I've been paranoid about this idea for a while, that I'll be an idiot, lose control of myself, and turn off my precious firewall. I'm scared about my password as well. I'm worried a hacker will hack my Linux PC? Under these conditions, is it even possible? I know about offline hacking, but that doesn't matter for me usually, since I usually have my lappy at home.
Asked
Active
Viewed 132 times
2 Answers
2
If your question really is "is it even possible?" then the answer is yes.
Your primary concern with that setup is client-side attacks.
If malware infects your PC, it could start a reverse shell. Your firewall can combat this with egress filtering, but it is tricky nonetheless. Even ICMP may be used for reverse shell communication, or the traffic may be encrypted or obfuscated. Or the malware may simply exfiltrate your data to a remote server.
You may unwittingly install this malware yourself. Software you already use like a browser or browser plugin may have a vulnerability that could be exploited, e.g. drive-by-downloads.
Defences are numerous. You can keep your software up to date, only install trusted software and use your judgment when browsing. Furthermore, you can run anti-virus software. Of course, there are many, many measures you can take.
In order to decide what action to take, consider the risks and your threat model. Ask questions like:
- What's at stake?
- What level of risk am I comfortable with?
- Am I defending against random or targeted attacks, by whom?
-
What if I don't have malware? What if the hackers are online-only, and that I'm smart enough to avoid malware? – RDM_School_account Dec 11 '16 at 10:11
-
The other possibility is a vulnerable router, but if it offers no services I would say that's unlikely. If you are content to assume malware is not an issue and your adversary can only attack you over the internet from outside your network, you should be fine. Of course I'm hesitant to make any big claims about perfect security. – Dec 11 '16 at 11:50
-
Phew. I'm kinda worried about the router's and modem's passwords though. My dad's router has a basic password (though it isn't another 1234 or password), and the modem (which is like a router) has its default password. Am I now screwed? – RDM_School_account Dec 11 '16 at 17:28
-
Do you have management connections enabled on the WAN interface of the router? – Craig Tullis Dec 11 '16 at 18:18
-
There is also the possibility of compromised firmware on your computer (see [LegbaCore's research](http://legbacore.com/Research.html)) or other nodes compromised on your private network by some other means. – Dec 11 '16 at 22:57
-
@Craig, what's that? I can't directly access the router anyways, I'd get "killed" (as in getting in big trouble) if I do that. – RDM_School_account Dec 12 '16 at 01:42
-
@LukeJeremy, I already know of that. – RDM_School_account Dec 12 '16 at 01:42
1
Yes, a computer in this configuration can be hacked. This is actually the exact scenario that bad guys use phishing attacks for, in order to induce you to install the malware which compromises your computer yourself.
Craig Tullis
- 1,473
- 10
- 13