Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 22 May 2017, 23:19
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Should I add "passwd" to GROWL?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [11 Posts]  
Author Message
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15231
Location: Paradox Realm

PostPosted: Tue 14 Mar 2017, 08:06    Post subject:  Should I add "passwd" to GROWL?
Subject description: any use?
 

I am working a little on GROWL, my Puppy security program . . .
http://murga-linux.com/puppy/viewtopic.php?p=335216#335216

thinking of adding passwd
http://puppylinux.org/wikka/Security

Any advantage/usage? Cool

Basically you can change the root password like so from the CLI/console/terminal which uses busybox

Code:
passwd -d root 'test1'


Why would you? Will it bork/crash anything? Will it introduce added security in any way?

Thanks for any advice guys - keep it simple, I am not much of a security nut . . . Shocked

_________________
YinYana AI Buddhism
Back to top
View user's profile Send private message Visit poster's website 
8Geee


Joined: 12 May 2008
Posts: 1103
Location: N.E. USA

PostPosted: Tue 14 Mar 2017, 19:41    Post subject:  

AFAIK, on boot-up you will have to enter your password. I don't see any other problems than that. Better to lock the front door with a password, rather than default JIC Puppy moves the needle at Google, M$, FB, Twit, etc.

Backdoors, thats a different game completely. Quasi-Tin-Foil-hat stuff is in play... starting with those browser defaults.

Regards
8Geee

_________________
Linux user #498913
Back to top
View user's profile Send private message 
cthisbear

Joined: 29 Jan 2006
Posts: 4129
Location: Sydney Australia

PostPosted: Wed 15 Mar 2017, 05:26    Post subject:  

Not happy Mr Lobster.

Departed Puppy to the vile and evil MAC...eh what???

Now working on Puppy apps.

Next you will want to stir the pot and offer another Puppy version.

https://archive.org/details/Puppy_Linux_tmxxine

Cheers mate........Chris.
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15231
Location: Paradox Realm

PostPosted: Wed 15 Mar 2017, 06:02    Post subject:  

Cool

<begin rant>

After trying to get some tips for my GROWL 2.0 from subgraph os - to 'verify' the download I needed to understand gnupg ... (this is used for digitally authenticating using a public key - which I think I now have ...)

basically downloaded subgraph twice, not verified ...

Ay caramba!

All because I was doing a little scripting with Puppy Linux GROWL - security I don't really use, subgraph is recommended by Edward Snowden - is in Alpha anyway ... Pah! Maybe another day . . .

In the end I downloaded the excellent and recommended
https://www.digi77.com/linux-kodachi/

... basically it can be run from a DVD or keydrive as root just like Puppy but much bigger and based on Debian. Very usable everyday distro for tin-hatted Puppy yap dogs (security paranoids everywhere)

Security will drive you bonkers ... (my default mental state) Rolling Eyes

I did learn to turn off and on ethernet from the cli - which I have added and tested ... only in Slacko64
http://mirrors.deepspace6.net/Linux+IPv6-HOWTO/x1028.html

I added this after I found the icon bottom right of screen (was working) was no longer disconnecting from the net

<end rant>


The beta code is here. I left the passwd code in @8Geee
http://www.murga-linux.com/puppy/viewtopic.php?p=947684#947684

_________________
YinYana AI Buddhism

Last edited by Lobster on Wed 15 Mar 2017, 07:35; edited 2 times in total
Back to top
View user's profile Send private message Visit poster's website 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15231
Location: Paradox Realm

PostPosted: Wed 15 Mar 2017, 06:38    Post subject:  

cthisbear wrote:
Not happy Mr Lobster.

Departed Puppy to the vile and evil MAC...eh what???

Now working on Puppy apps.

Next you will want to stir the pot and offer another Puppy version.

https://archive.org/details/Puppy_Linux_tmxxine

Cheers mate........Chris.


Tee Hee.
Very Happy

Been using Puppy on an old laptop and two elderly computers ... just in stealth mode rather than as a Puppy Hacktervist . .

However I am also on my second Ipad - which is great for most of my needs . . .

_________________
YinYana AI Buddhism
Back to top
View user's profile Send private message Visit poster's website 
8Geee


Joined: 12 May 2008
Posts: 1103
Location: N.E. USA

PostPosted: Thu 16 Mar 2017, 02:55    Post subject:  

Of Course Labstah, you could unplug the RJ45 just to make sure.
But then, this would suxors on a box computer... reaching around the back and D/C said wire. Laughing

_________________
Linux user #498913
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1103
Location: N.E. USA

PostPosted: Thu 16 Mar 2017, 20:43    Post subject:  

Well most Puppy versions have an annoying habit of automatically turning on the wifi at start-up (on the eeePC, I call this the "Blue Light Special")... on a Reboot OK, there might be tinkering going on, but on start-up its not a good security idea to automatically connect to the internet. The end-user should define up/down not the OS. That makes me desire Dougal's Network Wizard... see what you can connect to before connecting to such offer.

