Page 3 of 5 FirstFirst 12345 LastLast
Results 21 to 30 of 43

Thread: do I need a firewall?

  1. #21
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: do I need a firewall?

    Quote Originally Posted by Zill View Post
    Have you got any evidence for this statement?
    I am a penetration tester and security professional what evidence do you want ?

    try here

    https://cve.mitre.org/
    http://www.exploit-db.com/


    If a system is connected then it is vulnerable, all end user OS whether it be a Linux Distro or Windows meet EAL 4 or 4+ in the common criteria which means they are all secure within reason whilst leaving functionality and ease of use the primary goals.

    There are systems which meet higher criteria but they are not meant for end user use such as bespoke military or aerospace systems and the like.

    http://www.commoncriteriaportal.org/products/

    Most Ubuntu distors meet EAL 4+ which is the same as most Windows versions, of course not every version or company puts forward for certification, Why ? because there is no need as they are end user OS.

    The methods are often similar or vastly different but all connected systems have some type of vulnerability which is par for the course for being connected.

    Point metasploit/meterpreter at most systems and something will pop up, usually a reverse shell (joke)

    The whole "secure" thing is sadly misunderstood, I read in here all the time about not needing a firewall if behind a router.....shame people know nothing about how easy it can often be to compromise a home based NAT router, firewalk, use Hping to ping using TCP past firewalls that block ICMP, session splice, XSS, NMAP idle scans or FTP bounce, reverse connections from arbitrary port creation as no outgoing traffic is controlled....... ad nauseum ad infinitum I dont bother replying anymore.

    Peace
    Last edited by haqking; February 6th, 2013 at 10:48 AM.
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

  2. #22
    Join Date
    Nov 2005
    Location
    Lincolnshire, UK
    Beans
    1,461
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: do I need a firewall?

    Quote Originally Posted by haqking View Post
    I am a penetration tester and security professional what evidence do you want ?...
    Err... slight misunderstanding.

    My question was to samiux in post #17 and referred to his statement "...but anyone knows that Linux is very easy to compromised compare with Windows...".

  3. #23
    Join Date
    Feb 2008
    Location
    In my skin.
    Beans
    Hidden!
    Distro
    Xubuntu

    Re: do I need a firewall?

    Is it time for this thread to head to Recurring Discussions yet? Me thinks so.

    Thread moved to Recurring Discussions.

    Everything you want to know is out there if you look, great advice from some folk that know on this thread, and this is solved if you process the information. Please feel free to continue the discussion.
    Last edited by Bucky Ball; February 6th, 2013 at 03:16 PM.

  4. #24
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need a firewall?

    Quote Originally Posted by Zill View Post
    Err... slight misunderstanding.

    My question was to samiux in post #17 and referred to his statement "...but anyone knows that Linux is very easy to compromised compare with Windows...".
    I think haqking has answered your question. However, if you are insisted to see the visual demo, I will show you some of them. Be reminded that they are just examples.

    For linux exploit, please see here, here and here.

    For Windows anti-virus bypass, please see here

    Hope I have answered your question.

    Samiux

  5. #25
    Join Date
    Dec 2008
    Location
    Indiana, United States
    Beans
    734

    Re: do I need a firewall?

    Do you need one? Nobody "needs one". Should you use one? Couldn't really hurt. Ubuntu ship with UFW a command line firewall by default. Just sudo ufw enable, sudo ufw default deny, and then sudo ufw allow portsyouneedopen
    Whoever came up with the phrase "There is no such thing as a stupid question" obviously never had the internet.

  6. #26
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: do I need a firewall?

    Quote Originally Posted by Zill View Post
    Err... slight misunderstanding.

    My question was to samiux in post #17 and referred to his statement "...but anyone knows that Linux is very easy to compromised compare with Windows...".
    I know it was directed to samiux, i was just jumping in

    Peace
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

  7. #27
    Join Date
    Nov 2005
    Location
    Lincolnshire, UK
    Beans
    1,461
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: do I need a firewall?

    Quote Originally Posted by haqking View Post
    I know it was directed to samiux, i was just jumping in
    No problem. I am questioning the apparent assertion by samiux that Linux systems are more easily compromised than Windows.

    I understand from your postings that all systems connected to the internet are vulnerable but I also believe that a default Linux system is (relatively!) more secure than a default Windows system. Am I mistaken?

  8. #28
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: do I need a firewall?

    Quote Originally Posted by Zill View Post
    No problem. I am questioning the apparent assertion by samiux that Linux systems are more easily compromised than Windows.

    I understand from your postings that all systems connected to the Internet are vulnerable but I also believe that a default Linux system is (relatively!) more secure than a default Windows system. Am I mistaken?
    I cant speak for samiux but I dont think English is the first language for them, I don't think samiux meant it is "easier" but just meant as "easy" as.

