Wiki source for security


Show raw source

{{include tonguesSecurity}}
[[HomePage]] > [[ComponentHowTo Components and HowTos]] > [[Security]]

{{image width="48" height="48" url="http://img814.imageshack.us/img814/5626/logowoof4.png" title="text" alt="text"}}
====Security====
~Security includes protection from data loss, data theft and data corruption.

==List of Precaustion==
- Adobe Flash Player: either remove it or use the [[libflashplayer latest available version]]
- //never// open e-mail attachments from strangers; delete them instead
- re-new the default system password using the [[passwd]] utility
- use an operating system with a recent Linux kernel version: %%uname -a%%
- use the latest available versions of: [[gnupg]], [[libgcrypt]], [[openssl]]
- activate the software firewall ([[http://www.murga-linux.com/puppy/viewtopic.php?t=66966 discussion]]): //Menu > Setup > Linux-Firewall Wizard//
- use the latest available versions of file-system tools: [[bzip2]], [[dosfstools]], [[e2fsprogs]], [[grep]], [[gzip]], [[ntfs3g]], [[tar]], [[xz]]
- use [[encryption]]
- SecureErase
- always have a minimum of three identical versions of valuable or important files on physically //separate// media
- disable ""JavaScript"" within the Web browser (with a subsequent loss in Web-page functionality)
- perform virus detection: ClamAV

==Further Reading==
~http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
~https://github.com/freedomofpress/securedrop
~[[http://www.osnews.com/story/21901/Adobe_s_Flash_Flawed_Time_to_Do_Without_/ Potential Flash point]]
~http://www.builderau.com.au/program/linux
~[[http://www.murga-linux.com/puppy/index.php?f=47 Security forum thread]]
~[[http://www.seifried.org/security/index.php/Linux_Security Linux Security]]
~[[http://csrc.nist.gov/publications/history/ Security History]]
~[[http://tldp.org/HOWTO/Security-Quickstart-HOWTO/ Linux security Howto]]
~[[http://www.sans.org/top20/top10.php 10 tips]]
~[[http://www.heise.de/tp/r4/artikel/5/5263/1.html NSA in Windows]]
~[[http://www.sans.org/top-cyber-security-risks/ Top Cyber Security Risks]]
~[[http://www.lonerunners.net/blog/archives/722-My-Top-10-Security-Live-CD.html Live Linux CD for security]]
~[[http://www.makeuseof.com/tag/how-to-password-protect-grub-entries-linux/ Password protect GRUB]]
~[[http://group51.org group51.org]]
~[[http://sectools.org/index.html]]
~http://www.virustotal.com/
~http://www.cryptoheaven.com/
~http://epic.org/privacy/tools.html
~http://news.cnet.com/8301-13880_3-20010350-68.html?tag=mncol;mlt_related
~[[http://murga-linux.com/puppy/viewtopic.php?t=41146 forum topic]]
~[[http://www.murga-linux.com/puppy/viewtopic.php?p=405903 forum topic]]

==Appendix==
Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cyber-criminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows: 'If you are using the internet for a commercial transaction, use a Linux boot up disk - such as Ubuntu or some of the other flavours. **Puppy Linux** is a nice small distribution that boots up fairly quickly. It gives you an operating system which is perfectly clean and operates only in the memory of the computer and is a perfectly safe way of doing Internet banking'. [[http://www.itnews.com.au/News/157767,nsw-police-dont-use-windows-for-internet-banking.aspx Source]]

==Security set-up for Puppy 2.16==
1 Open console type 'passwd'. enter your new password twice.

2 Run 'lock' on desktop and enter password from step 1

*you may want to select 'blank' from the config to save on processor usage

3 edit /etc/inittab to look like this:
%%::sysinit:/etc/rc.d/rc.sysinit
tty1::respawn:/sbin/getty 38400 tty1
tty2::respawn:/sbin/getty 38400 tty2
::ctrlaltdel:/sbin/reboot%%

*this keeps someone from killing lock with ctrl+alt+backspace and logging back in automatically and also gives the option on bootup to enter 'root' and 'password'.

==Create Password==
Boot Puppy

ctrl+alt+F2 (because my eyes are going and this is easier to read than in a console)

"
puppypc login :root
Password : well known and published password
#passwd
Changing password for root
New password : a new and unpublished password
Retype password : a new and unpublished password
Password for root changed by root
"

ctrl+alt+F3 (back to GUI)(F4 for some puppies)

Open terminal and type: passwd

Create a user to run applications.

Open terminal and type: cd / && mkdir home

Think of your new user name and then type in console: cd /home && mkdir ""YourNickHere""

Now copy these files to /home/""YourNickHere""
.bashrc, .fonts.cache-1, .gtkrc-2.0, .gtkrc.mine, .Xdefaults, .Xresources

Open terminal and type: adduser ""YourNickHere""

Run applications as ""YourNickHere"" by typing su -c application ""YourNickHere""
example: su -c gaim ""YourNickHere""

Make applications run as ""YourNickHere"" by default:

Edit application launchers to resemble this, su -c application ""YourNickHere""

Puppy has a personal wiki called ""DidiWiki"", with its own inbuilt HTTP server, so is accessed from a web browser, either locally or over a network/Internet. What we do in this case is run ""DidiWiki"" as user "spot". We can run an individual server application as a restricted non-root user, even though you yourself are still logged in as root.

==Also on the Wiki==
~[[AttackPup]] - Puppy for network testing
~[[PenetrationTesting penetration testing]] - network testing
~[[Privacy]] - Keeping your information private
~[[WatchDog]] - Puppy for securing your home
~[[Spot|Root, Spot and Fido user accounts]] - Spot and Fido accounts don't have root privileges
~[[encryption]]
~SecureErase
~ClamAV


==Related Webpages==
~[[http://bkhome.org/blog/?viewDetailed=02241 Fido on Barry's blog]]
~[[http://murga-linux.com/puppy/viewtopic.php?p=335216#335216 Puppy GROWL thread]]
~[[http://youtu.be/_uZ_qZgOwg4 Lobster security podcast]]
~[[http://www.murga-linux.com/puppy/viewtopic.php?p=633797#633797 Running as Root - tallboy perspective]]

----
==Categories==
CategorySecurity
CategoryTutorial
CategoryIndex
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki