Linux/Internet Security

Aymen Amri amri.aymen@gmail.com Social Innovation In A Digital Context

Mars - 2013

Distros focused on computer security

AstaroSecurityAppliance BackTrackLinux IPFire LightweightPortableSecurity LiveHackingDVD Etc..

Security Distros : Astaro Security Appliance

FormerlyknownasAstaroSecurityLinux. TheAstaroSecurityAppliancescomeinthreeflavors:Hardware, softwareandvirtual. Inthevirtualappliancecategory,Astarooffersappliancesbuilt specificallyfornetworksecurity,mailsecurity,Websecurityand Webapplicationsecurity. VMwareReadycertfication. Configurablefirewall,intrusionprotection,DoSattackprotection, NATtools,VPN,IPSecRemoteAccess,LDAPauthentication integration,andbandwidthcontrol. SophosrecentlyacquiredAstaro. Sophosboastsover100millionworldwidebusinessusersinmore than150countries.

Security Distros : BackTrack Linux

ThehighestratedandmostacclaimedLinux securitydistribution. Notabusinessdesktoporserversystembutisa securityorientedsystembuiltsolelyforthepurpose ofnetworkandcomputerpenetrationtesting. Specializedtoassistsecurityprofessionalsin performingsecurityauditsontargetnetworks. Youdon'thavetobeaseasonedsecurity professionaltouseit.

Security Distros : IPFire

Firewalldistributionthatissmall,highly secureandeasytouse. ThePakfiresystem(packagesystem)isunique toIPFire Deliversupdatesandpackagesviaencrypted transferanddigitalsignatures. Easyaddoninstallation:Samba,NFS,mail services,antivirus,multimediaapplications, VoIPapplications,intrusiondetection,network tools,securitytools,backuptools..etc

Security Distros : Lightweight Portable Security

BootsathinLinuxsystemfromaCDorUSB flashdrive. Itisn'tmeanttoberunfromalocalhard disk. Public,generalpurposeWebbrowsingand Allowsnotracesofactivityorbrowsing history. Providessecurebrowsingduringbanking transactionsorothersecuritysensitive sessions.

Security Distros : Live Hacking DVD Anethicalhacker'splayground(workbench). Fullygraphicaldesktopinterface(GNOME) Mostofthehackertoolsarecommand line(CDversion). YoucanuseanoldPentiumIIIorIVclass systemandaslittleas512MBRAM.

CalmAV - Anti-Virus

ClamAVcandetectvirusesandmoveanyinfected filesintoaquarantinedfolder CalmAVdon'tremovethemfromfiles. Canbeusedfromterminal Twomodesofoperation:aprogramthatloadsinto memoryonlywhenyouwanttoscanafile,ora daemon(clamavdaemon)thatisalwaysrunning. Thisspeedsupvirusscanningastheprogramis alwaysinmemory.

Nixory - Antispyware

Freeandopensourceantispyware Malicioustrackingcookiesfrombrowser. MozillaFirefox,InternetExplorerandGoogle Chrome. ItrunsonallOS,includingWindows,Linuxand MacOSX.

BotHunter - Botnet Diagnosis System

Networkbasedbotnetdiagnosissystem. Tracksthetwowaycommunicationflows betweenyourpersonalcomputerandthe Internet. AvailableforLinuxandUnixbutnowthey havereleasedaPrivateTestReleaseanda PreReleaseforWindows. BotHunter2Web.pl:anaddonallows BotHuntertoprofileinfectionsintoweb pages.

UFW Uncomplicated Firewall

Commandlineprogramthathelpsmanage thenetfilteriptablesfirewall. Fewsimplecommandstomanageiptables. Gufwisagraphicalinterface. Veryintuitiveandeasytomanageyour iptablesfirewallusingGufw. GufwneedsPython,GTKandufw. Example:sudoufwallowssh/tcp

BleachBit - Work Session Wiping

Freesdiskspaceandguardsprivacy. Freecache,deletecookies,clearInternet history,shredtemporaryfiles,deletelogs, anddiscardjunk. Firefox,InternetExplorer,AdobeFlash, GoogleChrome,Opera,Safari,andmore. Shredfilestopreventrecovery Wipefreediskspacetohidetracesoffiles deletedbyotherapplications, MakesFirefoxfaster.

