Revision [20044]

This is an old revision of security made by coolpup on 2012-01-02 09:58:58.

 

Security involves protection from data loss, data theft and data corruption.text

Security Precautions


See also
Privacy, Fido, Puppy GROWL

References
http://sectools.org/index.html
http://www.virustotal.com/
http://www.cryptoheaven.com/
http://epic.org/privacy/tools.html
http://news.cnet.com/8301-13880_3-20010350-68.html?tag=mncol;mlt_related
http://murga-linux.com/puppy/viewtopic.php?t=41146
IPtables: http://www.murga-linux.com/puppy/viewtopic.php?p=405147#405147
Potential Flash point
http://www.builderau.com.au/program/linux/soa/10_things_you_should_do_to_a_new_Linux_PC_before_exposing_it_to_the_Internet/0,339028299,339274586,00.htm?feed=rss
Security forum thread
Linux Security
Security History
Linux security Howto
10 tips
NSA in Windows
Top Cyber Security Risks
Live Linux CD for security
Password protect GRUB
group51.org
http://www.murga-linux.com/puppy/viewtopic.php?p=405903#405903

Appendix

Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cyber-criminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows: 'If you are using the internet for a commercial transaction, use a Linux boot up disk - such as Ubuntu or some of the other flavours. Puppy Linux is a nice small distribution that boots up fairly quickly. It gives you an operating system which is perfectly clean and operates only in the memory of the computer and is a perfectly safe way of doing Internet banking'. Source

N.B. choice of operating system becomes irrelevant if recommended security precautions are not applied

Security set-up for Puppy 2.16 onwards
1 Open console type 'passwd'. enter your new password twice.

2 Run 'lock' on desktop and enter password from step 1

*you may want to select 'blank' from the config to save on processor usage

3 edit /etc/inittab to look like this:
::sysinit:/etc/rc.d/rc.sysinit
tty1::respawn:/sbin/getty 38400 tty1
tty2::respawn:/sbin/getty 38400 tty2
::ctrlaltdel:/sbin/reboot


*this keeps someone from killing lock with ctrl+alt+backspace and logging back in automatically and also gives the option on bootup to enter 'root' and 'password'.

Create Password
Boot Puppy

ctrl+alt+F2 (because my eyes are going and this is easier to read than in a console)

"
puppypc login :root
Password : well known and published password
#passwd
Changing password for root
New password : a new and unpublished password
Retype password : a new and unpublished password
Password for root changed by root
"

ctrl+alt+F3 (back to GUI)(F4 for some puppies)

Open terminal and type: passwd

Create a user to run applications.

Open terminal and type: cd / && mkdir home

Think of your new user name and then type in console: cd /home && mkdir YourNickHere

Now copy these files to /home/YourNickHere
.bashrc, .fonts.cache-1, .gtkrc-2.0, .gtkrc.mine, .Xdefaults, .Xresources

Open terminal and type: adduser YourNickHere

Run applications as YourNickHere by typing su -c application YourNickHere
example: su -c gaim YourNickHere

Make applications run as YourNickHere by default:

Edit application launchers to resemble this, su -c application YourNickHere

Puppy has a personal wiki called DidiWiki, with its own inbuilt HTTP server, so is accessed from a web browser, either locally or over a network/Internet. What we do in this case is run DidiWiki as user "spot". We can run an individual server application as a restricted non-root user, even though you yourself are still logged in as root.

Categories
CategorySecurity
CategorySoftware
There are no comments on this page.
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki