Security and privacy inside personal machine

[scatter]

Okay, This is my first post here so I hope I will be able to help some and of course learn from the others who have more knowledge and experience than me.

in this paper we will try to make sure our system is fully secure (
unhackable doesn't exist ) but always keep in mind:there is no patch for human stupidity so keep eyes open before clicking any link.Well, in the next steps I will show how I configure my own security system and what I use ( most of what I use )

1) run an nmap scan on ur own machine to check the open ports, if you find open ones make sure to close them by stopping the service listenning on that port: to do the scan run #nmap 127.0.0.1 ==> this will scan the first 1000 ports and this must do the job but if you want to scan all of them use the following command # nmap 127.0.0.1 -p 1-65535 ( I usually scan only the first 1000 ports )

2) get yourself a firewall and make sure it will deny evey outbound cnx from any ip ( you will have to stop that and make an exception in case you want a connect back session from a server but for now just do it )

3) install port spoof http://portspoof.org/" onclick="window.open(this.href);return false; ==> this will give anyone scanning your ports false positives, even when your ports r open it won't show him real open ports so he will not be able to launch a successful attack on your ports ( PS: it gives false positives yes...but it will keep one of your ports in its real situation that s why we already closed all ports)

4) Never use your system under root user, always use normal user session

5) NEVER USE TOR ON FIREFOX, USE TOR ON TOR BROWSER BUNDLE why? because firefox browser is not able to delete cookies completely while tor browser bundle can do it and as you know from here http://cryptome.org/2013/10/nsa-tor-stinks.pdf;" onclick="window.open(this.href);return false; so if you are using tor use it on its own browser dont configure firefox to run through tor

6) if you have a VPN run your VPN and then turn on tor so that your VPN doesn t appear before the tor exit node

7) Make sure the tor exit node is one of the countries where privacy is still respected like iceland and sweden ( if you don t have that from the first time keep changing identity of tor until you get that, be patient and spend some time on that, trust me it's better than spending time in jail in case you are doing sthg "bad" and that's ur own responsibility )

Encrypt your DNS and stop dns leaks, for that you can use dnscryt http://dnscrypt.org/" onclick="window.open(this.href);return false;

Reason: http://lifehacker.com/how-to-boost-your ... -510386189" onclick="window.open(this.href);return false;

ubuntu tutorial:http://www.insanitybit.com/2012/07/23/s ... -system-8/ ( This method is same for most ubuntu versions )

9) NEVER USE FREE PROXIES ( why? because me myself I make free proxies and with them I get zombies,everyone using a proxy may become a slave and his computer a zombie machine for ddos attacks and that is done in many places )
You can check how it is done by googling javascript botnets and watch the defcon conference about it

10) here is a list of addons you should have on your browser

https everywhere https://www.eff.org/https-everywhere" onclick="window.open(this.href);return false;
NoScript https://addons.mozilla.org/en-US/firefo ... b-dl-users" onclick="window.open(this.href);return false; ( you can stop it when using facebook etc but make sure to turn it on when visiting a targeted website)
TRACK me not https://addons.mozilla.org/en-US/firefo ... b-dl-users" onclick="window.open(this.href);return false;
Self destructing cookies https://addons.mozilla.org/en-US/firefo ... b-dl-users" onclick="window.open(this.href);return false;
Empty Cache https://addons.mozilla.org/en-US/firefo ... b-dl-users" onclick="window.open(this.href);return false;
Browser protect (anti hijacking) https://addons.mozilla.org/en-US/firefo ... b-dl-users" onclick="window.open(this.href);return false;


11) Here I will suppose that your HD is totally encrypted and with a strong password and save it in your head not in text document on your desktop

12) Never use same password in two different places and make sure you used a strong password

13) Finally if you use jabber use it with otr plugin


PS: if anyone has any other ideas or suggestions or see that I made a bad choice in one of the configs I will be happy to know it

[bad_brain]

great entry post dude!

about #1:
I assume this is in context with a Linux system, or do the newer Windows platforms ( from 7 up) support loopback scans now? XP definitely didn't...
for a Linux system you can (and should) also make use of the netstat and ps commands:

Code: Select all

netstat -tulpn
ps auxwww

both give you a very detailed output of running and listening processes.

about #5:
never use Firefox...at all.
I have been using it from the early pre-1.0 versions to the last good version which was 2.0.16, from then on FF became a horrible buggy piece of bloatware.
I am using Chrome, which, when you use the right plugins, can be a really secure and privacy protecting browser.
the plugins I highly recommend:
- DoNotTrackMe
- Window Name Eraser

against DNS leaks you can also use anonymous DNS servers as default resolvers in your OS and router, the advantage is that you don't need extra software to be installed, here's a list:

Chaos Computer Club Berlin
213.73.91.35
Comodo Secure DNS
156.154.70.22
156.154.71.22
Censurfridns (Denmark)
89.233.43.71
89.104.194.142
DNS Advantage
156.154.70.1
156.154.71.1
Dotplex
91.102.11.144
212.222.128.86
FoeBuD e.V.
85.214.20.141
Swiss Privacy Foundation
87.118.104.203 (Ports: 53, 110, DNSSEC)
62.141.58.13 (Ports: 53, 110, HTTPS-DNS, DNSSEC IPv6)
87.118.109.2 (Ports: 53, 110, DNSSEC)
Schweden DNS Kalmar NDC Registry
213.132.114.4
Island DNS Island Telecom
213.167.155.16
Antartica DNS (Cyberbunker NL)
84.22.106.30
US DNS Westelcom Internet, Inc.
64.19.76.8

[DNR]

you want more stuff on the machine side - you want to baseline your machine after a clean install - and before you start browsing the 'net. I like some of the windows tools - resource monitor, etc, and I still like the old 'process explorer' - what ever you use - just get a tool that can show all processes, log behaviors, list all hidden files and processes etc.

