Printable View
Hi all,
the attached is the results of a nessus scan i carried out against my box. At the time i was running knoppix from the cd. I am very new to nix so i'm not sure if the results are anything to be conserned with. Im just playing with it at the moment. I would appreciate any feedback you may have. As it does show a security hole.
Thanks for your time.
Jinxy
of course knoppix isn't that secure, that's why there was made a more secure knoppix version based on knoppix 3.2.
get it here
uhmm, lepricaun, knoppix-std is not a secure distro. From the faq:
How secure is Knoppix-STD?
Many linux security distributions are hardened versions of Linux to secure the host. This is not STD. STD is a security toolkit not a hardened OS. I would not consider Knoppix a secure distribution.
True, It runs off of a read only CD with minimal services running on boot. It only loads itself into RAM. Their are only a few viruses that affect it. The default boot shows only 68/tcp (dhcpclient) and 6000/tcp (X11) loaded from an nmap scan. A nessus scan shows only a low severity alert on X11 (It doesn't allow any client connections, but may be vulnerable to DoS attacks. CVE-1999-0526). dhcpclient instantly closes any connection attempts.
Well I don't know much about the Nessus logfile but in regard to the Knoppix discussion -
I prefer PHLAK over Knoppix-STD.
I think it would be more secure as well 'cause there are shortcut buttons to open or close certain ports (with iptables I believe)... Or to close ALL incoming traffic.
But I guess then you'd might as well be disconnected altogether :D
Maybe sometime I'll compare Nessus scans of both distros... Maybe...
mjk
the standard knoppix-std is indeed not secure, but the new version even has a firewall, i don't say it's completely secure, but it's better then the original...
the new version is knoppix-std 1.0b and you can get it at the same link as i posted above...
This is the latest version and yes it comes with a firewall and a one click icon to kill all incomeing tcp connections.