Wiki source for security
{{include tonguesSecurity}}
[[HomePage]] > [[ComponentHowTo Components and HowTos]] > [[Security]]
{{image width="48" height="48" url="http://img814.imageshack.us/img814/5626/logowoof4.png" title="" alt=""}}
====Security====
~Security includes protection from data loss, data theft and data corruption.
==List of Precautions==
- use [[https://brave.com/ Brave]] Web browser
- //never// open un-solicited e-mail attachments from strangers; delete them instead
- re-new the default system password using the [[passwd]] utility
- use an operating system with a recent Linux kernel version: %%uname -a%%
- use the latest available versions of: [[gnupg]], [[libgcrypt]], [[openssl]]
- activate the software firewall ([[http://www.murga-linux.com/puppy/viewtopic.php?t=66966 discussion]]): //Menu > Setup > Linux-Firewall Wizard//
- use [[encryption]]
- SecureErase
- always have a minimum of three identical versions of valuable or important files on physically //separate// media
- disable ""JavaScript"" within the Web browser (with a subsequent loss in Web-page functionality)
- (optional) perform virus detection: ClamAV
==Further Reading==
~https://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
~https://github.com/freedomofpress/securedrop
~[[https://www.osnews.com/story/21901/Adobe_s_Flash_Flawed_Time_to_Do_Without_/ Potential Flash point]]
~https://www.builderau.com.au/program/linux
~[[https://www.murga-linux.com/puppy/index.php?f=47 Security forum thread]]
~[[https://www.seifried.org/security/index.php/Linux_Security Linux Security]]
~[[https://csrc.nist.gov/publications/history/ Security History]]
~[[https://tldp.org/HOWTO/Security-Quickstart-HOWTO/ Linux security Howto]]
~[[https://www.sans.org/top20/top10.php 10 tips]]
~[[https://www.heise.de/tp/r4/artikel/5/5263/1.html NSA in Windows]]
~[[https://www.sans.org/top-cyber-security-risks/ Top Cyber Security Risks]]
~[[https://www.lonerunners.net/blog/archives/722-My-Top-10-Security-Live-CD.html Live Linux CD for security]]
~[[https://www.makeuseof.com/tag/how-to-password-protect-grub-entries-linux/ Password protect GRUB]]
~[[https://group51.org group51.org]]
~[[https://sectools.org/index.html]]
~https://www.virustotal.com/
~https://www.cryptoheaven.com/
~https://epic.org/privacy/tools.html
~https://news.cnet.com/8301-13880_3-20010350-68.html?tag=mncol;mlt_related
~[[https://murga-linux.com/puppy/viewtopic.php?t=41146 forum topic]]
~[[https://www.murga-linux.com/puppy/viewtopic.php?p=405903 forum topic]]
==Appendix==
Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cyber-criminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows: 'If you are using the internet for a commercial transaction, use a Linux boot up disk - such as Ubuntu or some of the other flavours. **Puppy Linux** is a nice small distribution that boots up fairly quickly. It gives you an operating system which is perfectly clean and operates only in the memory of the computer and is a perfectly safe way of doing Internet banking'. [[http://www.itnews.com.au/News/157767,nsw-police-dont-use-windows-for-internet-banking.aspx Source]]
==Security set-up for Puppy 2.16==
1 Open console type 'passwd'. enter your new password twice.
2 Run 'lock' on desktop and enter password from step 1
*you may want to select 'blank' from the config to save on processor usage
3 edit /etc/inittab to look like this:
%%::sysinit:/etc/rc.d/rc.sysinit
tty1::respawn:/sbin/getty 38400 tty1
tty2::respawn:/sbin/getty 38400 tty2
::ctrlaltdel:/sbin/reboot%%
*this keeps someone from killing lock with ctrl+alt+backspace and logging back in automatically and also gives the option on bootup to enter 'root' and 'password'.
