Is Security important for you?
-
- Full of knowledge
- Posts: 2104
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: Is Security important for you?
Hello jmurrinux
Well, talking about security,(not to be confused with privacy), could become a long philosophical discussion.
What security ?
For me, the only thing that counts, is not to lose my (important) data.That's why I make backups.
Securing your OS/ box/ Router...,yes you can do this and that to get rid of the script-kiddies and schoolyard-hackers but you will never know,(as a normal user), if (e.g.) the router-firmware is faulty.(If you have your Router from your ISP,you have lost..)
As often in Life, it's all about Trust.If you click an exe in windows,who knows what's really going on? And in Linux ? yes it's open-source, but how many people (user) take a look at the source-code of a bigger Program which may have thousand Lines of code and how many of them can read and understand what this code does?....
nevertheless:
check the Routers security options
enable a firewall
use strong wifi/ root Passwords
don't let somebody touch your box--lol
And what about Privacy ?
to make It short: THERE IS NONE....believe me..LOL
Well, talking about security,(not to be confused with privacy), could become a long philosophical discussion.
What security ?
For me, the only thing that counts, is not to lose my (important) data.That's why I make backups.
Securing your OS/ box/ Router...,yes you can do this and that to get rid of the script-kiddies and schoolyard-hackers but you will never know,(as a normal user), if (e.g.) the router-firmware is faulty.(If you have your Router from your ISP,you have lost..)
As often in Life, it's all about Trust.If you click an exe in windows,who knows what's really going on? And in Linux ? yes it's open-source, but how many people (user) take a look at the source-code of a bigger Program which may have thousand Lines of code and how many of them can read and understand what this code does?....
nevertheless:
check the Routers security options
enable a firewall
use strong wifi/ root Passwords
don't let somebody touch your box--lol
And what about Privacy ?
to make It short: THERE IS NONE....believe me..LOL
- freestyler
- Contributor
- Posts: 384
- Joined: 17 Oct 2013, 14:21
- Distribution: Porteus XFCE
Re: Is Security important for you?
vpngate.net is a list of free vpn services. I just made a module that has a gui for openvpn and dnscrypt-proxy if you are interested.jmurrinux wrote: I know, that if you really want a fort, then you hire a vpn for top notch security. If you know about a "free" VPN client, please let me know.
https://www.porteus-apps.org
-
- Black ninja
- Posts: 35
- Joined: 01 Feb 2014, 09:17
- Distribution: hop_around
- Location: Calgary
Re: Is Security important for you?
I'll revisit this thread on some overly hot summer day ~~ maybe take a nap, nice n cool in the shadow of that giant egophhpro wrote:full stop.
. . .
I happen to maintain a vast compilation of locked IPs
. . .
I'm not sharing

{giggle}
Re: Is Security important for you?
I am concerned about privacy and security, as I am with all operating systems. I want to run stock Porteus and simply extend the current security measures. I found this https://www.linuxquestions.org/question ... rnel-36059 about installing GRSecurity and hardening slackware. I've done most of the options listed that seem feasible (I'm not touching anything boot related with a stick) with Porteus. So, I think I'm left with the last item, which is to harden the kernel, with GRSecurity, Tomoyo, or RSBAC (or SELinux or AppArmor which are not mentioned). I think I prefer GRSecurity but will it even work on Porteus? Is there another option to harden the kernel? Or is the kernel already hardened? Porteus is fairly security orientated and I still consider myself a noob so that thought has occurred to me.
P.S. if anyone reviews the link above and really think some of the hardening options, sans GRSecurity, should be on my list let me know.
D.P.S. I don't know how to get the url to format right so that would be helpful, too.
P.S. if anyone reviews the link above and really think some of the hardening options, sans GRSecurity, should be on my list let me know.
D.P.S. I don't know how to get the url to format right so that would be helpful, too.