This way - you have something to measure an anomaly against when your computer maybe acting strange - the baseline, the knowledge of normal running processes - can help you detect the strange process quickly.

Never trust a firewall, IDS, malware tool to alert you. You are the IDS.

Good post for a neo too bad the bar will keep rising, we'll expect more from you

DNR

[scatter]

Thank you both bad_brain and DNR for the peice of advice and yes I will be the firewall :p by nature I do not trust softwares so I always keep monitoring my logs ( in fact am a linux user, I wipped windows a year ago and I do not like it anymore :p )
and hey DNR yes keep the bar rising because I will reach it with time as I promised I will make you proud for inviting me here

[bad_brain]

what's you preferred Linux flavor? I'm an outspoken Debian fetishist...
I am still using Windows as main desktop system though, simply because it's more comfy for multimedia stuff and some of my hardware would be a total pain to set up on Linux (no chance to make my Razer mouse work properly for example).
so I am more the "Linux for servers and hacky stuff, Windows for everyday desktop and amusement stuff" person.

[DNR]

FYI - I study windows because most of the world is using that OS. Next is Android.
It is not a choice of preference but keeping uptodate with windows issues
Being familiar with the event monitor, resource monitor, etc means that without tools at hand you can check out a windows box like you know whats going on.

I guess I would also suggest at this point to try to determine what you are -
net tech - network technician - pulls cables, builds boxes, rackmounts.
coder - works with one or more codes, can write programs from start to finish.
(Other disciplines - like net tech or sysadmin can know how to read code, but not necessarily write code. )
Sysadmin - you care for a network, or build networks. Can include DBadmin.
Security professional - studies various OS, devices, and has TTP (tools, tactics, and procedures) for finding, detecting, and fixing flaws. Includes physical security, and policies and procedures, law.
Other stuff like mobile tech, SCADA, phones, drones, and 'data collection' are certainly approved disciplines too.

General knowledge is needed, but you should be special at something. It is not about the title, it is about your identity.

DNR

[scatter]

well bad_brain I use both debian and arch linux as my two system bases ( running both on dual boot ) I started with ubuntu but after unity came to this world it made it sucks :p but I still did not find the real distro that makes me enjoy ( as I want ) what I m doing with it so I m making my own linux distro and the alpha version will be released soon, here is my website blackout-os.com

[scatter]

oh DNR you just made an everyday prob of mine pop up twice today :p
fact I am lost in what should I choose exactelly , I m learning more programming languages because I want to be free in making my own tools ( and of course not being a script kiddie, damn I hate them -_- ) and the problem is I don't only want to make my own tools but I want to develop exploits for both web applications and softwares ( local and remote exploits including kernel hacks etc ). Plus sysadmin and security professional both interests me because I feel they are linked together in a way ,everyone of them must understand what the other does to be able to do what he wants in a good way or comes up with an out of the box method

lol am not sure if I made this clear because of my english but to make it short I want to buy the guy who develops his own exploits, build his own tools, exploit what he has between his hands to the end and during a pentest maybe web apps don t give a way in so then you have to start thinking about the software even if one day I open a security company I don t want to be for example the one who knows only web apps, I want to be the one who knows most sides of the work
and hey about intelligence gathering and collecting data I do it already ,I consider it as an important part of every pentest while many just ignore it and think it s a loss of time.It can make you earn alot of time

to conclude, if you were in such a problem like mine ( being a bit lost with what to focus on more let me know and how will I find the way out :p )

[bad_brain]

sweet, feel free to submit your site to the web links section here...and keep us up to date with the development status...
personally I found my love in Debian, I started with SuSe at home, my first server ran on Red Hat 9, and then I found Debian which I am using since 3.1 (Sarge). when I use Linux it's mostly (like 95%) to manage my servers through a remote shell, so I am not much of a desktop user.
so yeah, I think I can say I am pretty experienced with server administration and security, especially the first years of suck-o were a good opportunity to learn....we (ok, I) cheated the crap out of the progenic toplist which made all the skiddies on there cry and caused a lot of furious butthurt attacks against the site, peak was a DDoS with 6.5k bots. I have to add the first version of suck-o was running on a totally outdated and unpatched phpnuke version for years, which was especially challenging to keep away from getting pwnd daily.

[DNR]

ah the good old days of DDoS wars...

DNR

[DNR]

ok, look this over and I think we can post this in "tutorials" section..

DNR

[lilrofl]

Nice post, just a reply to Windows not supporting sniffing on the loopback address.
It came up in class the other day, and here's an article explaining it:

Code: Select all

http://wiki.wireshark.org/CaptureSetup/Loopback

[bad_brain]

good one, didn't knew about using RawCap to evade this limitation...