==Create Password==
Boot Puppy
ctrl+alt+F2 (because my eyes are going and this is easier to read than in a console)
"
puppypc login :root
Password : well known and published password
#passwd
Changing password for root
New password : a new and unpublished password
Retype password : a new and unpublished password
Password for root changed by root
"
ctrl+alt+F3 (back to GUI)(F4 for some puppies)
Open terminal and type: passwd
Create a user to run applications.
Open terminal and type: cd / && mkdir home
Think of your new user name and then type in console: cd /home && mkdir ""YourNickHere""
Now copy these files to /home/""YourNickHere""
.bashrc, .fonts.cache-1, .gtkrc-2.0, .gtkrc.mine, .Xdefaults, .Xresources
Open terminal and type: adduser ""YourNickHere""
Run applications as ""YourNickHere"" by typing su -c application ""YourNickHere""
example: su -c gaim ""YourNickHere""
Make applications run as ""YourNickHere"" by default:
Edit application launchers to resemble this, su -c application ""YourNickHere""
Puppy has a personal wiki called ""DidiWiki"", with its own inbuilt HTTP server, so is accessed from a web browser, either locally or over a network/Internet. What we do in this case is run ""DidiWiki"" as user "spot". We can run an individual server application as a restricted non-root user, even though you yourself are still logged in as root.
==Also on the Wiki==
~[[AttackPup]] - Puppy for network testing
~[[PenetrationTesting penetration testing]] - network testing
~[[Privacy]] - Keeping your information private
~[[WatchDog]] - Puppy for securing your home
~[[Spot|Root, Spot and Fido user accounts]] - Spot and Fido accounts don't have root privileges
~[[encryption]]
~SecureErase
~ClamAV
==Related Webpages==
~[[https://bkhome.org/blog/?viewDetailed=02241 Fido on Barry's blog]]
~[[https://murga-linux.com/puppy/viewtopic.php?p=335216#335216 Puppy GROWL thread]]
~[[https://youtu.be/_uZ_qZgOwg4 Lobster security podcast]]
~[[https://www.murga-linux.com/puppy/viewtopic.php?p=633797#633797 Running as Root - tallboy perspective]]
----
==Categories==
CategorySecurity
CategoryTutorial
CategoryIndex
[[HomePage]] > [[ComponentHowTo Components and HowTos]] > [[Security]]
{{image width="48" height="48" url="http://img814.imageshack.us/img814/5626/logowoof4.png" title="" alt=""}}
====Security====
~Security includes protection from data loss, data theft and data corruption.
==List of Precautions==
- use [[https://brave.com/ Brave]] Web browser
- //never// open un-solicited e-mail attachments from strangers; delete them instead
- re-new the default system password using the [[passwd]] utility
- use an operating system with a recent Linux kernel version: %%uname -a%%
- use the latest available versions of: [[gnupg]], [[libgcrypt]], [[openssl]]
- activate the software firewall ([[http://www.murga-linux.com/puppy/viewtopic.php?t=66966 discussion]]): //Menu > Setup > Linux-Firewall Wizard//
- use [[encryption]]
- SecureErase
- always have a minimum of three identical versions of valuable or important files on physically //separate// media
- disable ""JavaScript"" within the Web browser (with a subsequent loss in Web-page functionality)
- (optional) perform virus detection: ClamAV
==Further Reading==
~https://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
~https://github.com/freedomofpress/securedrop
~[[https://www.osnews.com/story/21901/Adobe_s_Flash_Flawed_Time_to_Do_Without_/ Potential Flash point]]
~https://www.builderau.com.au/program/linux
~[[https://www.murga-linux.com/puppy/index.php?f=47 Security forum thread]]
~[[https://www.seifried.org/security/index.php/Linux_Security Linux Security]]
~[[https://csrc.nist.gov/publications/history/ Security History]]
~[[https://tldp.org/HOWTO/Security-Quickstart-HOWTO/ Linux security Howto]]
~[[https://www.sans.org/top20/top10.php 10 tips]]
~[[https://www.heise.de/tp/r4/artikel/5/5263/1.html NSA in Windows]]
