Code: Select all
# iptables -L -n -vYesterday I was playing 'Resident Evil' on the Wii
The red eyed Puppy is more scary . . .
Black Ops Puppy
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Improve your Firefox security
http://www.linuxplanet.com/linuxplanet/reports/6682/1/
http://www.linuxplanet.com/linuxplanet/reports/6682/1/
How about this?
You download and install a must have pet package.
Did you examine the contents before installing it?
Lets just say that the pet includes code for setting up backgrounded remote access to puppy with no indication that it has happened.
Most users of puppy do not check out the validity of pet files as far as internals.
Is this a possibility?
Think about it?
You download and install a must have pet package.
Did you examine the contents before installing it?
Lets just say that the pet includes code for setting up backgrounded remote access to puppy with no indication that it has happened.
Most users of puppy do not check out the validity of pet files as far as internals.
Is this a possibility?
Think about it?
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Yes the pets can be a potential entry point - for now I have been downloading and install tarbal, pups and pets without any regard for
their potential abuse
Meanwhile - our firewall . . .
Is there any merit in adding these two options?
#47: Stop replying to pings
* Difficulty: Easy
* Application: sysctl
While ping is a very useful command for discovering network topology, the disadvantage is that it does just that, and makes it easier for hackers on the network to target live servers. But you can tell Linux to ignore all pings - the server simply won't respond. There are a number of ways to achieve this, but the best is to use sysctl. To turn off ping replies:
sysctl -w net.ipv4.icmp_echo_ignore_all=1
To turn it back on, again use:
sysctl -w net.ipv4.icmp_echo_ignore_all=0
If turning off ping is too severe for you, take a look at the next hack.
#48: Slow down ping rates
* Difficulty: Easy
* Application: sysctl
You may want to keep the ability to reply to pings, but protect yourself from a form of attack known as a 'ping flood'. So how can you manage such a feat? The easiest way is to slow down the rate at which the server replies to pings. They are still valid, but won't overload the server:
sysctl -w net.ipv4.icmp_echoreply_rate=10
This slows the rate at which replies are sent to a single address.
their potential abuse
Meanwhile - our firewall . . .
Is there any merit in adding these two options?
#47: Stop replying to pings
* Difficulty: Easy
* Application: sysctl
While ping is a very useful command for discovering network topology, the disadvantage is that it does just that, and makes it easier for hackers on the network to target live servers. But you can tell Linux to ignore all pings - the server simply won't respond. There are a number of ways to achieve this, but the best is to use sysctl. To turn off ping replies:
sysctl -w net.ipv4.icmp_echo_ignore_all=1
To turn it back on, again use:
sysctl -w net.ipv4.icmp_echo_ignore_all=0
If turning off ping is too severe for you, take a look at the next hack.
#48: Slow down ping rates
* Difficulty: Easy
* Application: sysctl
You may want to keep the ability to reply to pings, but protect yourself from a form of attack known as a 'ping flood'. So how can you manage such a feat? The easiest way is to slow down the rate at which the server replies to pings. They are still valid, but won't overload the server:
sysctl -w net.ipv4.icmp_echoreply_rate=10
This slows the rate at which replies are sent to a single address.
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
I am not sure if you can get the video prog in all areas . . . (14 March 2009)
http://news.bbc.co.uk/1/hi/programmes/click_online/
Basically the Click team bought an illegal robobot
and took over drone machines which they used to
1. Spam
2. do a DDOS (Denial of service attack)
3. warn the infected users
It was fascinating and taught me many things (I am no security expert)
First of all Windows machines are going to be targeted
and any exe program could be sent and activated remotely
One important point a DDOS attack needs as little as 60 simultaneous
accesses of a web site to slow it down and make it unusable
This may explain why the forum is slowing. I am sure as Puppy gets more popular we are receiving increased traffic . . .(that does not mean we are being attacked)
http://news.bbc.co.uk/1/hi/programmes/click_online/
Basically the Click team bought an illegal robobot
and took over drone machines which they used to
1. Spam
2. do a DDOS (Denial of service attack)
3. warn the infected users
It was fascinating and taught me many things (I am no security expert)
First of all Windows machines are going to be targeted
and any exe program could be sent and activated remotely
One important point a DDOS attack needs as little as 60 simultaneous
accesses of a web site to slow it down and make it unusable
This may explain why the forum is slowing. I am sure as Puppy gets more popular we are receiving increased traffic . . .(that does not mean we are being attacked)
Hi there.
this is worth looking at:
http://knoppix-std.org/tools.html
And here I found some interesting links:
http://murga-linux.com/puppy/viewtopic. ... 90&t=24431
A user thinks we should have available:
nmap, hping2, wireshark, nessus, metsploit, ettercap, firewalk, paros, john the ripper, burp, webscarab.
