Black Ops Puppy
Nine ways LiveCD security could be defeated
Look how clearly solutions to the online banking problem were laid out five years ago...
http://www.1729.com/secureinternetbanking/index.html
Wouldn't a bank be smart to offer its customers secure on-line banking that included -- (for a profit line set-up fee)
1: a business card size CD, that was the only way they could access their account via internet. Its single ap would be a locked-down browser that could only access their secure servers, using the account name and key for user to which it was issued.
2: a 2nd factor, wallet PIN card where PIN was only good for single transaction login. For deny ability, a customer could destroy its function by some special duress/panic PIN, like "911".
Since this problem is so technical to set up right, and fraught with slip up peril...
http://www.1729.com/blog/TenWaysLiveCDS ... dFail.html
This is a problem for some BANK's big-bucks marketing and IT teams?
Consumers only get what they demand. Customers refusal to bank on-line costs banks money. I'd sure be attracted to a bank that offered the plan above.
And surely there is a way in this money area to raise contributions for Puppy's advancement.
http://www.1729.com/secureinternetbanking/index.html
Wouldn't a bank be smart to offer its customers secure on-line banking that included -- (for a profit line set-up fee)
1: a business card size CD, that was the only way they could access their account via internet. Its single ap would be a locked-down browser that could only access their secure servers, using the account name and key for user to which it was issued.
2: a 2nd factor, wallet PIN card where PIN was only good for single transaction login. For deny ability, a customer could destroy its function by some special duress/panic PIN, like "911".
Since this problem is so technical to set up right, and fraught with slip up peril...
http://www.1729.com/blog/TenWaysLiveCDS ... dFail.html
This is a problem for some BANK's big-bucks marketing and IT teams?
Consumers only get what they demand. Customers refusal to bank on-line costs banks money. I'd sure be attracted to a bank that offered the plan above.
And surely there is a way in this money area to raise contributions for Puppy's advancement.
I'm hearing security sirens, from the Pres on down...
Here is where others with a Black Ops bent are taking their distros...
http://www.openwall.com/Owl/Owl-CD-large.shtml
or another example, this time lightweight: Note the FluxBox menus and tiny widget. Note "System Hardening" as a menu option.
http://techm4sters.org/forum/index.php? ... view;id=46
But yea, its a daunting task...
http://mirrors.unixsol.org/netsecl/docu ... ldocu.html
Yet since as even the Pres says, October "is national cyber security month in the US, with hundreds of federal, state and local government agencies, companies, non-profits and everyday citizens deploying themselves to educate millions of Americans about the importance of online security to themselves, their communities and the nation" - Peter Dinham in...
http://www.itwire.com/content/view/28614/53/
Every other day we read that Window$, unlike Linux, did not design-in security from the kernel. So now the country and the world must pay for its greed and rush to market.
Any inherent advantage the pristine Puppy CD has in privacy or security may be run over, unless we train each generation of Puppies to fight or evade new intruders and protect their RAM and their disk.
http://www.openwall.com/Owl/Owl-CD-large.shtml
or another example, this time lightweight: Note the FluxBox menus and tiny widget. Note "System Hardening" as a menu option.
http://techm4sters.org/forum/index.php? ... view;id=46
But yea, its a daunting task...
http://mirrors.unixsol.org/netsecl/docu ... ldocu.html
Yet since as even the Pres says, October "is national cyber security month in the US, with hundreds of federal, state and local government agencies, companies, non-profits and everyday citizens deploying themselves to educate millions of Americans about the importance of online security to themselves, their communities and the nation" - Peter Dinham in...
http://www.itwire.com/content/view/28614/53/
Every other day we read that Window$, unlike Linux, did not design-in security from the kernel. So now the country and the world must pay for its greed and rush to market.
Any inherent advantage the pristine Puppy CD has in privacy or security may be run over, unless we train each generation of Puppies to fight or evade new intruders and protect their RAM and their disk.
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
We have a program under Network 'MTR traceroute'
this sounds like "geeky, geeky geek geek" to me - what does it mean if anything for security?
http://en.wikipedia.org/wiki/Traceroute
Developing GROWL for simple enhancements
http://www.murga-linux.com/puppy/viewto ... 455#353455
this sounds like "geeky, geeky geek geek" to me - what does it mean if anything for security?
http://en.wikipedia.org/wiki/Traceroute
Developing GROWL for simple enhancements
http://www.murga-linux.com/puppy/viewto ... 455#353455
Some are available as pets if you search the site, others arent. What would be nice is if someone could package them all together as an SFS file that we can load/unload as needed. I've got nmap, aircrack, nessus, wireshark loaded on my system currently.droope wrote:And here I found some interesting links:
http://murga-linux.com/puppy/viewtopic. ... 90&t=24431
A user thinks we should have available:
nmap, hping2, wireshark, nessus, metsploit, ettercap, firewalk, paros, john the ripper, burp, webscarab.
BT is as far as im concerned the standard for a PenTesting Distro. And while I would never think that a puppy version could surpass it, it'd be nice if as I said above; there was a SFS file that we could load with alot of the tools that we'd use on a regular basis.
Is anyone else up for this? Making a SecTool SFS package? I'd be willing to pitch in and help on it.
Ive already got a list somewhere of what id consider a worthy addition.
