Tag Archives: security

Spring Time! Now you are ready to protect your Ubuntu – Debian system from Rootkits and Viruses

It’s Spring Time and after a long Winter surfing the web and testing new programs, it’s time to give a short rest to your computer, delete old files and scan the OS looking for possible rootkits or viruses. I usually use Ubuntu and the possibility of viruses is not high but… why I shouldn’t double-check to avoid viruses or rootkits?

- First step: Rootkits

Open your favourite Software Manager (I am na old school boy so Synaptics it’s my choice) and install rkhunter and chkrootkit. I know, they are two different programs that have the same goals so you can decide to install and use just one of them…

After the installation you can start using them just typing into a Terminal:

sudo rkhunter --update
sudo rkhunter --check

and/or:

sudo chkrootkit

Examine all the results and don’t be disoriented by possible “”false positives”. Try to understand if some “risks” you find in the results logs could be regular software you are using (e.g. encrypted disks, etc..)

- Second Step: Viruses

Install ClamAV to scan your disks and be sure you have not infected by common viruses.

Open a Terminal and type:

sudo aptitude install clamav clamav-daemon clamav-freshclam clamtk

Then to update the ClamAV engine and the virus lists just type:

sudo apt-get upgrade clamav clamav-daemon clamav-freshclam clamtk

At this point you find ClamTk into the Accessories Menu and you are able to scan your PC just clicking on some intuitive buttons in the graphical interface.

Good Luck!

Link

How to Login into Ubuntu 12.10 Using USB Flash Drive http://bit.ly/WtgNHI

How to configure Firestarter to use VPN services on Linux

2 Replies

VPN Linux In my experience Firestarter is a effective firewall and, on Linux, it starts automatically every time we boot up Ubuntu. But, when I decided to use a VPN tunnel through openvpn, I had some connection problems. In fact I was able to initialize my VPN services but, after a while, all the internet connections were mysteriously shut down.

The “problem” was Firestarter which cut off the connection as forbidden considering my inbound/outbound Policy.

To solve this matter you have to open a tunnel on Firestarter to allow VPN working:

1- open the configuration file my VPN provider gives to its users (generally its a text file containing all the configuration info used, in my case, by openvpn) and I searched for the IP address of the default starting connection used to authenticate the VPN services (e.g. 177.458.563.25). Save somewhere or memorize this VPN IP address.

2- open a Terminal and type:

sudo nautilus

3- using nautilus go to File System (it’s before home folder) and open etc–>firestarter and open the file user-pre using Gedit (or your preferred text editor)

4- the user-pre file is usually empty so don’t panic and write these lines into it:

iptables -A INPUT -j ACCEPT -s xxx.xxx.xxx.xxx -p esp
iptables -A INPUT -j ACCEPT -s xxx.xxx.xxx.xxx -p udp -m multiport -sports isakmp,10000
iptables -A INPUT -j ACCEPT -i tun+
iptables -A OUTPUT -j ACCEPT -d xxx.xxx.xxx.xxx -p esp
iptables -A OUTPUT -j ACCEPT -d xxx.xxx.xxx.xxx -p udp -m multiport -dports isakmp,10000
iptables -A OUTPUT -j ACCEPT -o tun+

Now you have to substitute the xxx.xxx.xxx.xxx with the VPN IP address you have found at step 1 (in my example was 177.458.563.25).

5- Save the user-pre file and close Gedit and Nautilus

6- open a new Terminal and restart Firestarter typing:

sudo /etc/init.d/firestarter restart

That’all! Now your VPN works on your Linux computer and Firestarter has accepted a new Routed IP Tunnel into its allowed policies configuration.

“Security by obscurity does not work with inquisitive minds. There are many things that should be changed and some that have. Though our bodies may not be free, our minds are – free to learn, explore, to resist. Hack the world!“, Anonymous Writer, 2600 Magazine, Autumn 2012

Join the first Spy Week by Lifehacker!

Leave a reply

The first Spy Week starts today @Lifehacker with a bunch of interesting stories about topics related to the spy world. During the next days we will have the opportunity to improve our knowledge on different fields as e.g. sharing sensitive information over the internet or taking photographs without being noticed by other people. Moreover Lifehacker will publish some interviews with experts who share some tips and answer to every related question from the readers. For example, now, Steven Santarpia from ICORP Investigation is online and interacting with lifehackers. This week, be sure not to miss any topics about spying (+ hacking + social engineering) and visit the dedicated section into the Lifehacker website!

Watch your privacy! Upgrade your Firefox security with HTTPS Everywhere and HTTPS Finder!

Leave a reply

As we already discussed many times in this blog, we know that web security is something very difficult to reach but we can always try to improve our security when surfing into the web.

First of all, use Firefox! Do it! In my opinion it’s slower than Chrome but very “transparent” and so you have less risks to unintentionally share information you want to keep private. In my experience, Firefox could be safer than Chrome if you use the right adds-on.