Hey lobster, do you by any chance know how to compile stuff?
We won't get too far without that.
PD: I have figured a way for people not to find out the advances of BlackOps. Nono, it's not crypting, neither changing to another forum. What we will do is to continue posting here. Once we are on page 40, or maybe 50, noone will ever bother on watching We should spam a bit tho, to make it effective.
this is worth looking at:
http://knoppix-std.org/tools.html
And here I found some interesting links:
http://murga-linux.com/puppy/viewtopic. ... 90&t=24431
A user thinks we should have available:
nmap, hping2, wireshark, nessus, metsploit, ettercap, firewalk, paros, john the ripper, burp, webscarab.
Hey lobster, do you by any chance know how to compile stuff?
We won't get too far without that.PD: I have figured a way for people not to find out the advances of BlackOps. Nono, it's not crypting, neither changing to another forum. What we will do is to continue posting here. Once we are on page 40, or maybe 50, noone will ever bother on watching
We should spam a bit tho, to make it effective.-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
I don't make a habit of it.Hey lobster, do you by any chance know how to compile stuff?
I think we need to know what vulnerabilities are likely and possible.
So far it seems the main issue is browsing to a site that uses javascript
or other means to access data, run a command etc.
In fact this is one area that makes the whole of web2
a security nightmare.
If we knew what vulnerabilities were likely possible we would be "hackers", that's what "hackers" know...Lobster wrote:I don't make a habit of it.Hey lobster, do you by any chance know how to compile stuff?
I think we need to know what vulnerabilities are likely and possible.
So far it seems the main issue is browsing to a site that uses javascript
or other means to access data, run a command etc.
In fact this is one area that makes the whole of web2
a security nightmare.
So, i'd cross that out if I were you.
I'll google it tho.
-
jamesjeffries2
- Posts: 196
- Joined: Mon 28 Apr 2008, 00:50
-
Pizzasgood
- Posts: 6183
- Joined: Wed 04 May 2005, 20:28
- Location: Knoxville, TN, USA
Just as unsafe, yup. The multiuser thing is really about protecting, guess what... multiple users! As in, there are some Linux and Unix servers at my college that I have to use for some of my assignments. There are thousands of other people who use them. It would be bad if I could delete their things, or if I caught a virus that infected all of them. So we all have to run as limited users who don't have the ability to do that. If I do something stupid and get a virus, it will only affect me, nobody else. It protects everybody else from me, and me from everybody.else. But it does nothing to protect me from myself.
Important point: Even if I was a limited user, if I were hacked, all of my own personal (possibly confidential) data would be at risk, along with my configuration options and what-not.
In Puppy, there is typically only one user on a given machine. Therefor, using a limited user wouldn't be protecting anybody at all. What it would do is protect the OS itself. If a person got hacked, his personal data would all be compromised, but the OS would have that extra layer of security.
With Puppy however, it is very easy to reinstall the OS. Additionally, I would not trust the multiuser to protect the OS anyway*, and would feel the need to reinstall the entire thing even if I saw no evidence of tampering (unless I had md5sums of all files, kept on a separate CD/DVD, so that I could verify that everything was fine). So it wouldn't save much time and effort.
On the other hand, running as a limited user would be inconvenient much of the time. That inconvenience is much more than the inconvenience of reinstalling Puppy, say, once a year. The average user will be hacked much less than once per year. Therefor, it's less hassle to just run as root.
*Just because you're a limited user doesn't mean the hacker cannot elevate himself to root. If you don't realize you've been hacked, he could find a way to trick you into giving him your root password. Or he could find a glitch to exploit. I read something recently about an old method that involved a way to dump an "error report" into a directory that Cron reads, causing the arbitrary code you placed in the "error report" to be executed as root the next time Cron reads it.
Important point: Even if I was a limited user, if I were hacked, all of my own personal (possibly confidential) data would be at risk, along with my configuration options and what-not.
In Puppy, there is typically only one user on a given machine. Therefor, using a limited user wouldn't be protecting anybody at all. What it would do is protect the OS itself. If a person got hacked, his personal data would all be compromised, but the OS would have that extra layer of security.
With Puppy however, it is very easy to reinstall the OS. Additionally, I would not trust the multiuser to protect the OS anyway*, and would feel the need to reinstall the entire thing even if I saw no evidence of tampering (unless I had md5sums of all files, kept on a separate CD/DVD, so that I could verify that everything was fine). So it wouldn't save much time and effort.
