Results 1 to 6 of 6

Thread: Is cheatcode "knoppix secure" required for online security?

  1. #1
    Junior Member
    Join Date
    Oct 2015
    Posts
    11

    Is cheatcode "knoppix secure" required for online security?

    Sudo works ok in Knoppix 7.2. But I'm unable to use it with the cheatcode "secure" option. Thus I have to reboot to add ip6tables, which wipe when I reboot in secure mode. Is there a way to add ip6tables and still use secure mode online?

  2. #2
    Moderator Moderator
    Join Date
    Nov 2010
    Location
    Germany/ Dietzenbach
    Posts
    1,124
    Thus I have to reboot to add ip6tables, which wipe when I reboot in secure mode
    What do you mean by this?

  3. #3
    Junior Member
    Join Date
    Oct 2015
    Posts
    11
    Quote Originally Posted by davidpiney View Post
    Sudo works ok in Knoppix 7.2. But I'm unable to use it with the cheatcode "secure" option. Thus I have to reboot to add ip6tables, which wipe when I reboot in secure mode. Is there a way to add ip6tables and still use secure mode online?
    I have to enter the ip6tables offline, without the root being locked by the "secure" cheatcode. Then when I reboot with the "secure" cheatcode enabled, the ip6tables have returned to the default setting (ip6tables -L). In other words there's no persistence Werner. Is knoppix 7.2 secure online without the root being locked with "secure")? If not, how can I make changes (such as the ip6tables above) to have persistence? Is it possible to make root changes when the cheatcode "secure" is enabled? Thanks for the help too Werner. I'm really grateful you folks are doing all this. I hope I can make it up to you.

  4. #4
    Moderator Moderator
    Join Date
    Nov 2010
    Location
    Germany/ Dietzenbach
    Posts
    1,124
    In other words there's no persistence
    If you want persistence, you have to use a "Flash disk install"

    http://knoppix.net/wiki/Category:Har...e_Installation.
    Is knoppix 7.2 secure online without the root being locked with "secure")?
    Yes, of course. By default Knoppix doesn't offer any services outside the LAN.

  5. #5
    Junior Member
    Join Date
    Oct 2015
    Posts
    11
    Quote Originally Posted by Werner P. Schulz View Post
    If you want persistence, you have to use a "Flash disk install"

    http://knoppix.net/wiki/Category:Har...e_Installation.Yes, of course. By default Knoppix doesn't offer any services outside the LAN.
    I did install knoppix 7.2 on a flashdrive Werner, and made an additional partition persistent. But its the ip6tables entry that doesn't stay when I change to secure mode with cheatcodes. I put an update.zip file with the ip6tables firewall in KNOPPIX-DATA but it never installed during init. I wish there was someway to get secure mode after everything was setup, and just before going online? Or better still, being able to wholly control root with a fail-safe password system.

    Is it best to use the secure mode online Werner? All 65534 ports are filtered, one is up, and I don't think there's any services running. But even in secure mode, I'm having a very difficult time with hackers here Werner. So I'm profoundly grateful for your help, and for the Knoppix program. It's kept me running the best so far, in what has been a major struggle.

    Thanks Werner.

    david

  6. #6
    Moderator Moderator
    Join Date
    Nov 2010
    Location
    Germany/ Dietzenbach
    Posts
    1,124
    Or better still, being able to wholly control root with a fail-safe password system.
    You can give root a valid password and restrict the use of sudo/gksudo → Security considerations.
    Is it best to use the secure mode online?
    No, it's paranoia.
    But even in secure mode, I'm having a very difficult time with hackers here
    If there isn't a service reachable outside the LAN, hackers cannot attack the service.

    Searching for open ports != attack a service.
    Last edited by Werner P. Schulz; 11-02-2015 at 10:47 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


H261-Z61 2U 24SFF AMD Server 8x EPYC 7551 256-Cores 256GB RAM 8x25G NIC 2x2200W picture

H261-Z61 2U 24SFF AMD Server 8x EPYC 7551 256-Cores 256GB RAM 8x25G NIC 2x2200W

$2512.18



Dell PowerEdge R640 Server 2x Gold 6150 2.70Ghz 36-Core 256GB 2x 960GB SSD H730P picture

Dell PowerEdge R640 Server 2x Gold 6150 2.70Ghz 36-Core 256GB 2x 960GB SSD H730P

$1737.25



H261-Z61 2U 24SFF AMD Server 8x EPYC 7551 256-Cores 512GB RAM 8x25G NIC 2x2200W picture

H261-Z61 2U 24SFF AMD Server 8x EPYC 7551 256-Cores 512GB RAM 8x25G NIC 2x2200W

$2888.18



Dell PowerEdge R730 Server 2.30Ghz 32-Core 128GB 8x 3TB 12G H730P ESXi 7.0 picture

Dell PowerEdge R730 Server 2.30Ghz 32-Core 128GB 8x 3TB 12G H730P ESXi 7.0

$935.50



Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB picture

Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB

$510.00



DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45 picture

DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45

$275.00



Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD picture

Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD

$389.99



Dell PowerEdge R620 Server 2x Xeon  E5-2620 @ 2.0GHz 64GB RAM NO HDDs picture

Dell PowerEdge R620 Server 2x Xeon E5-2620 @ 2.0GHz 64GB RAM NO HDDs

$108.96



Dell PowerEdge R430 3.5 1U 2x E5-2690 v3 2.6ghz 24-Cores 256gb 4x Trays 2x 550w picture

Dell PowerEdge R430 3.5 1U 2x E5-2690 v3 2.6ghz 24-Cores 256gb 4x Trays 2x 550w

$289.99



HP ProLiant DL380 Gen9 16SFF 2x E5-2680v4 2.4GHz =28 Cores 64GB P840 4xRJ45 picture

HP ProLiant DL380 Gen9 16SFF 2x E5-2680v4 2.4GHz =28 Cores 64GB P840 4xRJ45

$355.00