Then, install a particular add-on named HTTPS Everywhere.

This add-on (for Firefox and Chrome) will automatically connect your browser to the https version of many websites contained in its “Rule list”. The number of https connections in the HTTPS Everywhere’s list is sufficiently wide and you can always decide to manually add new https addresses (more info) as in the following example:

<ruleset name=”Google”>
<target host=”www.google.com” />
<target host=”google.com” />

<rule from=”^http://(www\.)?google\.com/” to=”https://google.com/”/>
</ruleset>

If you prefer to save time and you don’t want to write some lines for every website you prefer to connect through https, you will install another add-on: HTTPS Finder. HTTPS Finder is perfectly interconnected with HTTPS Everywhere and it will try to reach every website you type into the address bar, using a https connection. If it finds a valid https website, it will ask you if you want to add a specific rule into HTTPS Everywhere rule list. At this point you have only to agree and the new rule will be stored in the list.

Simple, easy, useful!

Video – AnonimoX Firefox cuida tu privacidad en internet Ubuntu, Windows etc. by Pedrote2222

Leave a reply

Use the anonymoX add-on for Firefox to visit website protected by IP selection

3 Replies

What about listening to Pandora or other USA IP-based online music services if you are not into the USA? There are many add-on for Firefox which can help you to use the right proxy for appearing in different places in the world but, in my experience, you can have some difficulties when you try to use them.

In fact the IPs of free proxies change frequently and sometimes you are obliged to spend a lot of time searching for the right IP of free proxies. Other times the free proxy addresses are so overcrowded that you have to wait many seconds before you can visualize webpages.

One exception is anonymoX, a simple add-on for Firefox which always works properly and assure a good connection speed. AnonymoX has two different service levels, the free basic service has fewer features but it really works properly and it’s fast.

With the free level you can choose your favourite IP exit country between USA, UK and NL. You can also decide if you prefer to stealth your web surfing using anonymoX features or the classic TOR servers. Moreover, you can change your fictional ID every times you want also while you are surfing the web.

During all our tests anonymoX was able to assure us a good surfing privacy, in particular we successfully tried to change browser id and we really appreciated the possibility of visiting .onion websites through the Tor option. Recommended!!!

How to permanently remove files in Ubuntu/linux and make them unrecoverable by NickMcDTV

Leave a reply

How to shred (permanently delete) files from your Hard Disks on Ubuntu Linux

Leave a reply

In our last post we examined the possibility to recover deleted data from USB keys and disks. Today we want to focus your attention on the proper way to destroy sensitive data from your disks.

On Ubuntu you have the possibility to move any file to the Trash but, as we demonstrate in our last post, anyone has the possibility to recover them using a simple, basic GUI, program called PhotoRec.

If you want to be reasonably sure that none will be able to recover a file you decided to permanently delete you have to use the Shred command. Shred is native in Ubuntu Kernel and literally delete your files overwriting them repeatedly with arbitrary data. After you delete a file with Shred you can be sufficiently sure that recovering procedures will not succeed.

As usual we must warn you that technology is rapidly evolving and what could be considered sure today, tomorrow will be out of date! So, if you think you need to preserve your privacy in the best way, don’t forget to change the hard disks regularly and mechanically destroy your old ones. Sincerely we hope our readers haven’t this kind of need.

To start using Shred on Ubuntu you have to open a Terminal and type:

sudo shred –help

In this way you will visualize the grammar and all the possible options offered by this program.

The correct grammar to use Shred is:

shred [OPTIONS] FILE

or, if you want to shred a entire partition:

shred [OPTIONS] /dev/[HDA9]

The possible options are:

-f, –force    change permissions to allow writing if necessary
-n, –iterations=N overwrite N times instead of the default (3)
–random-source=FILE get random bytes from FILE
-s, –size=N   shred this many bytes (suffixes like K, M, G accepted)
-u, –remove   truncate and remove file after overwriting
-v, –verbose show progress
-x, –exact    do not round file sizes up to the next full block;
this is the default for non-regular files
-z, –zero     add a final overwrite with zeros to hide shredding
–help     display this help and exit
–version output version information and exit

In our experience, to operate in the fastest way, we decided to add Shred on the Nautilus Menu and have the command ready with a simple right click on the mouse.

For this reason you have to open a Terminal and type:

sudo apt-get install nautilus-actions

Then you launch the program following this path: System->Preference->Nautilus Actions Configuration.

Last, you have to configure Shred filling e.g. the following parameters:

Label: Shred
Tooltip: Shred utility to securely erase files
Icon: gtk-dialog-warning
Path: shred
Parameters: -f -u -v -z %M
Filenames: *
Mimetypes: */*
Appears if selection contains: Both
Be sure to check the box “Appears if selection has multiple files or folders“

To finish your configuration, do not forget to open again a Terminal and type:

nautilus -q

nautilus