Find the answer to your Linux question:
Results 1 to 10 of 10
How can I disable networking in linux. Explaination: I want a live cd that users can use without it accessing/using the network devices, whether wireless or wired. Ideally, I think ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2011
    Posts
    17

    Disable Networking


    How can I disable networking in linux.

    Explaination: I want a live cd that users can use without it accessing/using the network devices, whether wireless or wired.

    Ideally, I think removing networking functionality altogether would be best, but any mechanism that prevents connecting to networks, wired or wireless, and prevents wireless sniffing, etc. will work.

    Any ideas? Distribution specific is fine, I haven't chosen one yet.
    Thanks.

  2. #2
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    wow, that's pretty hard-core!

    you can remove /sbin/ip and /sbin/ifconfig and /sbin/ifcfg for starters, that'd stump them.

    you'd also want to remove any networking from starting up - this is distro dependent, but the startup script /etc/init.d/network is often there. Also sometimes is /etc/init.d/NetworkManager.

    of course, if they have root, they can install whatever is missing from media and they're back online.

  3. #3
    Just Joined!
    Join Date
    May 2011
    Posts
    17
    Thanks atreyu, that's exactly the type of info I'm looking for.

    Other suggestions anyone?

  4. #4
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    another thought: you can remove the network drivers (modules) themselves from the kernel, assuming they were built as modules and not built into the kernel (they're typically built as modules).

    check out this dir:

    Code:
    /lib/modules/`uname -r`/kernel/drivers/net/
    you can remove various modules from there, as well as any under the "usb/" subdir, which will contain USB-to-ethernet adapters. If those are missing, then the kernel will not be able to use any attached network adapters.

    again if they were root, all bets are off...

  5. #5
    Just Joined!
    Join Date
    May 2011
    Posts
    17
    So what's involved in "removing" the network modules? is it simply a matter of deleting them from the
    Code:
    /lib/modules/`uname -r`/kernel/drivers/net/
    folder?

  6. #6
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    yeah, pretty much.

  7. #7
    Just Joined!
    Join Date
    May 2011
    Posts
    17
    Cool.
    There is a lot of stuff in the "net" directory. Is any of it really important for anything other than networking, or do you think I can ~safely~ remove it all?

    Also, does anyone have any good resources about the contents of the "net" directory? Where can I read up on what they're used for?

  8. #8
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    you can probably remove it and it won't affect your system. to test, i would suggest merely renaming it to "net.bak" or something, then reboot and see if your system operates as you want.

  9. #9
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    3,390
    Not sure, if it applies to your usecase, but:
    What is stopping a user from using a standard/not modified liveCD?

    Probably a better way is to either protect each and every service via username/password or establish radius to protect access to the network itself.
    You must always face the curtain with a bow.

  10. #10
    Just Joined!
    Join Date
    May 2011
    Posts
    17
    Someone using another live-cd: doesn't apply to my use case. Thanks for the consideration though.


    As for this:
    Probably a better way is to either protect each and every service via username/password or establish radius to protect access to the network itself.
    I'd really rather render the live-cd incapable of network connections, at least by default. I'm not really concerned with the user gaining access to the network if they try, however, I do want them to rest assured that their network won't be connected to simply by default, or by accident.

    I want a connection to the network to be undeniably intentional. If they use my live-cd to connect to their network, I want there to be some mitigation I can point to that suggests "Whoever connected knew they were connecting intentionally." and not have the excuse "Well it asked me for a username and password, and I supplied them.... I didn't know it would connect me."

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •