Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 17 Apr 2014, 08:28
All times are UTC - 4
 Forum index » Off-Topic Area » Security
How to increase the security!
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 4 [47 Posts]   Goto page: 1, 2, 3, 4 Next
Author Message
shoutcrown

Joined: 12 Mar 2011
Posts: 82

PostPosted: Sun 15 Apr 2012, 03:59    Post subject:  How to increase the security!
Subject description: Internet Security
 

Hello everybody!

Well I am using Puppy Linux (I completely deleted Windows XP). Because Puppy Linux is able to do what I want. By the way I am using Lucid and Slacko Puppy Linux, because of some little differences

You know?, I never before had Internet Connection at home. (I usually went to Public Internet...). But a few days ago Movistar installed Internet Connection to my laptop (wired connection to TP-LINK modem which also has WIFI)

So, this is new for me and I need to increase my security. Reading the user guide I could change my SSID, WPA-PSK password (the official webpage only shows two authentication types: WEP and WPA-PSK; two encryption: TKP and AES), also I activated the mac address filter and I have turned on the Firewall

But the user guide doesn't have deep information about internet security, So:

- Can anybody give me detailed information about internet security?

- Is it possible that anybody could get my password?

- Which is the strongest authentication and encryption type?

- how can i know if anybody else is connected to my Router?, if so how can i disconnect them?

Thank you very much for reading and helping me!

Bye
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Sun 15 Apr 2012, 04:40    Post subject:  

Using Puppy you are already safe

Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cyber-criminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows: 'If you are using the internet for a commercial transaction, use a Linux boot up disk - such as Ubuntu or some of the other flavours. Puppy Linux is a nice small distribution that boots up fairly quickly. It gives you an operating system which is perfectly clean and operates only in the memory of the computer and is a perfectly safe way of doing Internet banking'.


Turn on the firewall
the rest is common sense
security done
If you are a budding tin hat . . .
http://puppylinux.org/wikka/security

Wpa2 is the most secure wifi

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10518
Location: SwedenEurope

PostPosted: Sun 15 Apr 2012, 06:56    Post subject:  

Quote:
Is it possible that anybody could get my password?


It sure is. A neighbor can use programs that use brute force guessing
until it crack it. And drive by cars that cruise for such vulnerable modem
routers to break into.

Our version of PBS showed how easy it is. Took only minutes for the guy
they hired to show how vulnerable we are.

Wep where most easy and WAP took more time.

There should be such reports in English speaking computer press too
and BBC tech should have such texts and even videos?

So you should try to get a good password.

If the person doing is not good at hiding then most likely an icon indicate
that another have entered your network.

Others can confirm if one can click on these and stop them.
Most likely possible.

What Lobster talk about sounds to me to be a compare with Ms Win
getting targeted within ten minutes or earlier if one just get out with a
modem and no router. Routers makes it a bit more secure.

My naive take is this.

If many thousands of Apple latest OS get invaded with Trojan
then why would linux be more protected.

Puppy being a very different linux makes it maybe less targeted.
But if somebody is dedicated then they can do it. Hopefully
somebody that really knows thing give you good advice.

I know too little.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Barkin


Joined: 12 Aug 2011
Posts: 604

PostPosted: Sun 15 Apr 2012, 13:57    Post subject:  

don't use a word which is in a dictionary as a key/password.

https://en.wikipedia.org/wiki/Dictionary_attack

http://howsecureismypassword.net/

create a good but memorable password using MD5 generator

MD5("puppy+salt") = 3e646fbe529c65d4d4be511e926c1bb4
MD5(puppy+salt).png
 Description   
 Filesize   5.27 KB
 Viewed   1507 Time(s)

MD5(puppy+salt).png

Back to top
View user's profile Send private message 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Sun 15 Apr 2012, 23:57    Post subject: Re: How to increase the security!
Subject description: Internet Security
 

shoutcrown wrote:

How to increase the security


wrote:

http://www.murga-linux.com/puppy/viewtopic.php?p=618588#618588

wrote:




wrote:

http://www.murga-linux.com/puppy/viewtopic.php?p=587209#587209
Theme: Security/Privacy = //"House Training"/"HOWTO ( Solutions )"

wrote:




wrote:

http://www.murga-linux.com/puppy/viewtopic.php?p=584416#584416

wrote:




wrote:

http://www.murga-linux.com/puppy/viewtopic.php?p=586415#586415
Perhaps the theme: 1st_script.sh


http://www.murga-linux.com/puppy/viewtopic.php?p=586415#586415
Perhaps the theme: 2nd_script.sh


http://www.murga-linux.com/puppy/viewtopic.php?p=586415#586415
Perhaps the theme: 4th_script.sh

wrote:




A computer devices without additions from spy plus passwords without writing into your own memory, when the passwords can be placed into the shifting stencil, plus the protected energy for computer devices, plus the successful work with licences, plus booting from the DVD or CD-disk. But it will not give a full protection.

_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.


Last edited by postfs1 on Sat 21 Apr 2012, 04:42; edited 2 times in total
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10518
Location: SwedenEurope

PostPosted: Mon 16 Apr 2012, 11:34    Post subject:  

I fail to link to it directly. it is a bit down on the page. Go here
http://distrowatch.com/weekly.php?issue=20120416#news

Quote:

"DoudouLinux has several features that set it apart from the others:
a safe computing environment for children;
make computers accessible to all children on earth;
copy and share freely;
carry it anywhere and use safely on any computer;
the operating system children prefer.

Safety means two things. It means system safety,
because even though DoudouLinux can be installed
to a hard drive, it's really intended to run from a CD or
USB stick without making any changes to the host system,
and without access to the host system.

It can't be used as a rescue distro or
interfere with the host system in any way.

There is no console and no command line.
It is very simple, with a limited tightly-focused set of applications,
and no modifications without rebuilding the system image."


Okay a very restricted type of OS. Too restricted for serious work
But could one not learn from their intention to make it as simple
and as secure as possible and make a two layered approach ?

Maybe two kind of puppy? One puppy so that one boot when one
want to be very safe online and then another iso that one boot
when one need to do a lot of offline work that require access to
the HD.

I have a test machine now that have no internal HD what so ever.
I use a CD/DVD or USB to boot it and save things on another USB.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10518
Location: SwedenEurope

PostPosted: Sat 21 Apr 2012, 03:16    Post subject:  

Thanks to shoutcrown for the PM. Sadly due to personal circumstances
I don't have time to answer and exchange views on Security because
I know too little. I contributed to this thread in hope a lot of persons
who do more than me would share their best advices.

I know nothing about DoudouLinux but would be cool to get feedback on
if what they write there is as they say or if they are too optimistic.

Can puppy learn from their approach and how? Not to cripple Puppy
but to have one very secure puppy that maybe is too restricted to use
for others uses but to use for safe browsing and then one shut down
and reboot into a normal puppy when one need those features?

Shoutcrown has started a personal question that is related here
http://www.murga-linux.com/puppy/viewtopic.php?t=77746

I did not write there because my long experience is that if I write something
then none else get active in that thread. Smile So to be polite I only link to it here. Hope that helps.

I share your worry shoutcrown but have no time to get deep into it.
Hope you get good answers if that fails do use the search I link to
and put in keywords like security and wap wifi wireless and what is needed to find your answers and give feedback in that thread you started.

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
shoutcrown

Joined: 12 Mar 2011
Posts: 82

PostPosted: Mon 23 Apr 2012, 18:34    Post subject: hi nooby!
Subject description: be happy! we are learning!
 

I really appreciate your effort to share my "post"

I am using Puppy Linux, it's an excellent OS (i am sure the other distros are the best too). Like you, there are many things I don't know and can't do, but I already know the basic usage. So on now I can show and share this practical knowledge I have, to people close to me...

Now I have internet connection at home, and it is better to learn and do more questions

thank you again, Best wishes!
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3276
Location: Oregon

PostPosted: Thu 26 Apr 2012, 01:42    Post subject:  

When you asked how to tell if someone was online using your routers WIFI connection, you can access the router's setup page and there should be a section that will show what PCs are connected.
At least both my Linksys and Quest routers have that feature.