    The whole thing about this is it cannot be stated that "Linux" is more secure than "Windows" which is common statement, it needs to be very specific such as Ubuntu 10.04 out of the box with no updates and no services installed etc compared to a windows 7 out of the box machine etc etc.

    the collective terms of Linux and windows cannot be compared.

    then even if specific with versions etc then you have to say OK what does "more secure" mean, if one has 12 vulnerabilities and 8 known exploits vs one with 10 vulnerabilities and 4 known exploits etc. it is stupid argument, you only need one window open in a house to get in whatever alarm system you have.

    Does the fact that you running Linux prevent a compromise from a XSS attack ? no. Does it prevent you from an attacker getting a remote command shell ? no.

    Whatever OS you are running the things that prevent or mitigate these things are user education, patch management and regular updates along with changing browsing habits and the like.

    Linux is not more secure than windows, you don't "need" a firewall in Linux, and you don't "need" one in Windows, the point is you should use them in both whether behind a NAT router or not, don't run scripts, use least privilege, don't run unknown or untrusted software, stay vigilant etc etc.

    Every system in a connected world is vulnerable, whether or not an exploit exists or if it does if it is worth the time of the attacker to attack is a different matter, of course it is also a case of whether the asset is worth the cost of protection and so forth.

    Regardless what OS you use the same security principles apply, it is a process not a product. yes there are not known wild "viruses" for Linux but if then means you can use the same nonchalant browsing behaviors as in windows then sooner or later another type of compromise is likely to happen.

    Both systems can and do get compromised all the time. it isnt any more difficult to compromise one or the other, one configured system may have more defences but the action taken to compromise one or the other no more difficult than another, one may take 5 minutes and one may take an hour, does that mean easier, I dont think so, i take it as different.

    peace
    Last edited by haqking; February 6th, 2013 at 10:20 PM.
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

  9. #29
    Join Date
    Nov 2005
    Location
    Lincolnshire, UK
    Beans
    1,461
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: do I need a firewall?

    haqking: Thanks for the clarification and it is interesting to see that you recommend using a software firewall even when a PC is behind a NAT router.

    I have been using pure Linux systems for around ten years now (no Windows or Macs here!) on fixed PCs without a software firewall or antivirus software etc and have had no problems whatsoever. I would think that very few Windows users can say this!

    However, with the addition of a netbook for use out and about on public wifi networks, I have considered using UFW. Again, maybe I have been lucky but there is no evidence that my netbook has been attacked since I got it around 18 months ago. I guess from your comments that you would definitely advocate enabling UFW on netbooks/laptops used on public networks?

  10. #30
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: do I need a firewall?

    Quote Originally Posted by Zill View Post
    haqking: Thanks for the clarification and it is interesting to see that you recommend using a software firewall even when a PC is behind a NAT router.

    I have been using pure Linux systems for around ten years now (no Windows or Macs here!) on fixed PCs without a software firewall or antivirus software etc and have had no problems whatsoever. I would think that very few Windows users can say this!

    However, with the addition of a netbook for use out and about on public wifi networks, I have considered using UFW. Again, maybe I have been lucky but there is no evidence that my netbook has been attacked since I got it around 18 months ago. I guess from your comments that you would definitely advocate enabling UFW on netbooks/laptops used on public networks?
    I would advocate a firewall in all instances, it is not a one stop solution but is part of a layered defence which is the best process for securing a system. For a start most people think of firewalls as stopping attackers getting in, well what about getting out ...controlling outgoing traffic is as important to prevent reverse connections on arbitrary port creations from malware or malicious code embedded in webpages or bad code in applications etc.

    Also alot of people think oh its ok im behind a firewall, well like a any wall it can be climbed over, burrowed under or gone around the side or beaten down with a sledge hammer, firewalls are not impenetrable by any means.

    The most basic thing people seem to worry about is "oh i will block ICMP" then no one can see me...LOL.....well there are many ways and tools without using PING, hping uses TCP for example and not ICMP, Nmap can scan using IDLE scans from IDLE machine or node and no packets are returned to the attacker from the target only to the trusted or IDLE machine, PING can be diabled in NMAP scans and so on. This is just a few simple things as examples and not provided in detail but you get my point. I used these examples as they are very basic and most people can grasp it without too much in depth security knowledge and cover basic things which most people already know about, there are much more advanced methods for bypassing firewalls.

    Also you mentioned you have never had a problem, well that maybe true indeed probably very likely, but how do you know ? not all attacks or compromises result in damage or "things going wrong" sometimes it is merely exploratory, nosy, and do no damage and a skilled attacker can cover tracks very easily, just cause someone isnt stepping on my rose garden doesnt mean I want them in my garden at all

    Peace
    Last edited by haqking; February 7th, 2013 at 12:43 AM.
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

Page 3 of 5 FirstFirst 12345 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •