Metasploit vs. Puppy Linux

Discussion in 'all things UNIX' started by Gullible Jones, Nov 7, 2013.

Thread Status:
Not open for further replies.
  1. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    Because I have the spare time right now, and wanted to see how a really insecure Linux distro would hold up.

    Interestingly the answer so far, for Slacko 5.6, is "better than un-updated Windows XP."

    - The iptables firewall blocks *everything* in the default configuration. A scan of the virtual network's IP range doesn't even show the VM. This is better than can be said of any Windows firewall I tried.

    - Metasploit's database doesn't appear to have anything for any of the applications installed. The only exploit I was able to get working was a Firefox XPI one that requires really obvious user interaction.

    Once that ran I had root access, but there's no way a reasonably experienced user would have allowed it.

    I still wouldn't call un-updated Linux safe, but it's looking safer from here than un-updated Windows.
     
  2. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    Tweak a few of the obvious conf files and it'll be rock solid under root. All you need to do is lock down ps so that you run the box.

    Dave

    Updating from BasicLinux 2.x to BasicLinux 3.5
     
  3. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    Wait what? How is that supposed to work?

    Without any kind of MAC, root is root. It can do anything, including direct writes to the boot sector. If a program running as root is compromised it's game over.

    Things are a bit different with SELinux, but Puppy most definitely does not use SELinux.
     
  4. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    406
    If you care to test the puppy variant FatDog64 (in which web applications are forced to run as limited user "spot") I'm curious to hear the result.
     
Loading...
Thread Status:
Not open for further replies.