Black Ops Puppy

[kitten]

Look how clearly solutions to the online banking problem were laid out five years ago...

http://www.1729.com/secureinternetbanking/index.html

Wouldn't a bank be smart to offer its customers secure on-line banking that included -- (for a profit line set-up fee)

1: a business card size CD, that was the only way they could access their account via internet. Its single ap would be a locked-down browser that could only access their secure servers, using the account name and key for user to which it was issued.

2: a 2nd factor, wallet PIN card where PIN was only good for single transaction login. For deny ability, a customer could destroy its function by some special duress/panic PIN, like "911".

Since this problem is so technical to set up right, and fraught with slip up peril...

http://www.1729.com/blog/TenWaysLiveCDS ... dFail.html

This is a problem for some BANK's big-bucks marketing and IT teams?

Consumers only get what they demand. Customers refusal to bank on-line costs banks money. I'd sure be attracted to a bank that offered the plan above.

And surely there is a way in this money area to raise contributions for Puppy's advancement.

[kitten]

Here is where others with a Black Ops bent are taking their distros...

http://www.openwall.com/Owl/Owl-CD-large.shtml

or another example, this time lightweight: Note the FluxBox menus and tiny widget. Note "System Hardening" as a menu option.

http://techm4sters.org/forum/index.php? ... view;id=46

But yea, its a daunting task...

http://mirrors.unixsol.org/netsecl/docu ... ldocu.html

Yet since as even the Pres says, October "is national cyber security month in the US, with hundreds of federal, state and local government agencies, companies, non-profits and everyday citizens deploying themselves to educate millions of Americans about the importance of online security to themselves, their communities and the nation" - Peter Dinham in...

http://www.itwire.com/content/view/28614/53/

Every other day we read that Window$, unlike Linux, did not design-in security from the kernel. So now the country and the world must pay for its greed and rush to market.

Any inherent advantage the pristine Puppy CD has in privacy or security may be run over, unless we train each generation of Puppies to fight or evade new intruders and protect their RAM and their disk.

[Lobster]

We have a program under Network 'MTR traceroute'

this sounds like "geeky, geeky geek geek" to me - what does it mean if anything for security?
http://en.wikipedia.org/wiki/Traceroute

Developing GROWL for simple enhancements
http://www.murga-linux.com/puppy/viewto ... 455#353455

[clarf]

A needed read for Linux security audits:

http://www.sans.org/score/checklists/linuxchecklist.pdf

[mac84]

iway officiallyway antway othingnay otay oday ithway isthay

[SickPuppy]

Black Ops Puppy could easily become a hit in China.

[Q5sys]

And here I found some interesting links:
http://murga-linux.com/puppy/viewtopic. ... 90&t=24431

A user thinks we should have available:

nmap, hping2, wireshark, nessus, metsploit, ettercap, firewalk, paros, john the ripper, burp, webscarab.

Some are available as pets if you search the site, others arent. What would be nice is if someone could package them all together as an SFS file that we can load/unload as needed. I've got nmap, aircrack, nessus, wireshark loaded on my system currently.

backtrack, is the best I know of...
https://wiki.remote-exploit.org/backtrack/
Aitch

BT is as far as im concerned the standard for a PenTesting Distro. And while I would never think that a puppy version could surpass it, it'd be nice if as I said above; there was a SFS file that we could load with alot of the tools that we'd use on a regular basis.

Is anyone else up for this? Making a SecTool SFS package? I'd be willing to pitch in and help on it.
Ive already got a list somewhere of what id consider a worthy addition.

[clarf]

"The lesson from this year's Pwn2Own is pretty simple, suggested Charlie Miller, another of Wednesday's winners. "What you can see at Pwn2Own is that bugs are still in software, and exploit mitigations like DEP and ASLR don't work. Even as [defensive measures] improve, researchers still end up winning"

More info at:

http://www.computerworld.com/s/article/ ... _2_minutes

[edoc]

Just as this fascinating thread was moving toward solutions it seems to have died ... sure was lots of fun to read!

Was a new thread started somewhere?

Please tell me that my favorite show has not been canceled!

[Aitch]

Is anyone else up for this? Making a SecTool SFS package? I'd be willing to pitch in and help on it.
Ive already got a list somewhere of what id consider a worthy addition

seems to have been the last interesting comment, though I don't think it got implemented, doc

Aitch

[Lobster]

This thread was created in response to those
terrified that their root running computers were
malware magnets and hacker (cracker) havens

Keep your mind clear
http://murga-linux.com/puppy/viewtopic. ... 158#398158

and you won't have to use GROWL (I never do)
http://murga-linux.com/puppy/viewtopic. ... 216#335216

Over to the Tin foil hat brigade . . .

[edoc]

My primary interest is:

1. A small app optimized to seek out available public Wifi sites.

2. An app to defend my little Netbook Puppy when using public Wifi's.

3. An app for when a friend or neighbor needs help troubleshooting Wifi, especially for router security problems.

Is Growl a suotable answer?

Or ???

[Q5sys]

Is anyone else up for this? Making a SecTool SFS package? I'd be willing to pitch in and help on it.
Ive already got a list somewhere of what id consider a worthy addition

seems to have been the last interesting comment, though I don't think it got implemented, doc

Aitch

hadnt checked this thread in ages... I eventually made this... dont know if it'd be of interest to anyone.

[edoc]

Downloading now ...

[Aitch]

Q5sys

That's one way to fool the crackers....slip a puppy in unannounced with no fanfare.....

Interesting, but I think we still need better Lan/Wifi setup wizard to take full advantage of its capabilities

Couldn't go wardriving easily eh? [not with my eyes, I can't see the white on black... ]

Aitch

[Aitch]

Q5sys

That's one way to fool the crackers....slip a puppy in unannounced with no fanfare.....

Interesting, but I think we still need better Lan/Wifi setup wizard to take full advantage of its capabilities

Couldn't go wardriving easily eh? [not with my eyes, I can't see the white on black... ]

Aitch

[Q5sys]

Interesting, but I think we still need better Lan/Wifi setup wizard to take full advantage of its capabilities

wifi setup eh...? iwconfig works well.

Couldn't go wardriving easily eh? [not with my eyes, I can't see the white on black... ]

As for wardriving... airmon-ng works well too.

[edoc]

The download site is here:
http://murga-linux.com/puppy/viewtopic.php?t=55874

But the discussion and feedback seems to be here ... so ...

It looks good but I think lacks the correct driver or maybe has an old version of pwireless (which I have found to be a troublesome app).

I can see my router but pwireless insists that it wants a WEP code when it is WPA.

It creates the appearance of a connection but does not work.

I recall this as an old problem with the base distro of Puppy upon which you built it.

It brings back memories of wireless tail-chasing ...

dpup009 works really well on most of the pcs here, perhaps what it uses for wireless nics might be ported over?

[Q5sys]

The download site is here:
http://murga-linux.com/puppy/viewtopic.php?t=55874

But the discussion and feedback seems to be here ... so ...

Ill reply over in that thread.