Black Ops Puppy

[KJ]

I tried the suggestion to turn "ping reply" off with the following command from a console window as outlined earlier in this thread:

sysctl -w net.ipv4.icmp_echo_ignore_all=1

Shields-Up site (at)https://www.grc.com/x/ne.dll?bh0bkyd2 says that I'm still replying to their ping.

Didn't stop the response while running Puppy 410 and 412 USB frugal installs

[droope]

Perhaps they cache their results?? It could be that happening.

Cheers.

[Lobster]

Is this in Seamonkey too? I am sure I have had javascript interrupts in Seamonkey - taking me to some spam site. However would that be something that happens in any javascript enabled browser

Anyways Firefox 3.5 vulnerable
http://mashable.com/2009/07/15/security ... refox-3-5/

[Aitch]

backtrack, is the best I know of...

http://www.remote-exploit.org/backtrack_download.html

https://wiki.remote-exploit.org/backtrack/

[you may get a security warning about this site!]

Aitch

[eztuxer]

I've just dwlnd & burnt this one:

http://aircrack-ng.org/doku.php?id=slit ... 5cfc49cd71

It looks interesting, small, only 60 Mb and tailored for AAO netbook.
No sound card support, and very basic, but has the right wifi drivers for wardriving & more...

Can't wait to see this turned into a pupplet.

[Trobin]

When I posted initially that 'Black Ops Puppy' does not exist
That was true.
Many insisted on testing this non-existent puplet

I wonder what the results were?

For those still interested in tin foil and testing maybe this project is suitable?

http://www.owasp.org/index.php/LiveCD

Out of sheer curiosity I went to the following website:
http://www.yolinux.com/TUTORIALS/LinuxT ... urity.html

And ran CHKROOTKIT on Puppy 4.10 Retro. The following were infected.

BASENAME
DIRNAME
ECHO
ENV
LOGIN
PASSWD
TRACEROUTE
/SBIN/INIT

I ran CHKROOTKIT on a fresh puppy livecd boot - pfix-ram, no saved session, and got the same result.

Need I be worried?

[Lobster]

Need I be worried?

No idea. Maybe.
Worry seems part of some peoples search and experience
routine. In other words they look for reasons to wear tin foil hats.

Maybe someone will know . . .
Nobody seems much bothered - if we were a BSD distro we would now be on red alert. All websites would be closed down etc


Meanwhile. Puppy 4.3 Pre beta reloaded
has adblock on by default (good move)

Another tip:
If you are visiting warez, porn or hard core Microsoft sites
go to menu / shutdown / restart X server
It is quick and flushes any javascript hovering about . . .

[Aitch]

perhaps.....?

http://www.chkrootkit.org/README

Aitch

[PaulBx1]

There is another way besides sysctl to turn off pings, for those having problems with that. See /etc/rc.d/rc.firewall:

Code: Select all

...
LOGGING="yes"				# PJB Let's try logging
REQUIRE_EXTERNAL_CONFIG="no"

############################################
# -- Advanced Firewall Behavior Options -- #
############################################

# The default settings provide the suggested firewall configuration.

NO_RP_FILTER_INTERFACES=""
INTERNAL_DHCP="yes"
RFC_1122_COMPLIANT="no"		# PJB Drop pings even though some say that's naughty
DROP_NEW_WITHOUT_SYN="yes"	# PJB See http://www.ledow.org.uk/linux/config.html
DUMP_TCP_ON_INIT="no"
TTL_STEALTH_ROUTER="no"
LOG_LIMIT="1/minute"
LOG_BURST="5"
LOG_LEVEL="notice"

Of course if we want a black ops Puppy, it should be based on OpenBSD, not Linux. E.g. http://bsdanywhere.org/

[Lobster]

Puppy based on BSD . . .
I am assuming that would be possible with Woof
or not? BSD uses a different kernel

Barry is experimenting with Automatic unmounting
http://www.puppylinux.com/blog/?viewDetailed=01004
and this will ensure better security.