Maybe that will help.
At my home, it showed me just what PCs were connected using both WIFI and wired connections.

Also, be sure to change the default password for your router so that it cannot be accessed remotely easily.
I only say this because I can access my router via WIFI knowing the username and password.

So if you left the default of username- admin and password of - password, you are leaving yourself open.
Back to top
View user's profile Send private message 
shoutcrown

Joined: 12 Mar 2011
Posts: 82

PostPosted: Fri 27 Apr 2012, 01:18    Post subject: HOLA!
Subject description: HELLO!
 

Hi! 8-bit,

Thank you!.

Yeah, Now I am watching which options shows the Router web page. As all of you say, there is a section where I can see which devices are connected...

Nevertheless there is a question I forgot to make: Which are the more secure characters for a key: ASCII or Hexadecimal?

Because using ASCII I can write symbols like @, #, etc., but Hexadecimal only admit numbers and letters from A-F

BYE
Back to top
View user's profile Send private message 
puppy_apprentice


Joined: 07 Feb 2012
Posts: 92

PostPosted: Fri 27 Apr 2012, 04:00    Post subject:  

check info about passwords on this page (from Services menu):
http://www.grc.com/intro.htm
Back to top
View user's profile Send private message 
shoutcrown

Joined: 12 Mar 2011
Posts: 82

PostPosted: Fri 27 Apr 2012, 09:31    Post subject: HI!
Subject description: HI!
 

Hi puppy-apprentice!

that page test passwords too

bye
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Fri 27 Apr 2012, 23:07    Post subject:  

password generation
http://www.murga-linux.com/puppy/viewtopic.php?p=316884#316884

For all you budding tin hats Shocked
Why not order a Raspberry Pi
http://puppylinux.org/wikka/Puppi
and create
a password generator and changer?

Basically this would log into all your password protected services
Maybe once a day, with the previous password and change it.
The program would then print out the passwords (possibly in braille) for you to type in when requiring access.

That should keep you occupied for a while . . . Cool

Hope that or link is of interest Smile

Puppy <> FUD
Educating Penguins

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
Barkin


Joined: 12 Aug 2011
Posts: 604

PostPosted: Sat 28 Apr 2012, 00:25    Post subject:  

Lobster wrote:
password generation
http://www.murga-linux.com/puppy/viewtopic.php?p=316884#316884

there's no way people can remember tens of passphrases each consisting of random characters,
which means you'd have to write them down, which would be a security risk.

With my method you can safely write down ...
Lobster's password for bank account is "bank"
when your actual bank password is an MD5 of "bank+salt",
i.e. the bank password is the 32 character hexadecimal number c70d765ca96f3b0855e2d4dd9b38efd6

["+salt" is any character sequence which you commit to memory and never write down,
character sequence preferably not a word in any dictionary, "+salt" isn't , "salt" is , the longer the character sequence the better ]

Note: slight changes to the text make huge difference to the MD5, e.g. missing out an apostrophe , changing the case of one letter.
MD5 password method examples.png
 Description   
 Filesize   12.69 KB
 Viewed   1179 Time(s)

MD5 password method examples.png

Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Sat 28 Apr 2012, 03:05    Post subject:  

Quote:
which means you'd have to write them down, which would be a security risk.


Your plan is good.
How about if you write them down in invisible ink?

I once spent a lot of time creating a secure website, password protected
- which at the time was not essential

When they then told me how they had forgotten their password
I informed them how secure the site was (as warned)
I did not have access to the password. Shocked

In fact I have just tried to get into a secure account
. . . and I have no record or account of my forgotten details

I am the weakest link
Goodbye!

_________________
Puppy WIKI

Last edited by Lobster on Sat 28 Apr 2012, 05:03; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 4 [47 Posts]   Goto page: 1, 2, 3, 4 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0928s ][ Queries: 13 (0.0092s) ][ GZIP on ]