On the other hand, running as a limited user would be inconvenient much of the time. That inconvenience is much more than the inconvenience of reinstalling Puppy, say, once a year. The average user will be hacked much less than once per year. Therefor, it's less hassle to just run as root.
*Just because you're a limited user doesn't mean the hacker cannot elevate himself to root. If you don't realize you've been hacked, he could find a way to trick you into giving him your root password. Or he could find a glitch to exploit. I read something recently about an old method that involved a way to dump an "error report" into a directory that Cron reads, causing the arbitrary code you placed in the "error report" to be executed as root the next time Cron reads it.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]
[img]http://www.browserloadofcoolness.com/sig.png[/img]
-
jamesjeffries2
- Posts: 196
- Joined: Mon 28 Apr 2008, 00:50
right i see. security is an area i dont know much about, i have hard and software firewalls etc, bu thats about it. Is there anything else i can do to secure puppy more?
I have always checked inside pets (bad experience installing a deb on ubuntu once) and i'm careful with passwords etc, but i still feel like there could be more I could be doing
I have always checked inside pets (bad experience installing a deb on ubuntu once) and i'm careful with passwords etc, but i still feel like there could be more I could be doing
-
Pizzasgood
- Posts: 6183
- Joined: Wed 04 May 2005, 20:28
- Location: Knoxville, TN, USA
Depending on level of paranoia and what you're scared of, you could:
Maintain md5sums of all files on your drive that don't change on a regular basis - this list must be stored on something read-only (like a CD) so that it cannot be tampered with easily. For maximum security, it should also be verified using pfix=ram to ensure that your md5sum program hasn't been tampered with.
Leave a program like "top" or Conky with the process list enabled running, so you can keep an eye on what's using your computer.
Use a host file to block known malicious sites from your computer.
Us an alternative keyboard layout, without changing the physical keys to match, to make it more difficult for people to shouldersurf your password.
Continue running as root, but run all internet accessing programs as some other user so that if your browser was compromised, the hacker would be a different user from who you are. (Clarification: I don't mean log out of root to use the internet and log back in later - I mean continue being logged in as root, but just launch the internet programs (browser, chat, etc) so that they're running under a different user)
Use an encrypted savefile so that nobody can read your data (so long as the OS is not running).
Write a program that asks you questions periodically. If not answered correctly in a timely manner, begin deleting/overwriting/encrypting/backing-up/uploading data, whichever you prefer.
Boobytrap your computer's case so that if anybody tries to get in, they get a nasty surprise and your data is safely slagged.
Maintain md5sums of all files on your drive that don't change on a regular basis - this list must be stored on something read-only (like a CD) so that it cannot be tampered with easily. For maximum security, it should also be verified using pfix=ram to ensure that your md5sum program hasn't been tampered with.
Leave a program like "top" or Conky with the process list enabled running, so you can keep an eye on what's using your computer.
Use a host file to block known malicious sites from your computer.
Us an alternative keyboard layout, without changing the physical keys to match, to make it more difficult for people to shouldersurf your password.
Continue running as root, but run all internet accessing programs as some other user so that if your browser was compromised, the hacker would be a different user from who you are. (Clarification: I don't mean log out of root to use the internet and log back in later - I mean continue being logged in as root, but just launch the internet programs (browser, chat, etc) so that they're running under a different user)
Use an encrypted savefile so that nobody can read your data (so long as the OS is not running).
Write a program that asks you questions periodically. If not answered correctly in a timely manner, begin deleting/overwriting/encrypting/backing-up/uploading data, whichever you prefer.
Boobytrap your computer's case so that if anybody tries to get in, they get a nasty surprise and your data is safely slagged.
Last edited by Pizzasgood on Wed 22 Apr 2009, 05:54, edited 2 times in total.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]
[img]http://www.browserloadofcoolness.com/sig.png[/img]
Hello,I`d like to add...How about DON`T KEEP ANYTHING ON YOUR COMPUTER YOU ARE CONCERNED ABOUT THE PRIVACY OF....
Drive to the Bank, Pay your bills in person, dont D/L porn, (Duh) ect...
I mean, what if someone stole it?? Physically I mean...(I know, kinda unlikely for a desktop, but just go with it)...
Not only would someone have access to your data, but it would be LOST...
A Computer isnt "Hardcopy", it is, by nature, insecure, temporary.....
People come to me all the time saying, "My Windows crashed, and I need xxxx and I dont have it anywhere else...."
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
anyone use netstat (in Puppy)?
http://www.simplehelp.net/2009/01/19/mo ... h-netstat/
http://www.simplehelp.net/2009/01/19/mo ... h-netstat/