Ddrescue Data Recovery

ddrescue(gddrescue)isadatarecoverytool thatcopiesdatafromafileorhardware devicethatcontainsdatatoanotherplace, makingeveryefforttorescuedatainthe eventofreaderrors. Withtwoormoredamagedcopiesofafile(or CD,DVD,etc)ddrescueshouldbeableto reconstructacompleteanderrorfreefile.

Foremost File recovery

Commandlinetool Recoverfiles(fat,ext3andNTFS). Livecd. Recoverfilesfromanimageofthedrive,or fromthedrivedirectly. Assumingthelostfilesareonhda,youneed tocreateawriteabledirectoryonanother drivewhereyoucanputtherecoveredfiles

Shred - Secure File Removal

Deletingafile(rm)orreformattingadisk doesnotdestroyyoursensitivedata. Commandline Destroyfilessothattheircontentsarevery difficultorimpossibletorecover. shredaccomplishesitsdestructionby repeatedlyoverwritingfileswithdata patternsdesignedtodomaximumdamage Difficulttorecoverdataevenusinghigh sensitivitydatarecoveryequipment.

TrueCrypt - Secure File Storage

Freeopensourcediskencryptionsoftwarefor Windows7/Vista/XP,MacOSX,andLinux TherearetwotypesofTrueCryptvolumes:

Filehosted(container) Partition/devicehosted

TrueCryptvolumescanbeencryptedusing8 algorithms:AES,Serpent,Twofish..etc

Ecryptfs File System Encryption

PackageofdiskencryptionsoftwareforLinux. Filesystemlevelencryption/fulldiskencryption. Storescryptographicmetadataintheheaderof eachfileencryptedfilescanbecopiedbetween hosts. Widelyused,asthebasisforUbuntu'sEncrypted HomeDirectory. NativelywithinGoogle'sChromeOST Transparentlyembeddedinseveralnetwork attachedstorage(NAS)devices.

Pidgin with OTR - Secure Instant Messaging

Privateconversationsoverinstantmessagingbyproviding:

Encryption:Nooneelsecanreadyourinstantmessages. Authentication:Youareassuredthecorrespondentis whoyouthinkitis. Deniability:Duringaconversation,yourcorrespondentis assuredthemessagesheseesareauthenticand unmodified. Perfectforwardsecrecy:Ifyoulosecontrolofyour privatekeys,nopreviousconversationiscompromised.

Thunderbird with Enigmail and GPG - Secure Email Client

MozillaThunderbird(Mailclient). Enigmail(ThunderbirdModule). GnuPG(publickeyencryptionprogram) Generateandmanagethekeypairstobe usedinencryptinganddecryptingmessages, Keepyouremailcommunicationsprivateand secure.

Firefox with add-ons - Secure Web Browser

Stabilty/Security Protectionfrompotentiallydangerous programsandmaliciouswebsites. Wipeanytraces. BeefTaco,GoogleSharing,HTTPS Everywhere,Ghoestry..etc

TOR - Anonymity Online

Free/OSsoftwareandanopennetwork. Defendagainsttrafficanalysis: Surveillance,confidentialbusinessactivities, andstatesecurity. Tails:LiveCD/USB. Orbot:ForGoogleAndroiddevices. TorBrowser. Obfsproxy:attemptstocircumvent censorship.

KeePass - Secure Password Storage

Saveallyourpasswordsinoneconvenient andsecuredatabase. Createandstoremanystrongpasswords withouthavingtorememberthem ExternaldeviceorUSBmemorystick,and portabletoolsaresaferthanthecomputer PortableKeyPassversion.

