Complete 5 step security 2.16 and beyond

---

Create password

_

Firewall tests (click on green numbers)
http://www.auditmypc.com/freescan/scanoptions.asp∞



The above image from Scan it was after running all 39 tests from Mozilla Puppy 1.0.3 with the Morizot firewall
test your system with Scanit∞

Puppy now comes with two firewalls

* Linux
* Morizot

Has someone compared them? - if so please let us have the results
there are several places to test a firwall from the internet (www.grc.com)

about MorizotFirewall

Running Linux makes you more secure, Puppy from CD or USB is very secure.

(perhaps the scripts for firewalls should be run after the connection
to the internet scripts - or better yet - if possible - before)
10 things you should do to a new Linux PC before exposing it_to the Internet∞
::'Q: Security concerns'

I have read that it is unwise to login as "root" for normal usage, such as surfing the web. I am concerned that Puppy logs me in automatically as root and I cannot run as a non-root user. Isn't this a security weakness?

'A:' 1. Every time you boot Puppy, it's as though you have done a fresh install, as the entire filesystem except your home folder (/root) is reinstalled from two files, image.gz and usr_cram.fs. Furthermore, all of /usr is read-only. If some virus or whatever got into Puppy while surfing, it would be gone next time you bootup. Or, if it infected something in your home directory, you could still have it, but logging in non-root won't save you from that.

2. Puppy was originally intended to be a "client only" environment, which is fairly easy to make secure when surfing, even without a firewall:

The site www.grc.com has ShieldsUp!, a product that will test the security of your computer while connected to the Internet. ShieldsUp! basically performs 3 tests: "file sharing", "common ports" and "service ports". Without the firewall running, Puppy "failed" the second two tests, as although all ports are "closed" they are not "hidden". Also, Puppy responded to ping requests. These failures are not necessarily a problem and Puppy is still secure.

However, I then ran the "Puppy Firewall Wizard" and accepted the default totally secure mode, then rebooted. I am connected to the Internet by dialup modem and using Mozilla. ShieldsUp! now reports that my computer is totally absolutely 100% invisible. It simply doesn't exist (apart from providing its IP address and responses of the browser). All ports are in "stealth" mode, meaning Puppy doesn't respond to any probe, nor does Puppy respond to pinging.

3. If servers are to be run in Puppy, it is a different story, and this is a work-in-progress.

Puppy has a personal wiki called DidiWiki, with its own inbuilt HTTP server, so is accessed from a web browser, either locally or over a network/Internet. What we do in this case is run DidiWiki as user "spot". We can run an individual server application as a restricted non-root user, even though you yourself are still logged in as root.

---

I was looking for information about encrypting at least my personal files inside the pup001 file. Is it possible to do it afterwards? Install script didn't work for me so I just installed it on my own. Any help?

Reply Re: howto encrypt puppy file on usb stick Someone reported a problem with the pupxxx file encryption.
It worked when I set it up originally.
The syslinux.cfg file needs PFILE=pup100-ask-131000
...where "ask" means it will / should ask for a password first time the pup100 file is created, and on subsequent boots.

Links:

---

CategoryHowto