- brokenman
- Site Admin
- Posts: 6105
- Joined: 27 Dec 2010, 03:50
- Distribution: Porteus v4 all desktops
- Location: Brazil
Re: Is Security important for you?
Select the link with your cursor and then click on the URL button above the editing box. It should be noted that if it is possible in slackware the it is no doubt possible in Porteus.
I will address the individual points in the list of hardening.
1. Physically secure your Laptop or Desktop to keep it from being stolen.
Securing your laptop to your desktop turns it into a desktop. Not too sure how one secures a desktop.
2. Password protect the BIOS and Lilo (after installing) to keep people from booting with USB sticks, Cd-ROMs, etc.
Great for public or office computers.
3. Install Slackware using LUKS to encrypt your Hard Drive.
Good idea. Possible in Porteus.
4. Create a good User Password and a strong Root Password. Check with John The Ripper.
Obvious
5. Turn off all Services you will not be using. See my Tutorial.
Good idea. Porteus ships wit minimal services running.
6. Remove as many packages as you can for applications you will not be using. See my Package Removal Script.
Porteus ships as a minimal distribution. It is already stripped bare.
7. Update your system packages to run the most current software. Manually update or use Slackpkg.
Good idea. Check latest openssl exploits for an example. These can updated in our package manager. (I should add an update all packages feature)
8. Configure Su/Sudo to restrict who is able to su to root. See my Tutorial.
The only user (besides root) that Porteus ships with has (and needs) su rights.
9. Use Security-Enhancing Software to detect unwanted changes to your machine. Aide, Chkrootkit, Rkhunter and Lynis.
I run Porteus in 'always fresh' mode to circumvent this possibility.
10. Harden you Login Manager (XDM, KDM, GDM, or SLim) so it does not give out Usernames and never set it up for Automatic Login.
Default in porteus is to autologin to guest. A simple cheatcode can autolog you in as root. You should change this.
11. Install a Firewall. You can use a Firewall Script, FireHol, UFW, or Arno-IpTables-Firewall from SlackBuilds.org
Activate firewal using Porteus Settings Centre
12. Lock-down your browser since that is where malicious code can come into your computer.
Good idea, but IMHO only if you are not saving yourself from yourself.
13. Turn on the NX Bit if your hardware supports it.
Huh?
14. Compile and install a Hardened Kernel like GrSecurity/Pax, Tomoyo, or RSBAC and configure the Mandatory Access Control System.
I would have to look into this.
Now i will go and read the article in full and run the test app they have.
I will address the individual points in the list of hardening.
1. Physically secure your Laptop or Desktop to keep it from being stolen.
Securing your laptop to your desktop turns it into a desktop. Not too sure how one secures a desktop.
2. Password protect the BIOS and Lilo (after installing) to keep people from booting with USB sticks, Cd-ROMs, etc.
Great for public or office computers.
3. Install Slackware using LUKS to encrypt your Hard Drive.
Good idea. Possible in Porteus.
4. Create a good User Password and a strong Root Password. Check with John The Ripper.
Obvious
5. Turn off all Services you will not be using. See my Tutorial.
Good idea. Porteus ships wit minimal services running.
6. Remove as many packages as you can for applications you will not be using. See my Package Removal Script.
Porteus ships as a minimal distribution. It is already stripped bare.
7. Update your system packages to run the most current software. Manually update or use Slackpkg.
Good idea. Check latest openssl exploits for an example. These can updated in our package manager. (I should add an update all packages feature)
8. Configure Su/Sudo to restrict who is able to su to root. See my Tutorial.
The only user (besides root) that Porteus ships with has (and needs) su rights.
9. Use Security-Enhancing Software to detect unwanted changes to your machine. Aide, Chkrootkit, Rkhunter and Lynis.
I run Porteus in 'always fresh' mode to circumvent this possibility.
10. Harden you Login Manager (XDM, KDM, GDM, or SLim) so it does not give out Usernames and never set it up for Automatic Login.
Default in porteus is to autologin to guest. A simple cheatcode can autolog you in as root. You should change this.
11. Install a Firewall. You can use a Firewall Script, FireHol, UFW, or Arno-IpTables-Firewall from SlackBuilds.org
Activate firewal using Porteus Settings Centre
12. Lock-down your browser since that is where malicious code can come into your computer.
Good idea, but IMHO only if you are not saving yourself from yourself.
13. Turn on the NX Bit if your hardware supports it.
Huh?
14. Compile and install a Hardened Kernel like GrSecurity/Pax, Tomoyo, or RSBAC and configure the Mandatory Access Control System.
I would have to look into this.
Now i will go and read the article in full and run the test app they have.
How do i become super user?
Wear your underpants on the outside and put on a cape.
Wear your underpants on the outside and put on a cape.
Re: Is Security important for you?
Thanks for reviewing it.brokenman wrote:Select the link with your cursor and then click on the URL button above the editing box. It should be noted that if it is possible in slackware the it is no doubt possible in Porteus.
I will address the individual points in the list of hardening.
1. Physically secure your Laptop or Desktop to keep it from being stolen.
Securing your laptop to your desktop turns it into a desktop. Not too sure how one secures a desktop.
2. Password protect the BIOS and Lilo (after installing) to keep people from booting with USB sticks, Cd-ROMs, etc.
Great for public or office computers.
3. Install Slackware using LUKS to encrypt your Hard Drive.
Good idea. Possible in Porteus.
4. Create a good User Password and a strong Root Password. Check with John The Ripper.
Obvious
5. Turn off all Services you will not be using. See my Tutorial.
Good idea. Porteus ships wit minimal services running.
6. Remove as many packages as you can for applications you will not be using. See my Package Removal Script.
Porteus ships as a minimal distribution. It is already stripped bare.
7. Update your system packages to run the most current software. Manually update or use Slackpkg.
Good idea. Check latest openssl exploits for an example. These can updated in our package manager. (I should add an update all packages feature)
8. Configure Su/Sudo to restrict who is able to su to root. See my Tutorial.
The only user (besides root) that Porteus ships with has (and needs) su rights.
9. Use Security-Enhancing Software to detect unwanted changes to your machine. Aide, Chkrootkit, Rkhunter and Lynis.
I run Porteus in 'always fresh' mode to circumvent this possibility.
10. Harden you Login Manager (XDM, KDM, GDM, or SLim) so it does not give out Usernames and never set it up for Automatic Login.
Default in porteus is to autologin to guest. A simple cheatcode can autolog you in as root. You should change this.
11. Install a Firewall. You can use a Firewall Script, FireHol, UFW, or Arno-IpTables-Firewall from SlackBuilds.org
Activate firewal using Porteus Settings Centre
12. Lock-down your browser since that is where malicious code can come into your computer.
Good idea, but IMHO only if you are not saving yourself from yourself.
13. Turn on the NX Bit if your hardware supports it.
Huh?
14. Compile and install a Hardened Kernel like GrSecurity/Pax, Tomoyo, or RSBAC and configure the Mandatory Access Control System.
I would have to look into this.
Now i will go and read the article in full and run the test app they have.

- francois
- Contributor
- Posts: 6498
- Joined: 28 Dec 2010, 14:25
- Distribution: xfce plank porteus nemesis
- Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.
Re: Is Security important for you?
@brokenman:
The links to the tutorial in item 5 and 8 would be appreciated.
The links to the tutorial in item 5 and 8 would be appreciated.

Prendre son temps, profiter de celui qui passe.
- Rava
- Contributor
- Posts: 5424
- Joined: 11 Jan 2011, 02:46
- Distribution: XFCE 5.01 x86_64 + 4.0 i586
- Location: Forests of Germany
Re: Is Security important for you?
I second that, please give us the URL's to these.francois wrote:@brokenman:
The links to the tutorial in item 5 and 8 would be appreciated.

Cheers!
Yours Rava
Yours Rava
-
- Full of knowledge
- Posts: 2104
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: Is Security important for you?
Hi guys
The points 1..14 are the (not) quoted (Head)-lines from here:
http://www.linuxquestions.org/questions ... rnel-36059
with brokenmans answer one line below.
There is no other tutorial...
The points 1..14 are the (not) quoted (Head)-lines from here:
http://www.linuxquestions.org/questions ... rnel-36059
with brokenmans answer one line below.
There is no other tutorial...

- Rava
- Contributor
- Posts: 5424
- Joined: 11 Jan 2011, 02:46
- Distribution: XFCE 5.01 x86_64 + 4.0 i586
- Location: Forests of Germany
Re: Is Security important for you?
I see... finally. So the "See my Package Removal Script." or "See my Tutorial." are by the original user from LQ, aka arniekat , who wrote that LQ blog, and sure he refers to some tuts or scripts he most probably also posted as LQ blogs...
When I have some time I will look for that stuff on LQ, but now I have to log off and do some RL stuff. xD

When I have some time I will look for that stuff on LQ, but now I have to log off and do some RL stuff. xD
Cheers!
Yours Rava
Yours Rava
Re: Is Security important for you?
Need 1 asap for ppl like me from ubuntu where those updates were handled automatically, I don't think a lot of users are even aware they have to update the browser and other things with usm.brokenman wrote:7. Update your system packages to run the most current software. Manually update or use Slackpkg.
Good idea. Check latest openssl exploits for an example. These can updated in our package manager. (I should add an update all packages feature)

- francois
- Contributor
- Posts: 6498
- Joined: 28 Dec 2010, 14:25
- Distribution: xfce plank porteus nemesis
- Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.
Re: Is Security important for you?
Need 1 asap for ppl like me
You have to use plain english in this forume.
You have to use plain english in this forume.

Prendre son temps, profiter de celui qui passe.