Quite frankly, the more things one automates, the more likely one gets borked without knowing it.

Regards
8Geee

_________________
Linux user #498913
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15231
Location: Paradox Realm

PostPosted: Thu 16 Mar 2017, 21:44    Post subject:  

Ah good point @8geee
Cool

On my cheapo PC no wifi. So just added ethernet disconnect. Boot with ethernet cable disconnected. Seems like plan.

Remember GROWL is for fun. I don't encrypt (puppy can) I use gmail (insecure) and have javascript enabled.

Don't really use much of GROWL. I try to keep it simple enough to modify (mostly because I can barely program Embarassed )

... one thing I may do (any advantage?) in the future is add a random disconnect/connect from web - similar was used in Puli Puppy?

Another thing is bios security - anyone recommend a link?

Cool

_________________
YinYana AI Buddhism
Back to top
View user's profile Send private message Visit poster's website 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15231
Location: Paradox Realm

PostPosted: Tue 21 Mar 2017, 11:59    Post subject:  

Wot none of our rottweilers in tin hats got any concerns about BIOS hacks?

Tsk, tsk ... Surprised
Where are us conspirators, hard core sardine porn and Russian/Mouselims/Mexican rapists and worse gonna meet? Shocked

They iz on to us - run for the hills, lobsters and lesbians first ... Rolling Eyes

http://www.murga-linux.com/puppy/viewtopic.php?p=948053#948053

Here is the latest Beta GROWL code for Comrade Ivanka, Madam Putin, GCHQ and our local security kennel to laugh at. Embarassed

Code:

#! /bin/bash
#
# GROWL v2.03 March 2017 beta Monday - not release version
# Lobster
# Security enhancements, probes, online services and info for Puppy Linux
# thanks to Shadow, Linux Kodachi and Puppy yap dogs (security paranoids everywhere)

# New for 2.00 random eth0 disconnect, reconnect
#    htop process viewer, pswrd reset, ipinfodb probe, noc.to probe, webkay probe, GNU Privacy Guard, final thoughts
#    more anon proxies added,
#
# New for 1.9 Updated for Slacko64 Puppy - 6.3.2, Quick Start Help Button added, unblockweb.co proxy, Browser Paranoid Kit
# New for 1.8 bugs removed and non working DNS check hijack removed
# New for 1.7: DNS checker added
# New for 1.6: Updated for Puppy 5.3.1 'Slacko', Puppy Browser (Lucid specific) removed,
# browser run in safe mode, edit file added, update gtkdialog4, LastPass Password Manager,

####### not implemented ############

# <menuitem>
# <label>Temp Disable Firewall</label>
# <action>rxvt -e /etc/rc.d/rc.firewall stop</action>
# </menuitem>
# <menuitem>
# <label>Enable Firewall</label>
# <action>rxvt -fn *-Fixed-*-20-* -geometry 40x15+480+400 -C -bg orange -e /etc/rc.d/rc.firewall start ; sleep 10</action>
# </menuitem>

# <menuitem>
# <label>Activate EzTables Firewall</label>
# <action>rxvt -e /usr/sbin/fatdog-service-manager.sh</action>
# </menuitem>

