Metasploit vs. Puppy Linux

Because I have the spare time right now, and wanted to see how a really insecure Linux distro would hold up.

Interestingly the answer so far, for Slacko 5.6, is "better than un-updated Windows XP."

- The iptables firewall blocks *everything* in the default configuration. A scan of the virtual network's IP range doesn't even show the VM. This is better than can be said of any Windows firewall I tried.

- Metasploit's database doesn't appear to have anything for any of the applications installed. The only exploit I was able to get working was a Firefox XPI one that requires really obvious user interaction.

Once that ran I had root access, but there's no way a reasonably experienced user would have allowed it.

I still wouldn't call un-updated Linux safe, but it's looking safer from here than un-updated Windows.

 

Tweak a few of the obvious conf files and it'll be rock solid under root. All you need to do is lock down ps so that you run the box.

Dave

Updating from BasicLinux 2.x to BasicLinux 3.5

 

Wait what? How is that supposed to work?

Without any kind of MAC, root is root. It can do anything, including direct writes to the boot sector. If a program running as root is compromised it's game over.

Things are a bit different with SELinux, but Puppy most definitely does not use SELinux.

 

If you care to test the puppy variant FatDog64 (in which web applications are forced to run as limited user "spot") I'm curious to hear the result.