Security question

**joselb** · 06-16-2016, 06:38 AM

I have always desired to use knoppix as some operative system avoiding all kind of malware. I even thought to buy zeusgard usb pendrive but after some questions I found it was not what I was looking for. My question is: if I am only using knoppix 7.2 (cd) and it's not offering some port opened to internet, and browsing without javascript, is there any possibility to be hacked?. Even if the programs are outdated, as I am not accepting scripts from the internet and knoppix cd is read-only, I think I am secure. I thought about being hacked while all the programs are working in ram memory, but if I don't accept scripts from outside... what do you think?. Thanks.

**MrNovi** · 06-30-2016, 05:23 PM

First off you have to understand that if it runs code it can be hacked. That means that the myth of total security is just that, a myth. ANY system can be hacked. All you can do is make it as difficult as possible so hackers won't want to spend the time trying to get to you. Unless they know something is on your system that they want or they have a grudge against you they will more than likely go to another system that is easier to hack. It's all risk vs reward. Why spend a lot of time trying to get into a system when you don't know what is there, at least for a personal system. Commercial systems are different in that they know that chances are that there is something worth getting unlike a home system.

That said, unless you are connected for extended periods at a time you should be relatively secure running from an actual read only CD or DVD. Running from a USB stick is less secure as it can be written to. Reboot at least daily to make it less likely that any man in the middle type attacks (or anything similar).

**joselb** · 06-30-2016, 06:02 PM

Thank you for the answer MrNovi.
Yes, I know what you say, but my question was about "accepting code" from internet when browsing or ports opened to be exploited. If I don´t accept scripts from internet and my ports are all closed or filtered, well... as you say I imagine there are many other forms to hack the computer, but I am with you in these words: not a extended period of time. That´s what zeusgard in fact does: 30 minutes maximum and shutdown.
So, if for example I only want to check my bank account or to change my passwords, etc... and I "suppose" my knoppix is malware free (who knows...) I think it´s a good way to be secure. And I don´t need to pay zeusgard to be more secure, knoppix is enough and it´s free.
Normally I use knoppix in my pendrive with persistence, avoiding scripts everytime I can and thinking to get a pendrive with read-only switch.

**MrNovi** · 07-01-2016, 04:55 PM

he persistence is going to be the weak link here.

**joselb** · 07-02-2016, 09:13 AM

Yes, that's what I normally do now and it's the weak link (and sometimes testing with read-only) but what I really want to do (that's my question) is to reject persistence and load my settings without a possibility to change when I reboot. If I need to change or update something I will load it later in the read-only knoppix, until then those files and folders will be encrypted in muy pendrive.

**itman007** · 07-05-2016, 04:56 PM

An easy way to accomplish this is via remaster. Use the big KNOPPIX file which was created after remaster. Load this file via pxe to your client. Now you have a read only OS with all your custom settings.

**joselb** · 07-05-2016, 08:26 PM

Originally Posted by itman007

An easy way to accomplish this is via remaster. Use the big KNOPPIX file which was created after remaster. Load this file via pxe to your client. Now you have a read only OS with all your custom settings.

Can you give us some support in how to do this in some steps?. Thanks!

Thread: Security question

Thread Tools

Search Thread

Display

Security question

Posting Permissions