Is Security important for you?

Talk here about security in general. Posting illegals software is prohibited. All stuffs in this forum must be considered as for "Educational purpose only".
donald
Full of knowledge
Full of knowledge
Posts: 2064
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: Is Security important for you?

Post#16 by donald » 09 Mar 2014, 11:20

Hello jmurrinux
Well, talking about security,(not to be confused with privacy), could become a long philosophical discussion.
What security ?
For me, the only thing that counts, is not to lose my (important) data.That's why I make backups.

Securing your OS/ box/ Router...,yes you can do this and that to get rid of the script-kiddies and schoolyard-hackers but you will never know,(as a normal user), if (e.g.) the router-firmware is faulty.(If you have your Router from your ISP,you have lost..)

As often in Life, it's all about Trust.If you click an exe in windows,who knows what's really going on? And in Linux ? yes it's open-source, but how many people (user) take a look at the source-code of a bigger Program which may have thousand Lines of code and how many of them can read and understand what this code does?....

nevertheless:
check the Routers security options
enable a firewall
use strong wifi/ root Passwords
don't let somebody touch your box--lol

And what about Privacy ?
to make It short: THERE IS NONE....believe me..LOL

User avatar
freestyler
Contributor
Contributor
Posts: 384
Joined: 17 Oct 2013, 14:21
Distribution: Porteus XFCE

Re: Is Security important for you?

Post#17 by freestyler » 10 Mar 2014, 00:47

jmurrinux wrote: I know, that if you really want a fort, then you hire a vpn for top notch security. If you know about a "free" VPN client, please let me know.
vpngate.net is a list of free vpn services. I just made a module that has a gui for openvpn and dnscrypt-proxy if you are interested.
https://www.porteus-apps.org

dustbunnies
Black ninja
Black ninja
Posts: 35
Joined: 01 Feb 2014, 09:17
Distribution: hop_around
Location: Calgary

Re: Is Security important for you?

Post#18 by dustbunnies » 12 Mar 2014, 21:37

phhpro wrote:full stop.

. . .

I happen to maintain a vast compilation of locked IPs

. . .

I'm not sharing
I'll revisit this thread on some overly hot summer day ~~ maybe take a nap, nice n cool in the shadow of that giant ego

:crazy:
{giggle}

lep
Ronin
Ronin
Posts: 2
Joined: 09 Jun 2014, 01:38
Distribution: 3.1
Location: America

Re: Is Security important for you?

Post#19 by lep » 10 Jun 2014, 00:16

I am concerned about privacy and security, as I am with all operating systems. I want to run stock Porteus and simply extend the current security measures. I found this https://www.linuxquestions.org/question ... rnel-36059 about installing GRSecurity and hardening slackware. I've done most of the options listed that seem feasible (I'm not touching anything boot related with a stick) with Porteus. So, I think I'm left with the last item, which is to harden the kernel, with GRSecurity, Tomoyo, or RSBAC (or SELinux or AppArmor which are not mentioned). I think I prefer GRSecurity but will it even work on Porteus? Is there another option to harden the kernel? Or is the kernel already hardened? Porteus is fairly security orientated and I still consider myself a noob so that thought has occurred to me.

P.S. if anyone reviews the link above and really think some of the hardening options, sans GRSecurity, should be on my list let me know.
D.P.S. I don't know how to get the url to format right so that would be helpful, too. :wall:

User avatar
brokenman
Site Admin
Site Admin
Posts: 6105
Joined: 27 Dec 2010, 03:50
Distribution: Porteus v4 all desktops
Location: Brazil

Re: Is Security important for you?

Post#20 by brokenman » 10 Jun 2014, 01:52

Select the link with your cursor and then click on the URL button above the editing box. It should be noted that if it is possible in slackware the it is no doubt possible in Porteus.

I will address the individual points in the list of hardening.

1. Physically secure your Laptop or Desktop to keep it from being stolen.
Securing your laptop to your desktop turns it into a desktop. Not too sure how one secures a desktop.

2. Password protect the BIOS and Lilo (after installing) to keep people from booting with USB sticks, Cd-ROMs, etc.
Great for public or office computers.

3. Install Slackware using LUKS to encrypt your Hard Drive.
Good idea. Possible in Porteus.

4. Create a good User Password and a strong Root Password. Check with John The Ripper.
Obvious

5. Turn off all Services you will not be using. See my Tutorial.
Good idea. Porteus ships wit minimal services running.

6. Remove as many packages as you can for applications you will not be using. See my Package Removal Script.
Porteus ships as a minimal distribution. It is already stripped bare.

7. Update your system packages to run the most current software. Manually update or use Slackpkg.
Good idea. Check latest openssl exploits for an example. These can updated in our package manager. (I should add an update all packages feature)

8. Configure Su/Sudo to restrict who is able to su to root. See my Tutorial.
The only user (besides root) that Porteus ships with has (and needs) su rights.

9. Use Security-Enhancing Software to detect unwanted changes to your machine. Aide, Chkrootkit, Rkhunter and Lynis.
I run Porteus in 'always fresh' mode to circumvent this possibility.

10. Harden you Login Manager (XDM, KDM, GDM, or SLim) so it does not give out Usernames and never set it up for Automatic Login.
Default in porteus is to autologin to guest. A simple cheatcode can autolog you in as root. You should change this.

11. Install a Firewall. You can use a Firewall Script, FireHol, UFW, or Arno-IpTables-Firewall from SlackBuilds.org
Activate firewal using Porteus Settings Centre

12. Lock-down your browser since that is where malicious code can come into your computer.
Good idea, but IMHO only if you are not saving yourself from yourself.