It would seem that if running from CD
only a mounted disk could be read
though I suppose it is easy enough to mount from rogue javascript or php?

[Pizzasgood]

PHP doesn't go "rogue" on the client's machine. PHP is a server-side programming language. It is run on the webserver, not the user's computer. The user never sees PHP, and even if he did, the browser wouldn't know what to do with it. So PHP exploits are dangerous to a webserver, but the only danger they pose to an end user is indirect (if you have any data stored on the webserver, for example).

As for JavaScript, if you managed to find an exploit that allowed you to execute arbitrary code with root permissions, then it wouldn't be hard to mount a drive in Puppy. Unless you only run your browser as a non-root user, which isn't hard to do. Just open a terminal and run

Code: Select all

su spot
seamonkey

That will start seamonkey as the user spot. You will only be able to save files to /root/spot, as that is spot's home directory, and /tmp, which is world-writable. But if your browser is hacked into, it should only be able to damage things in /root/spot and /tmp, and not the rest of the system. Note: The browser would still be able to read data from anywhere, unless it doesn't have the world-readible bit checked, so if you have confidential information on a mounted partition and the browser is hacked, the hacker could potentially see it.

[Nekroze]

Hello all, although this is my second post on these forums i have been tending to my puppy now for about a month (yes i thought that was kinda neat way to say things) by this i mean i have been running puppy for about a month and trying my best to learn about this distro and in general linux as i have been venturing out of windows and realized the worlds of possibilities that linux presents and more so with puppy.

i have been extremely interested in security cryptology and more generally everything being discussed in this thread.

unfortunatly i do not have anything i can really contribute YET however i must say even if nothing in the way of software or an actual distro/puplet come out of this just looking through the links and ideas mentioned here is an amazing learning experience i have just started but i have alot of reading ahead of me.

all i can really do is thank you all for the knowledge that i and anyone else can get out of this.

oh i have been unsuccessful in compiling anything in puppy yet but i have had very limited time to look into it it seems i lake the exact commands to run.

BUT! my main rig (PC) is a intel Core i7 OC'd to 4Ghz over 4 cores with 6Gb's of DDR3 ram so if anyone needs something compiled for this project PLEASE i would love to help. it would also be even more of a learning experience to me so by all means. i would like to become more involved in puppy and all i can offer at this point is my hardware's power.
SORRY for the long post!

[ttuuxxx]

Hello all, although this is my second post on these forums i have been tending to my puppy now for about a month (yes i thought that was kinda neat way to say things) by this i mean i have been running puppy for about a month and trying my best to learn about this distro and in general linux as i have been venturing out of windows and realized the worlds of possibilities that linux presents and more so with puppy.

i have been extremely interested in security cryptology and more generally everything being discussed in this thread.

unfortunatly i do not have anything i can really contribute YET however i must say even if nothing in the way of software or an actual distro/puplet come out of this just looking through the links and ideas mentioned here is an amazing learning experience i have just started but i have alot of reading ahead of me.

all i can really do is thank you all for the knowledge that i and anyone else can get out of this.

oh i have been unsuccessful in compiling anything in puppy yet but i have had very limited time to look into it it seems i lake the exact commands to run.

BUT! my main rig (PC) is a intel Core i7 OC'd to 4Ghz over 4 cores with 6Gb's of DDR3 ram so if anyone needs something compiled for this project PLEASE i would love to help. it would also be even more of a learning experience to me so by all means. i would like to become more involved in puppy and all i can offer at this point is my hardware's power.
SORRY for the long post!

I have a couple newer pc's the extra power doesn't help all that much, most 95% or so puppy versions are single core, only a couple are for 2 cores, having 4 or 20 cores won't speed up anything, The extra memory is good but most can pimp out the pupsave like I do to 20GB on a sata2 hd and that's about as good as it gets
as for compiling let me tell you, that is a art of its own, the best place to look is Barry's blog, he's been giving out his compiling recipes lately which is nice, he's always been the king of making things small, Thats the key to a great puppy package, reduction in size.
My last version of hardware info is about 30% smaller than all the others because I looked at the C code and made it reuse icons for each sub-directory saving about 200kb extracted. not bad for a 110kb pet package
Other tricks is to know what can and can not safely be stripped, Thats a hard call, usually bins and .so files, but sometimes they break, best to try it on the installed version.

