Revision [29050]
This is an old revision of security made by coolpup on 2013-10-05 15:52:32.
Security includes protection from data loss, data theft and data corruption.
Security Precautions
- Adobe Flash Player may pose too high a risk for some users - either disable it or configure the Web browser to restrict its use
- never open e-mail attachments from strangers; delete them instead
- renew the default system password using the passwd utility
- activate the software firewall (discussion): Menu > Setup > Linux-Firewall Wizard
- use the latest available versions of file-system tools: bzip2, dosfstools, e2fsprogs, grep, gzip, ntfs3g, tar, xz
- use the latest available versions of cryptography libraries: [libgcrypt]], openssl
- use the latest available version of FlashPlayer Adobe Flash Player (if it is used)
- use a PuppyVersion with a recent Linux kernel version:
uname -a
- use encryption
- always have a minimum of three identical versions of valuable or important files on physically separate media
- disable JavaScript within the Web browser (with a subsequent loss in Web-page functionality)
- perform virus detection: ClamAV
References
Appendix
Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cyber-criminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows: 'If you are using the internet for a commercial transaction, use a Linux boot up disk - such as Ubuntu or some of the other flavours. Puppy Linux is a nice small distribution that boots up fairly quickly. It gives you an operating system which is perfectly clean and operates only in the memory of the computer and is a perfectly safe way of doing Internet banking'. Source
Security set-up for Puppy 2.16
1 Open console type 'passwd'. enter your new password twice.
2 Run 'lock' on desktop and enter password from step 1
*you may want to select 'blank' from the config to save on processor usage
3 edit /etc/inittab to look like this:
::sysinit:/etc/rc.d/rc.sysinit tty1::respawn:/sbin/getty 38400 tty1 tty2::respawn:/sbin/getty 38400 tty2 ::ctrlaltdel:/sbin/reboot
*this keeps someone from killing lock with ctrl+alt+backspace and logging back in automatically and also gives the option on bootup to enter 'root' and 'password'.
Create Password
Boot Puppy
ctrl+alt+F2 (because my eyes are going and this is easier to read than in a console)
"
puppypc login :root
Password : well known and published password
#passwd
Changing password for root
New password : a new and unpublished password
Retype password : a new and unpublished password
Password for root changed by root
"
ctrl+alt+F3 (back to GUI)(F4 for some puppies)
Open terminal and type: passwd
Create a user to run applications.
Open terminal and type: cd / && mkdir home
Think of your new user name and then type in console: cd /home && mkdir YourNickHere
Now copy these files to /home/YourNickHere
.bashrc, .fonts.cache-1, .gtkrc-2.0, .gtkrc.mine, .Xdefaults, .Xresources
Open terminal and type: adduser YourNickHere
Run applications as YourNickHere by typing su -c application YourNickHere
example: su -c gaim YourNickHere
Make applications run as YourNickHere by default:
Edit application launchers to resemble this, su -c application YourNickHere
Puppy has a personal wiki called DidiWiki, with its own inbuilt HTTP server, so is accessed from a web browser, either locally or over a network/Internet. What we do in this case is run DidiWiki as user "spot". We can run an individual server application as a restricted non-root user, even though you yourself are still logged in as root.
Also on the Wiki
AttackPup - Puppy for network testing
PenetrationTesting penetration testing - network testing
Privacy - Keeping your information private
WatchDog - Puppy for securing your home
Related Webpages
Categories
CategorySecurityCategoryTutorial