13. Turn on the NX Bit if your hardware supports it.
Huh?

14. Compile and install a Hardened Kernel like GrSecurity/Pax, Tomoyo, or RSBAC and configure the Mandatory Access Control System.
I would have to look into this.

Now i will go and read the article in full and run the test app they have.
How do i become super user?
Wear your underpants on the outside and put on a cape.

lep
Ronin
Ronin
Posts: 2
Joined: 09 Jun 2014, 01:38
Distribution: 3.1
Location: America

Re: Is Security important for you?

Post#21 by lep » 14 Jun 2014, 04:17

brokenman wrote:Select the link with your cursor and then click on the URL button above the editing box. It should be noted that if it is possible in slackware the it is no doubt possible in Porteus.

I will address the individual points in the list of hardening.

1. Physically secure your Laptop or Desktop to keep it from being stolen.
Securing your laptop to your desktop turns it into a desktop. Not too sure how one secures a desktop.

2. Password protect the BIOS and Lilo (after installing) to keep people from booting with USB sticks, Cd-ROMs, etc.
Great for public or office computers.

3. Install Slackware using LUKS to encrypt your Hard Drive.
Good idea. Possible in Porteus.

4. Create a good User Password and a strong Root Password. Check with John The Ripper.
Obvious

5. Turn off all Services you will not be using. See my Tutorial.
Good idea. Porteus ships wit minimal services running.

6. Remove as many packages as you can for applications you will not be using. See my Package Removal Script.
Porteus ships as a minimal distribution. It is already stripped bare.

7. Update your system packages to run the most current software. Manually update or use Slackpkg.
Good idea. Check latest openssl exploits for an example. These can updated in our package manager. (I should add an update all packages feature)

8. Configure Su/Sudo to restrict who is able to su to root. See my Tutorial.
The only user (besides root) that Porteus ships with has (and needs) su rights.

9. Use Security-Enhancing Software to detect unwanted changes to your machine. Aide, Chkrootkit, Rkhunter and Lynis.
I run Porteus in 'always fresh' mode to circumvent this possibility.

10. Harden you Login Manager (XDM, KDM, GDM, or SLim) so it does not give out Usernames and never set it up for Automatic Login.
Default in porteus is to autologin to guest. A simple cheatcode can autolog you in as root. You should change this.

11. Install a Firewall. You can use a Firewall Script, FireHol, UFW, or Arno-IpTables-Firewall from SlackBuilds.org
Activate firewal using Porteus Settings Centre

12. Lock-down your browser since that is where malicious code can come into your computer.
Good idea, but IMHO only if you are not saving yourself from yourself.

13. Turn on the NX Bit if your hardware supports it.
Huh?

14. Compile and install a Hardened Kernel like GrSecurity/Pax, Tomoyo, or RSBAC and configure the Mandatory Access Control System.
I would have to look into this.

Now i will go and read the article in full and run the test app they have.
Thanks for reviewing it. :good: I have done everything that you greenlighted except #3. I'll give that a shot.

User avatar
francois
Contributor
Contributor
Posts: 6434
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus nemesis
Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.

Re: Is Security important for you?

Post#22 by francois » 25 Jan 2015, 22:46

@brokenman:
The links to the tutorial in item 5 and 8 would be appreciated. :)
Prendre son temps, profiter de celui qui passe.

User avatar
Rava
Contributor
Contributor
Posts: 5401
Joined: 11 Jan 2011, 02:46
Distribution: XFCE 5.01 x86_64 + 4.0 i586
Location: Forests of Germany

Re: Is Security important for you?

Post#23 by Rava » 01 Mar 2015, 11:08

francois wrote:@brokenman:
The links to the tutorial in item 5 and 8 would be appreciated. :)
I second that, please give us the URL's to these. :D
Cheers!
Yours Rava

donald
Full of knowledge
Full of knowledge
Posts: 2064
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: Is Security important for you?

Post#24 by donald » 01 Mar 2015, 14:00

Hi guys
The points 1..14 are the (not) quoted (Head)-lines from here:
http://www.linuxquestions.org/questions ... rnel-36059
with brokenmans answer one line below.
There is no other tutorial... :wink:

User avatar
Rava
Contributor
Contributor
Posts: 5401
Joined: 11 Jan 2011, 02:46
Distribution: XFCE 5.01 x86_64 + 4.0 i586
Location: Forests of Germany

Re: Is Security important for you?

Post#25 by Rava » 01 Mar 2015, 16:24

I see... finally. So the "See my Package Removal Script." or "See my Tutorial." are by the original user from LQ, aka arniekat , who wrote that LQ blog, and sure he refers to some tuts or scripts he most probably also posted as LQ blogs... :)

When I have some time I will look for that stuff on LQ, but now I have to log off and do some RL stuff. xD
Cheers!
Yours Rava

monjs
White ninja
White ninja
Posts: 4
Joined: 11 Apr 2015, 16:52
Distribution: 3.1
Location: USA

Re: Is Security important for you?

Post#26 by monjs » 11 Apr 2015, 17:09

brokenman wrote:7. Update your system packages to run the most current software. Manually update or use Slackpkg.
Good idea. Check latest openssl exploits for an example. These can updated in our package manager. (I should add an update all packages feature)
Need 1 asap for ppl like me from ubuntu where those updates were handled automatically, I don't think a lot of users are even aware they have to update the browser and other things with usm. :(

User avatar
francois
Contributor
Contributor
Posts: 6434
Joined: 28 Dec 2010, 14:25
Distribution: xfce plank porteus nemesis
Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.

Re: Is Security important for you?

Post#27 by francois » 12 Apr 2015, 01:10

Need 1 asap for ppl like me

You have to use plain english in this forume. :wink:
Prendre son temps, profiter de celui qui passe.

Post Reply