Ubuntu Linux Live CD security?

[Danoe]

I am new to Linux, and have used the Ubuntu Live cd to get a quick sneek peek.

I was curious, as to how secure I am using the live cd.
Does anyone know if its even possible for my puter to be comprimised when I am running the Linux OS from CD?

I would imagine not, since I dont think its even possible to contract a virus or spyware,trojan, keylogger, any of that sort without the OS being on HD, Is that right?

I am just wondering if I am being Naive, thinking that I am totally secure accessing my $$$ type accounts online, by the use of the Live CD?

thanks for any input.

[void_false]

If hardware keylogger is attached then you're never safe.

[anomie]

Does anyone know if its even possible for my puter to be comprimised when I am running the Linux OS from CD?

It depends on what you mean by that. It's not very likely that your read-only live operating system is going to get compromised.

I haven't played around with an ubuntu live cd since 4.10, but I would imagine they have iptables up and filtering all service ports, so even if some exploitable service were running you'd have to go out of your way to make it accessible to a cracker.

What aspect are you worried about, exactly?

[Danoe]

If hardware keylogger is attached then you're never safe.

Well, I sure didn't install one, and I'm pretty sure nobodys been in the house and put one on my PC assuming when you say hardware, you really MEAN hardware.

[Danoe]

It depends on what you mean by that. It's not very likely that your read-only live operating system is going to get compromised.

I haven't played around with an ubuntu live cd since 4.10, but I would imagine they have iptables up and filtering all service ports, so even if some exploitable service were running you'd have to go out of your way to make it accessible to a cracker.

What aspect are you worried about, exactly?

Basically, can I be hacked, passwords stolen etc., etc.,
Lets say I use it ONLY when I am accessing an account,
for instance, PapPal, egold, etc.,
But am not doing any sort of surfing, haven't opened any e-mail attachments from whomever, not doing anything else out of the ordinary that might put a keylooger, virus or whatever, on my PC.
A concern is that the live CD obvioulsy doesn't have any antivirus , firewall, antispyware programs on it, so how safe could it be.
While running the live CD, I went to GRC.com tp do a port scan out of curiousity, and all ports came up stealth, I imagine thats because I have a router, but while in windows I still always use a software firewall as well as all your other spyware, antikeylogger, antivirus toys.

I'm obviously very new to Linux so please excuse my stupidity

[anomie]

A concern is that the live CD obvioulsy doesn't have any antivirus , firewall, antispyware programs on it, so how safe could it be.

fyi, That's not necessarily true. Knoppix, for example, has antivirus software (ClamAV). Both Knoppix and ubuntu live have a firewall by virtue of the fact that it's already built in to the kernel. It's called iptables. Try a port scan from another machine on your network sometime if you're really curious.

Using a Knoppix/ubuntu live cd to visit secure (https:/) websites is an excellent idea. You eliminate many risks by doing so, and this is a relatively safe, "secure" environment to work from.

Basically, can I be hacked, passwords stolen etc., etc.

Unlikely.

[Danoe]

Thanks, interesting stuff. Like I say, I have a LOT to learn about Linux.
I never new it was popular until I found this and another forum.
Didn't realize that folks even used it for network setups.
I am in school still for computer networking, and they do offer
a Linux class as a technical elective, I didn't think it would
come in handy, but now I'm pretty sure I'll take it, I have to take
a certain amount of tech. electives anyway to get the degree,
so the Linux course will definetlly be of value.
But I'll keep reading and have a head start.

[void_false]

Furhermore if you have LAN other computers can actually catch all of your traffic. That's a downfall of broadband system used by hubs.

[LFT]

If hardware keylogger is attached then you're never safe.

For public computers:
* You can protect against software keyloggers by using a live CD.
* You can protect against hardware keyloggers by using an onscreen keyboard to enter your login information.

Nothing is 100% safe with computers, but that will eliminate most of the risk.