Hi,

I've installed Knoppix and connected to the net. I understood there's no firewall and that by default 'all ports are closed'. However, (and excuse me for being such a newbie), I don't understand if this means the computer is actually secure or not.

I'm not running a server. My computer is a pure client. If all ports are closed, and are only opened when I willingly open them to access a network resource, that should be secure enough, right?

Or can this be exploited?

In short, what should I do to get decent security using my Knoppix box (installed to the HD) on the network?

search for guarddog, guidedog, they are frontends for the iptables, those are a firewall in linux. a verry good one at that.

Hi,

I've installed Knoppix and connected to the net. I understood there's no firewall and that by default 'all ports are closed'. However, (and excuse me for being such a newbie), I don't understand if this means the computer is actually secure or not.

It means if you have a service running then you are not accepting any outside connections on the port if you have no service running on a port it will be closed by default anyways and there should be no way to connect to it.



I'm not running a server. My computer is a pure client. If all ports are closed, and are only opened when I willingly open them to access a network resource, that should be secure enough, right?

Or can this be exploited?


Not quite sure what you mean here if the machine is just a client then you should not have to open anything. For instance if you want to connect to the internet (http) you do not have to open up port 80 you are doing the connecting to someones service not the other way around you only need to open the port when you want to provide the service to other people.



In short, what should I do to get decent security using my Knoppix box (installed to the HD) on the network?

Install a firewall as suggested in the post above another one you may want to look at is firestarter (http://firestarter.sourceforge.net/). If you have not already done it some packages you may want to remove to prevent the startup of services once the package gets upgraded.



samba, lisa, dhcp3-server, shaper, apache, brltty, ntp, nis, ssh, bind9, portmap, nfs, distccd, mysql-server, nvtv



You can check for open ports at Gibson Research (http://www.grc.com) by using the Shield's Up port scanner and a link on the Debian web site.

http://www.debian.org/doc/manuals/securing-debian-howto/

Thank you very much for both of your replies. You've helped me. :P