~[[https://www.sans.org/top-cyber-security-risks/ Top Cyber Security Risks]]
~[[https://www.lonerunners.net/blog/archives/722-My-Top-10-Security-Live-CD.html Live Linux CD for security]]
~[[https://www.makeuseof.com/tag/how-to-password-protect-grub-entries-linux/ Password protect GRUB]]
~[[https://group51.org group51.org]]
~[[https://sectools.org/index.html]]
~https://www.virustotal.com/
~https://www.cryptoheaven.com/
~https://epic.org/privacy/tools.html
~https://news.cnet.com/8301-13880_3-20010350-68.html?tag=mncol;mlt_related
~[[https://murga-linux.com/puppy/viewtopic.php?t=41146 forum topic]]
~[[https://www.murga-linux.com/puppy/viewtopic.php?p=405903 forum topic]]
==Appendix==
Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cyber-criminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows: 'If you are using the internet for a commercial transaction, use a Linux boot up disk - such as Ubuntu or some of the other flavours. **Puppy Linux** is a nice small distribution that boots up fairly quickly. It gives you an operating system which is perfectly clean and operates only in the memory of the computer and is a perfectly safe way of doing Internet banking'. [[http://www.itnews.com.au/News/157767,nsw-police-dont-use-windows-for-internet-banking.aspx Source]]
==Security set-up for Puppy 2.16==
1 Open console type 'passwd'. enter your new password twice.
2 Run 'lock' on desktop and enter password from step 1
*you may want to select 'blank' from the config to save on processor usage
3 edit /etc/inittab to look like this:
%%::sysinit:/etc/rc.d/rc.sysinit
tty1::respawn:/sbin/getty 38400 tty1
tty2::respawn:/sbin/getty 38400 tty2
::ctrlaltdel:/sbin/reboot%%
*this keeps someone from killing lock with ctrl+alt+backspace and logging back in automatically and also gives the option on bootup to enter 'root' and 'password'.
==Create Password==
Boot Puppy
ctrl+alt+F2 (because my eyes are going and this is easier to read than in a console)
"
puppypc login :root
Password : well known and published password
#passwd
Changing password for root
New password : a new and unpublished password
Retype password : a new and unpublished password
Password for root changed by root
"
ctrl+alt+F3 (back to GUI)(F4 for some puppies)
Open terminal and type: passwd
Create a user to run applications.
Open terminal and type: cd / && mkdir home
Think of your new user name and then type in console: cd /home && mkdir ""YourNickHere""
Now copy these files to /home/""YourNickHere""
.bashrc, .fonts.cache-1, .gtkrc-2.0, .gtkrc.mine, .Xdefaults, .Xresources
Open terminal and type: adduser ""YourNickHere""
Run applications as ""YourNickHere"" by typing su -c application ""YourNickHere""
example: su -c gaim ""YourNickHere""
Make applications run as ""YourNickHere"" by default:
Edit application launchers to resemble this, su -c application ""YourNickHere""
Puppy has a personal wiki called ""DidiWiki"", with its own inbuilt HTTP server, so is accessed from a web browser, either locally or over a network/Internet. What we do in this case is run ""DidiWiki"" as user "spot". We can run an individual server application as a restricted non-root user, even though you yourself are still logged in as root.
==Also on the Wiki==
~[[AttackPup]] - Puppy for network testing
~[[PenetrationTesting penetration testing]] - network testing
~[[Privacy]] - Keeping your information private
~[[WatchDog]] - Puppy for securing your home
~[[Spot|Root, Spot and Fido user accounts]] - Spot and Fido accounts don't have root privileges
~[[encryption]]
~SecureErase
~ClamAV
==Related Webpages==
~[[https://bkhome.org/blog/?viewDetailed=02241 Fido on Barry's blog]]
~[[https://murga-linux.com/puppy/viewtopic.php?p=335216#335216 Puppy GROWL thread]]
~[[https://youtu.be/_uZ_qZgOwg4 Lobster security podcast]]
~[[https://www.murga-linux.com/puppy/viewtopic.php?p=633797#633797 Running as Root - tallboy perspective]]
----
==Categories==
CategorySecurity
CategoryTutorial
CategoryIndex
