In my experience Firestarter is a effective firewall and, on Linux, it starts automatically every time we boot up Ubuntu. But, when I decided to use a VPN tunnel through openvpn, I had some connection problems. In fact I was able to initialize my VPN services but, after a while, all the internet connections were mysteriously shut down.
The “problem” was Firestarter which cut off the connection as forbidden considering my inbound/outbound Policy.
To solve this matter you have to open a tunnel on Firestarter to allow VPN working:
1- open the configuration file my VPN provider gives to its users (generally its a text file containing all the configuration info used, in my case, by openvpn) and I searched for the IP address of the default starting connection used to authenticate the VPN services (e.g. 177.458.563.25). Save somewhere or memorize this VPN IP address.
2- open a Terminal and type:
sudo nautilus
3- using nautilus go to File System (it’s before home folder) and open etc–>firestarter and open the file user-pre using Gedit (or your preferred text editor)
4- the user-pre file is usually empty so don’t panic and write these lines into it:
iptables -A INPUT -j ACCEPT -s xxx.xxx.xxx.xxx -p esp iptables -A INPUT -j ACCEPT -s xxx.xxx.xxx.xxx -p udp -m multiport -sports isakmp,10000 iptables -A INPUT -j ACCEPT -i tun+ iptables -A OUTPUT -j ACCEPT -d xxx.xxx.xxx.xxx -p esp iptables -A OUTPUT -j ACCEPT -d xxx.xxx.xxx.xxx -p udp -m multiport -dports isakmp,10000 iptables -A OUTPUT -j ACCEPT -o tun+
Now you have to substitute the xxx.xxx.xxx.xxx with the VPN IP address you have found at step 1 (in my example was 177.458.563.25).
5- Save the user-pre file and close Gedit and Nautilus
6- open a new Terminal and restart Firestarter typing:
sudo /etc/init.d/firestarter restart
That’all! Now your VPN works on your Linux computer and Firestarter has accepted a new Routed IP Tunnel into its allowed policies configuration. 
The first Spy Week starts today @Lifehacker with a bunch of interesting stories about topics related to the spy world. During the next days we will have the opportunity to improve our knowledge on different fields as e.g. sharing sensitive information over the internet or taking photographs without being noticed by other people. Moreover Lifehacker will publish some interviews with experts who share some tips and answer to every related question from the readers. For example, now, Steven Santarpia from ICORP Investigation is online and interacting with lifehackers. This week, be sure not to miss any topics about spying (+ hacking + social engineering) and visit the dedicated section into the Lifehacker website!
As we already discussed many times in this blog, we know that web security is something very difficult to reach but we can always try to improve our security when surfing into the web.
First of all, use Firefox! Do it! In my opinion it’s slower than Chrome but very “transparent” and so you have less risks to unintentionally share information you want to keep private. In my experience, Firefox could be safer than Chrome if you use the right adds-on.
Then, install a particular add-on named HTTPS Everywhere.
This add-on (for Firefox and Chrome) will automatically connect your browser to the https version of many websites contained in its “Rule list”. The number of https connections in the HTTPS Everywhere’s list is sufficiently wide and you can always decide to manually add new https addresses (more info) as in the following example:
<ruleset name=”Google”>
<target host=”www.google.com” />
<target host=”google.com” />
<rule from=”^http://(www\.)?google\.com/” to=”https://google.com/”/>
</ruleset>
If you prefer to save time and you don’t want to write some lines for every website you prefer to connect through https, you will install another add-on: HTTPS Finder. HTTPS Finder is perfectly interconnected with HTTPS Everywhere and it will try to reach every website you type into the address bar, using a https connection. If it finds a valid https website, it will ask you if you want to add a specific rule into HTTPS Everywhere rule list. At this point you have only to agree and the new rule will be stored in the list.
Simple, easy, useful! 
During the past weeks, we read many posts and articles about the new privacy rules that Google introduced for its web services. The goal of this specific post is not about discussing privacy agreements and the many interesting points of view about this kind of topics but we would like to focus your attention on a couple of “tricks” which can help you to increase the privacy level.
First of all, you can decide to use an alternative search engine which doesn’t log your activity and it is not possible to define your profile about your web activities.
Privatelee has been developed to offer better privacy to people who prefer not to have their web searches automatically analyzed by google.com.
This search engine can work on https mode and its search results are the mix between external search such as Google and Bing. You can also decide to use just one web engine or both. Comparing the results obtained we can affirm that Privatelee is really very effective and offers the same main features of Google and Bing.