Secure Passwords

Long Complex Practicle Notpersonal Secret Unique Fresh

Secure Passwords

Don'tuseallnumbersorallletters. Avoidreusingorrecyclingoldpasswords. Changeatregularintervals. Changeallvendordefaultpasswords. Eliminateorlockshareduseraccounts. Avoid:Dictionarywords,letterornumber sequences,usernames,relativeorpetnames, romanticlinks(currentorpast),or biographicalinformation.

Secure Passwords

EntropyDefinition:Ininformationtheory, entropyisameasureoftheuncertaintyina randomvariable.Inthiscontext,theterm usuallyreferstotheShannonentropy,which quantifiestheexpectedvalueofthe informationcontainedinamessage. Itisusualinthecomputerindustrytospecify passwordstrengthintermsofinformation entropy,measuredinbits

Secure Passwords

Apasswordwith42bitsofstrengthwould require242attemptstoexhaustall possibilitiesduringabruteforcesearch. Addingonebitofentropytoapassword doublesthenumberofguessesrequired.

RootKit Scanner - RootKit Detection

Arootkitisastealthytypeofsoftware,often malicious,designedtohidetheexistenceof certainprocessesorprogramsfromnormal methodsofdetectionandenablecontinued privilegedaccesstoacomputer. Rootkitscannerisscanningtooltoensure youyou'recleanofnastytools. Thistoolscansforrootkits,backdoorsand localexploitsbyrunningtests.

Secure Wirless Home Network

Enableencryptiononyouraccesspoint(128 bitencryptionorhigher|WEP/WPA/WPA2) Settherouteraccesspassword. ChangetheServiceSetIdentifier(the networknameor"SSID")fromthedefaultto somethingunique. EnableMACAddressfiltering. Disableremotelogin. Disablewirelessadministrating.

Sppedometer - Monitoring Bandwidth

Displayandmeasuretherateofdataacrossa networkconnection. Monitorsnetworkinterfaces(upload& download)andyourfilesystem.

System Log Viewer - Viewing Logs

SystemLogViewerisagraphical,menu drivenviewertoviewandmonitorsystem logs. Easier,moreuserfriendlydisplayofyour logs. Liveviewthatautomaticallyrefreshes(Xorg, auth,bot,boot.log,bootstrap.log,btmp, daemon.log,debug,dmesg,dpkg,fontconfig, jockey,kern,lpr,mail.err,mail.info..andmany otherlogfiles)

Physical Security

Computerlocks. BootLoaderSecurity(passwordfor LILO/GRUB). Locking(xlock,vlock). Securityoflocaldevices(eg:webcams) USBStocks/ExternalHardriveencryption.

Webography
https://securityinabox.org/en http://www.serverwatch.com/server-trends/10-secure-linux-distributions-you-needknow-about.html https://securityinabox.org/en/keepass_portable http://www.truecrypt.org/docs/?s=version-history http://www.linuxlinks.com/article/20100226123455346/ddrescue.html http://www.ubuntugeek.com/tools-to-delete-files-securely-in-ubuntu-linux.html http://bleachbit.sourceforge.net/ http://www.cypherpunks.ca/otr/ https://www.torproject.org/ https://www.computerworld.com/s/article/82883/Secrets_to_the_best_passwords https://en.wikipedia.org/wiki/Information_entropy https://en.wikipedia.org/wiki/Password_strength http://ecryptfs.org/about.html http://linuxaria.com/article/free-open-source-rootkit-and-malware-detection-tools? lang=en&utm_source=feedburner&utm_medium=email&utm_campaign=Feed %3A+Linuxaria_En+%28Linuxaria%C2%BB+English%29 http://linuxaria.com/article/monitor-your-bandwidth-from-the-linux-shell?lang=en

Linux/InternetSecurity

Thanks..
AymenAmri amri.aymen@gmail.com twitter.com/eon01

CreativeCommonsLicense Linux/InternetSecuritybyAymenAmriislicensedunderaCreativeCommonsAttribution NonCommercialShareAlike3.0UnportedLicense.