DSL and SECURITY ?


Forum: DSL Tips and Tricks
Topic: DSL and SECURITY ?
started by: poutch

Posted by poutch on Feb. 02 2006,03:19
Hi, i am a linux noob but i would like to use DSL in order to access some bank websites (like paypal for example). So basically what i need is just a working firefox.

I have some questions about the security of DSL :

1) From what i understand, if i use DSL on a read only CD i am safe from virus, keyloggers, ... am i right ?

2) But now, what about my connections ? are they crypted like they should be or is it a weak point ? And can i set up a firewall ?

3) Also is it possible to remove everything except firefox ?

4) If i use only a read only CD how are stocked my settings, temporary files(from the surf) and the cookies ?

5) I guess that there is a sort of memory used for temp files like i asked in question 4. Is it possible that a malware use that memory ?

So you got the idea, I am a security paranoia and i would appreciate if you can help me to set up the SAFEST possible DSL (i just need to be able to use firefox). Every advices are welcome !

Posted by starcannon on Feb. 02 2006,06:34
do a search for persistent opt and persistent home this should answer you "where is my surf and cookie info stored" question.

As far as safe... The Only Safe Computer is turned off, with no network cables of any kind including phone wires, put this computer in a box and bury it in a location that you will never find your way back to...now its almost safe. J/K hehe

Now then all joking aside no firewall is ever a good idea imho, and yes there are firewalls available I am not the guy to ask about that though.

As for key loggers I suppose such a thing could happen to a linux machine, but I'd assume it to be more complicated to write a stealth installed keylogger, just be sure to disable scripting in FF, there is a very nice exension at the FF extensions site that prompts before running any scripts. Use same judgement for Java apps. Email is easy to lock down, us Sylpheed doesnt allow any sort of bunk to happen, just text and all binary is stored as attatchments.

Be sure to read the "Getting Started" guide that pops up everytime you load DSL it will answer a good deal of your questions as well.

Welcome to the community, and hope to see you arround more, don't forget there is a wiki and an IRC channel on FreeNode #damnsmalllinux

Rob

Posted by skaos on Feb. 02 2006,11:31
Quote
3) Also is it possible to remove everything except firefox ?

Take a look at < http://www.kioskcd.com/ > (which is based on DSL).

Posted by rst on Feb. 06 2006,13:42
What I did was delete everything but reboot & shutdown out of the menus and off the desktop except mozilla & aterm.  Not really secure but you still have a fully functional version for yourself.  Then you restrict the network connection you put it on.
Posted by doobit on Feb. 06 2006,16:19
There is also a version called ELE, which includes  TOR and Pivoxy for onioning, if you don't want your IP to be discovered. You can save your backups to a secure pendrive and take them with you for top security.
Powered by Ikonboard 3.1.2a
Ikonboard © 2001 Jarvis Entertainment Group, Inc.