Hacker_busts_IE8_on_Windows_7_in_2_minutes
"The lesson from this year's Pwn2Own is pretty simple, suggested Charlie Miller, another of Wednesday's winners. "What you can see at Pwn2Own is that bugs are still in software, and exploit mitigations like DEP and ASLR don't work. Even as [defensive measures] improve, researchers still end up winning"
More info at:
http://www.computerworld.com/s/article/ ... _2_minutes
More info at:
http://www.computerworld.com/s/article/ ... _2_minutes
Just as this fascinating thread was moving toward solutions it seems to have died ... sure was lots of fun to read!
Was a new thread started somewhere?
Please tell me that my favorite show has not been canceled!
Was a new thread started somewhere?
Please tell me that my favorite show has not been canceled!
[b]Thanks! David[/b]
[i]Home page: [/i][url]http://nevils-station.com[/url]
[i]Don't google[/i] [b]Search![/b] [url]http://duckduckgo.com[/url]
TahrPup64 & Lighthouse64-b602 & JL64-603
[i]Home page: [/i][url]http://nevils-station.com[/url]
[i]Don't google[/i] [b]Search![/b] [url]http://duckduckgo.com[/url]
TahrPup64 & Lighthouse64-b602 & JL64-603
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
This thread was created in response to those
terrified that their root running computers were
malware magnets and hacker (cracker) havens
Keep your mind clear
http://murga-linux.com/puppy/viewtopic. ... 158#398158
and you won't have to use GROWL (I never do)
http://murga-linux.com/puppy/viewtopic. ... 216#335216
Over to the Tin foil hat brigade . . .
terrified that their root running computers were
malware magnets and hacker (cracker) havens
Keep your mind clear
http://murga-linux.com/puppy/viewtopic. ... 158#398158
and you won't have to use GROWL (I never do)
http://murga-linux.com/puppy/viewtopic. ... 216#335216
Over to the Tin foil hat brigade . . .
My primary interest is:
1. A small app optimized to seek out available public Wifi sites.
2. An app to defend my little Netbook Puppy when using public Wifi's.
3. An app for when a friend or neighbor needs help troubleshooting Wifi, especially for router security problems.
Is Growl a suotable answer?
Or ???
1. A small app optimized to seek out available public Wifi sites.
2. An app to defend my little Netbook Puppy when using public Wifi's.
3. An app for when a friend or neighbor needs help troubleshooting Wifi, especially for router security problems.
Is Growl a suotable answer?
Or ???
[b]Thanks! David[/b]
[i]Home page: [/i][url]http://nevils-station.com[/url]
[i]Don't google[/i] [b]Search![/b] [url]http://duckduckgo.com[/url]
TahrPup64 & Lighthouse64-b602 & JL64-603
[i]Home page: [/i][url]http://nevils-station.com[/url]
[i]Don't google[/i] [b]Search![/b] [url]http://duckduckgo.com[/url]
TahrPup64 & Lighthouse64-b602 & JL64-603
hadnt checked this thread in ages... I eventually made this... dont know if it'd be of interest to anyone.Aitch wrote:seems to have been the last interesting comment, though I don't think it got implemented, docQ5sys wrote:Is anyone else up for this? Making a SecTool SFS package? I'd be willing to pitch in and help on it.
Ive already got a list somewhere of what id consider a worthy addition
Aitch
wifi setup eh...? iwconfig works well.Aitch wrote:Interesting, but I think we still need better Lan/Wifi setup wizard to take full advantage of its capabilities
As for wardriving... airmon-ng works well too.Aitch wrote:Couldn't go wardriving easily eh? [not with my eyes, I can't see the white on black... ]
The download site is here:
http://murga-linux.com/puppy/viewtopic.php?t=55874
But the discussion and feedback seems to be here ... so ...
It looks good but I think lacks the correct driver or maybe has an old version of pwireless (which I have found to be a troublesome app).
I can see my router but pwireless insists that it wants a WEP code when it is WPA.
It creates the appearance of a connection but does not work.
I recall this as an old problem with the base distro of Puppy upon which you built it.
It brings back memories of wireless tail-chasing ...
dpup009 works really well on most of the pcs here, perhaps what it uses for wireless nics might be ported over?
http://murga-linux.com/puppy/viewtopic.php?t=55874
But the discussion and feedback seems to be here ... so ...
It looks good but I think lacks the correct driver or maybe has an old version of pwireless (which I have found to be a troublesome app).
I can see my router but pwireless insists that it wants a WEP code when it is WPA.
It creates the appearance of a connection but does not work.
I recall this as an old problem with the base distro of Puppy upon which you built it.
It brings back memories of wireless tail-chasing ...
dpup009 works really well on most of the pcs here, perhaps what it uses for wireless nics might be ported over?
[b]Thanks! David[/b]
[i]Home page: [/i][url]http://nevils-station.com[/url]
[i]Don't google[/i] [b]Search![/b] [url]http://duckduckgo.com[/url]
TahrPup64 & Lighthouse64-b602 & JL64-603
[i]Home page: [/i][url]http://nevils-station.com[/url]
[i]Don't google[/i] [b]Search![/b] [url]http://duckduckgo.com[/url]
TahrPup64 & Lighthouse64-b602 & JL64-603
Ill reply over in that thread.edoc wrote:The download site is here:
http://murga-linux.com/puppy/viewtopic.php?t=55874
But the discussion and feedback seems to be here ... so ...