used to actually download and install [something] - as with the apt-cache search, replace [something] with what you want to install.

Lets say, you are looking for a "firewall" package, and you don't know what is out in the packages that might "fit your bill"...

A simple walk-through...

First, you want to be connected to your ISP...
Second, you want to update your local package database, so you get the most current packages available...

root@Polaris:/# apt-get update

When you are returned to your root prompt, you will want to search for any packages that sound interesting, so you will want to do a search...

root@Polaris:/# apt-cache search firewall
dotfile-ipfwadm - The Dotfile Generator ipfwadm module
firewall-easy-doc-es - Documentation to set up easily firewalls (in Spanish)
fwbuilder-dev - Firewall Builder policy compiler development
fwbuilder-doc - Documentation for fwbuilder
fwctl - configure ipchains firewall using higher level abstraction
gfcc - GTK firewall control center
ipchains - Network firewalling for Linux 2.2.x
ipchains-perl - Perl interface to ipchains
ipfwadm - Linux 2.0.x firewalling tools
isic - Test the integrity of an IP Stack with semi-random packets
kernel-patch-vlan - Kernel patch for the 2.4 series to enable VLANs on your ethernet devices
libfwbuilder0 - Firewall Builder API library
raccess - Security Tool to audit remote systems
shorewall-doc - Shoreline Firewall (Shorewall) Documentation
stone-ssl - TCP/IP packet repeater in the application layer.(SSL)
acidlab - Analysis Console for Intrusion Databases
acidlab-doc - Analysis Console for Intrusion Databases (documentation)
acidlab-mysql - Analysis Console for Intrusion Databases for MySQL
acidlab-pgsql - Analysis Console for Intrusion Databases for Postgres
bzflag-server - bzfs - BZFlag game server and proxy
dante-client - SOCKS wrapper for users behind a firewall
dante-server - SOCKS (v4 and v5) proxy daemon (danted)
easyfw - Graphical interface to ipchains/ipfwadm
ferm - maintain and setup complicated firewall rules
filtergen - packet filter generator for various firewall systems
fireflier-client-gtk - Interactive firewall rule creation tool - GTK client
fireflier-client-kde - Interactive firewall rule creation tool - QT client
fireflier-client-qt - Interactive firewall rule creation tool - QT client
fireflier-server - Interactive firewall rule creation tool - server
firehol - An easy to use but powerful iptables stateful firewall
firestarter - gtk program for managing and observing your firewall
firewall-easy - Easy to use packet filter firewall (usually zero config)
fragroute - Test a NIDS by attempting to evade using fragmented packets
ftp-proxy - Application level proxy for the FTP protocol
fwbuilder - Firewall administration tool GUI
fwbuilder-ipf - FreeBSD 4.4 ipf policy compiler for Firewall Builder
fwbuilder-ipt - Linux iptables policy compiler for Firewall Builder
fwbuilder-iptables - Linux iptables policy compiler for Firewall Builder
fwbuilder-pf - OpenBSD pf policy compiler for Firewall Builder
fwlogwatch - Firewall log analyzer
gnome-lokkit - basic interactive firewall configuration tool (GNOME interface)
guidedog - NAT/masquerading/port-forwarding configuration tool for KDE
hlfl - translator for firewalling rules
hping2 - Active Network Smashing Tool
iptstate - Top-like state for netfilter/iptables
kernel-patch-wrr - Extension to traffic Control/network bandwidth management
knetfilter - A GUI for configuring the 2.4 kernel IP Tables
lg-issue76 - Issue 76 of the Linux Gazette.
lg-issue82 - Issue 82 of the Linux Gazette.
libdumbnet1 - A dumb, portable networking library
libfwbuilder-dev - Firewall Builder API library development files
libfwbuilder5 - Firewall Builder API library
libiax-dev - An implementation of the Inter-Asterisk eXchange protocol (devel)
libiax0 - An implementation of the Inter-Asterisk eXchange protocol
libnet-whois-perl - Perl Module providing an API to access InterNIC whois database
libroxen-telnetproxy - Telnet proxy module for the Roxen Challenger web server
libsoap-perl - SOAP (Simple Object Access Protocol) implementation in perl
libsocks4 - SOCKS libraries
libwfnetobjs0 - The WallFire modular firewalling application library - runtime files
libwfnetobjs0-dev - The WallFire modular firewalling application library - development files
libzorp2 - The runtime library of Zorp
libzorp2-dev - Development files needed to compile Zorp modules
libzorpll - Low level library functions for Zorp
libzorpll-dbg - Low level library functions for Zorp, debug version
libzorpll-dev - Low level library functions for Zorp, development files
lire - full-featured log analyzer and report generator
logtrend-storageserver - logtrend storage server daemons and utils
lokkit - basic interactive firewall configuration tool (console interface)
lukemftp - The enhanced ftp client.
mason - Interactively creates a Linux packet filtering firewall.
netmask - helps determine network masks
nmap - The Network Mapper
nstreams - network streams - a tcpdump output analyzer
p3scan - transparent POP3-proxy with virus- and spam-scanning
packit - Network Injection and Capture
portsentry - Portscan detection daemon
pptpd - PoPToP Point to Point Tunneling Server
proxychains - Proxy Chains - redirect connections through proxy servers
psad - The Port Scan Attack Detector
reaim - Enable AIM and MSN file transfer on Linux iptables based NAT
redir - Redirect TCP connections
rinetd - Internet TCP redirection server
shorewall - Shoreline Firewall (Shorewall)
smtpd - Mail proxy for firewalls with anti-spam and anti-relay features
socks4-clients - Socks4 enabled clients as rtelnet, rftp, ...
socks4-server - SOCKS4 server for proxying IP-based services over a firewall
stone - TCP/IP packet repeater in the application layer.
tcpquota - A dialout/masquerading monitoring package.
tcptraceroute - A traceroute implementation using TCP packets
tnftp - The enhanced ftp client.
tsocks - transparent network access through a SOCKS 4 or 5 proxy
udptunnel - Tunnel UDP packets over a TCP connection
uif - Advanced iptables-firewall script
upsd - UPS Monitor Program via serial interface
vlan - User mode programs to enable VLANs on your ethernet devices
wflogs - The modular firewall log analyzer of the WallFire project
wget - retrieves files from the web
wmnet - network monitor for WindowMaker using kernel IP accounting
xprobe - Remote OS identification
zorp - An advanced protocol analyzing firewall
zorp-doc - Zorp documentation
zorp-modules - Default proxy modules for Zorp
libsoap-java - SOAP (Simple Object Access Protocol) implementation in Java
irpas - Internetwork Routing Protocol Attack Suite
crm114 - The Controllable Regex Mutilator and Spam Filter
fiaif - An easy to use, yet complex firewall
fwanalog - firewall log-file report generator (using analog)
guarddog - firewall configuration utility for KDE
ipmasq - Securely initializes IP Masquerade forwarding/firewalling
iptables - Linux kernel 2.4+ iptables administration tools
midentd - An ident replacement with masquerading support.
perdition - POP3 and IMAP4 Proxy server
webmin-firewall - iptables control module for webmin
webmin-shorewall - shorewall firewall control module for webmin
xfwp - X firewall proxy server
distributed-net-pproxy - Personal proxy for distributed.net clients
wget-cvs - retrieves files from the web
root@Polaris:/#