A great tip is sources, you can waste your time trying to find them here and there, Or you can go to the Ubuntu package search and search for something 9/10 times its there, just download the sources and from the page and compile, when it says your missing something, look at that page it should have all the missing deps listed, then just download what sources you need and away you go.

usually check and see what you can disable also, like open a package/extract it and do the ./configure --help
that should list what you can --enable --disable --with --without, sometimes it only says --enable, try to use --disable instead

Barry's main commands to compile are
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --build=i486-pc-linux-gnu

My main commands are
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --build=i386-linux --enable-shared --enable-strip

I usually build i386 not i486, my pc's are i686 like yours, I lower it so it works well for everybody,

Some say to use
export CFLAGS="-O2 -march=i386 -mcpu=i686"
before you start to compile

to strip a file use something like
strip -R .note -R .comment path-to-file /usr/bin/abiword

ttuuxxx

[Aitch]

Hi

I just came across this link,

http://www.irongeek.com/i.php?page=vide ... -computing

which is very geeky, but covers a lot of useful info, though quite a lot is windoze vista and v7 based, there is some good forensics inside info,
particularly on hard drive storage and how it can be used forensically for tracking/tracing etc and overwritten...

e.g.

http://sansforensics.wordpress.com/2009 ... rive-data/

run the video - it's over 3 hours, so be prepared......

pick out the useful bits......

like gnu-tools shred invocation

http://www.gnu.org/software/coreutils/m ... ation.html

Gives a bit of insight into tinhat mentality, and the sort of programs used for forensics IMO

e.g DEFTlinux

http://www.deftlinux.net/

maybe useful for testing, if ever anyone actually makes BOP

Also some good stuff on private browsing

Didn't watch it all, but I use sandboxIE for windoze.....
delete the sandbox after browsing/email/banking etc

enjoy

Aitch

[Lobster]

This is an explanation of a potential exploit I have experienced in Puppy (would happen in any distro not running 'no-script?)
http://www.techcrunchit.com/2009/08/31/ ... -security/

As the commercial world move us into the cloud
for more cummulus fleecing, stay informed . . .

PS.
Went to visit my sister today.
Norton Symnatec ran out (free year from ISP)
does their downloadable uninstaller work?
no - expired.
We needed that because the AVG anti-virus would not install before Norton was uninstalled.

In the end she contemplates being extorted (ahem - have a renewed paid subscription) and blackmailed into not wasting further time
She is of course running MS Windows - blatant, shameful 'business practice'

[James C]

Lobster,

Try Revo Uninstaller.........freeware download.Removes even the most stubborn stuff from Windows.....

[Aitch]

Lobster

The Norton Removal Tool uninstalls all Norton
2009/2008/2007/2006/2005/2004/2003 products, Norton 360 and Norton
SystemWorks 12.0 from your computer.
http://service1.symantec.com/SUPPORT...05033108162039

Aitch

[Lobster]

thanks James have passed on the info
Aitch your link does not work
and the Symnatec uninstaller does not seem to exist
. . . as mentioned

[cthisbear]

The best place is Major Geeks:

http://www.majorgeeks.com/Norton_Remova ... d4749.html

""""""""""

Or Nortons is here.

http://service1.symantec.com/Support/ts ... g=en&ct=us

Lobster.
I've never had a failure with Nortons Removal.

"""""""""
And try Avira Free.
http://www.majorgeeks.com/Avira_AntiVir ... _d955.html

"""""
Firewall...try Online Armor Free

http://www.majorgeeks.com/Online_Armor_Free_d4872.html

/////////////

Majorgeeks....way to go.
Plus occasionally they mention Puppy.

Chris.

[Aitch]

Lobster, sorry, somehow it got abbreviated

http://service1.symantec.com/Support/ts ... 3108162039

Aitch