Startpage is based on Google and has many flexible features that can be selected using the “settings” page. This particular search engine deletes all the logs after 48 hours and you can anonymously visualize images and videos or define how to manage cookies. Moreover, Startpage allows you to save your settings without using cookies.
As for Privatelee, please be sure to type https and not a “simple” http when you insert Startpage address in the bar.
Secondly, if you use Firefox, you can use a specific add-on TrackMeNot. TrackMeNot is a simple but useful add-on you can install on Firefox to obfuscate user search data profiler on Google, Bing, Yahoo, Baidu and others. TrackMeNot automatically issues random queries on the main search engines using a list a generic list of words. In this way, search engines are not able to create a real profile about you as web user. Your real searches will be just few between the hundreds fictionally created by TrackMeNot. TrackMeNot is completely configurable: you can choose the query frequency or define the klog of your automatic queries. By default, TrackMeNot uses the words contained in the RSS of four primary websites: The New York Times, CNN, MSNBC and The Register.
Last but not least, if you are using your PC in any area with poor Internet connection, you can disable TrackMe Not with just a click. Easy and fast!
In our last post we examined the possibility to recover deleted data from USB keys and disks. Today we want to focus your attention on the proper way to destroy sensitive data from your disks.
On Ubuntu you have the possibility to move any file to the Trash but, as we demonstrate in our last post, anyone has the possibility to recover them using a simple, basic GUI, program called PhotoRec.
If you want to be reasonably sure that none will be able to recover a file you decided to permanently delete you have to use the Shred command. Shred is native in Ubuntu Kernel and literally delete your files overwriting them repeatedly with arbitrary data. After you delete a file with Shred you can be sufficiently sure that recovering procedures will not succeed.
As usual we must warn you that technology is rapidly evolving and what could be considered sure today, tomorrow will be out of date! So, if you think you need to preserve your privacy in the best way, don’t forget to change the hard disks regularly and mechanically destroy your old ones. Sincerely we hope our readers haven’t this kind of need.
To start using Shred on Ubuntu you have to open a Terminal and type:
sudo shred –help
In this way you will visualize the grammar and all the possible options offered by this program.
The correct grammar to use Shred is:
shred [OPTIONS] FILE
or, if you want to shred a entire partition:
shred [OPTIONS] /dev/[HDA9]
The possible options are:
-f, –force change permissions to allow writing if necessary
-n, –iterations=N overwrite N times instead of the default (3)
–random-source=FILE get random bytes from FILE
-s, –size=N shred this many bytes (suffixes like K, M, G accepted)
-u, –remove truncate and remove file after overwriting
-v, –verbose show progress
-x, –exact do not round file sizes up to the next full block;
this is the default for non-regular files
-z, –zero add a final overwrite with zeros to hide shredding
–help display this help and exit
–version output version information and exit
In our experience, to operate in the fastest way, we decided to add Shred on the Nautilus Menu and have the command ready with a simple right click on the mouse.
For this reason you have to open a Terminal and type:
sudo apt-get install nautilus-actions
Then you launch the program following this path: System->Preference->Nautilus Actions Configuration.
Last, you have to configure Shred filling e.g. the following parameters:
Label: Shred
Tooltip: Shred utility to securely erase files
Icon: gtk-dialog-warning
Path: shred
Parameters: -f -u -v -z %M
Filenames: *
Mimetypes: */*
Appears if selection contains: Both
Be sure to check the box “Appears if selection has multiple files or folders“
To finish your configuration, do not forget to open again a Terminal and type:
nautilus -q
nautilus
Christmas time is ending and today we really don’t know how many relatives used out computer for “just few minutes” or “to quickly (sic) check the emails”. In few words, our Linux PC could have been overstuffed with unwanted temporary files and we haven’t had time to update it. So, it’s time to clean-up!!
First of all I suggest to use BleachBit because, for my experience, it’s the most powerful software to clean temporary files, log files and unwanted traces on your computer. BleachBit is easy to use and, as we described in previous post, very effective.
Then we have to check if our system is really updated so we can use the usual ways as Synaptics Package Manager or quickly run a some simple commands through Terminal to update, upgrade and remove old packages or Kernel.
For this purpose I collected three simple commands and chained them in a single line:
sudo apt-get update && sudo apt-get upgrade && sudo apt-get autoremove
In this way you will be sure that you can start again to work on your Ubuntu as before the Christmas time!
Computer Borders 