When you get to your prompt again, any results, should be between your two root prompts, so you can scroll through your results -=- the "package name" is on the left, and to the right is a small description of it... If you look through the results, you should find GuardDog, and also "FireStatrter", and a whole lot of other packages.

Lets say you decided on GuardDog, the next step would be to apt-get it, and install it, which would be done with the following:

root@Polaris:/# apt-get -u install guarddog

Apt-get will need access to your ISP, and upon deciding all the "extra" stuff you might need for the package you want, will give you a summary of what it needs to get, what it might need to get in addition to what you want (support packages, or libs, or whatever), and since you entered the "-u", apt-get will ALSO give you "suggestion" packages that could be usefull at a later time. Apt-get will then give you a summary of how much space it needs to get, and how much space after getting it will take, and either ask you to confirm by pressing "y", or in the case of a single, lone package, will just take off to do its work.

After apt-get has downloaded the package, or packages, it will then unpack, and install those package(s).

Unless something goes wrong, like a dependancy issue, when you get back to your prompt, the package should be installed and ready to run, configure, etc...

I had no problems with GuardDog - it apt-get installed perfectly, and when it finished, on the KMenu, under SYSTEM, was a new GuardDog entry to start setting up the program.

Apt-get is easy, fast, and opens up a large world of programs and packages that exist in the world already. As you use it more, it will begin to be second nature, on how to do these things.

Good Luck, and enjoy,
Cuddles