export Grrr='
<window title="GROWL 2.03" window-position="1">
<vbox>
<menubar>
<menu> 
<menuitem>
<label>Quick DISCONNECT eth0</label>       
<action>ifconfig eth0 down &</action>
</menuitem>
<menuitem>
<label>Connect eth0</label>
<action>`Xdialog --wrap --screencenter --left --title "Connect eth0" --msgbox "Connect to eth0 when OK pressed \n check status bar bottom right" 600x0`</action>
<action>ifconfig eth0 up &</action>
</menuitem>   
<menuitem>
<label>Reset root password</label>
<action>passwd -d root 'test1' &</action>   
</menuitem>   
<menuitem>
<label>Run as spot</label>
<action>`Xdialog --wrap --screencenter --left --title "Run as spot" --msgbox "Run as Super User. \n SPOT" 600x0`</action>
<action>rxvt -e su spot &</action>
<action>exit</action>
</menuitem>
<menuitem>
<label>Browser Paranoid Kit</label>   
<action>`Xdialog --wrap --screencenter --left --title "install Paranoid Kit" --msgbox "Install Paranoid Kit. \n As super user SPOT" 600x0`</action>
<action>rxvt -e su spike &</action>           
<action>rxvt -e defaultbrowser https://addons.mozilla.org/en-GB/firefox/collections/theparadox/paranoia/ &</action>
<action>exit</action>
</menuitem>       
<menuitem>
<label>Run Browser securely</label>
<action>`Xdialog --wrap --screencenter --left --title "Run browser securely" --msgbox "Default browser will look plain whilst running securely. \n as super user SPOT" 600x0`</action>
<action>su spike -c&</action>
<action>seamonkey -safe-mode &</action>
</menuitem>
<menuitem>
<label>Encrypt a File: bycrypt</label>
<action>bcrypt_gui &</action>
</menuitem>
<menuitem>
<label>Ccrypt install</label>
<action>rxvt -e defaultbrowser http://puppylinux.org/wikka/ccrypt &</action>
</menuitem>
<menuitem>
<label>Enhanced Lock Screen</label>
<action>rm -f /root/.xlockrc</action>
<action>xmodmap -e "keycode 37="</action>
<action>xmodmap -e "keycode 109="</action>
<action>rxvt -e /usr/local/apps/Xlock/AppRun &</action>
<action>`Xdialog --wrap --screencenter --left --title "reactivating ctrl keys" --msgbox "reactivating ctrl keys. \n deactivated whilst using lockscreen" 600x0`</action>
<action>xmodmap -e "keycode 37=Control_L"</action>
<action>xmodmap -e "keycode 109=Control_R"</action>
</menuitem>
<menuitem>
<label>Remove Flash cookies</label>
<action>rm -rf /root/.macromedia</action>
<action>rm -rf /intrd/pup_rw/root/.macromedia/</action>
<action>`Xdialog --wrap --screencenter --left --title "Remove Flash cookies" --msgbox "Macromedia flash cookies removed" 600x0`</action>         
</menuitem>
<menuitem stock="gtk-quit">
<action>echo You selected the quit menu item</action>
<action type="exit">exit by menu</action>
</menuitem>
<label>Security</label>
</menu>
<menu>         
<menuitem>
<label>lsof process viewer</label>       
<action>rxvt -e lsof -i &</action>
</menuitem>
<menuitem>
<label>Htop process viewer</label>       
<action>rxvt -e htop &</action>
</menuitem>
<menuitem>
<label>Ipinfodb</label>
<action>defaultbrowser ipinfodb.com &</action>               
</menuitem> 
<menuitem>
<label>Noc.to</label>
<action>defaultbrowser noc.to &</action>               
</menuitem>
<menuitem>          
<label>Webkay</label>
<action>defaultbrowser webkay.robinlinus.com &</action>
</menuitem>
<menuitem>
<label>Shields Up</label>
<action>defaultbrowser https://www.grc.com/x/ne.dll?bh0bkyd2 &</action>
</menuitem>
<menuitem>
<label>DNS leak test</label>
<action>defaultbrowser https://www.dnsleaktest.com &</action>
</menuitem>         
<menuitem>
<label>Hackermode</label>
<action>defaultbrowser https://www.hackerwatch.org/probe/ &</action>               
</menuitem>
<label>Probes</label>
</menu>   
<menu>   
<menuitem>
<label>LastPass Password Manager</label>
<action>`Xdialog --wrap --screencenter --left --title "install LastPass" --msgbox "Install Encrypted Password Manager. \n As super user SPOT" 600x0`</action>
<action>rxvt -e su spike &</action>           
<action>rxvt -e defaultbrowser https://addons.mozilla.org/en-US/seamonkey/addon/lastpass-password-manager/ &</action>
<action>exit</action>
</menuitem>
<menuitem>          
<label>Photonmail</label>
<action>defaultbrowser https://protonmail.com/ &</action>
</menuitem>
<menuitem>          
<label>Curlmyip</label>
<action>defaultbrowser curlmyip.net &</action>
</menuitem>           
<menuitem>
<label>Run IRC Chat securely</label>
<action>`Xdialog --wrap --screencenter --left --title "Run IRC securely" --msgbox "Puppy is on freenode server. \n in #puppylinux Network super user SPOT" 600x0`</action>
<action>su spot -c defaultchat &</action>
</menuitem>
<menuitem>
<label>Last Password</label>
<action>defaultbrowser https://lastpass.com/ &</action>
</menuitem>
<menuitem>
<label>Ipleak</label>
<action>defaultbrowser https://ipleak.net/ &</action>
</menuitem>
<menuitem>
<label>Startpage Search</label>
<action>defaultbrowser https://www.startpage.com/ &</action>
</menuitem>
<menuitem>          
<label>Filterbypass proxy</label>
<action>defaultbrowser https://www.filterbypass.me &</action>
</menuitem> 
<menuitem> 
<label>Unblock Proxy</label>
<action>defaultbrowser https://unblockweb.co/ &</action>
</menuitem>
<menuitem>          
<label>Anonymouse proxy</label>
<action>defaultbrowser anonymouse.org &</action>
</menuitem>
<menuitem>
<label>Vpnbook proxy</label>
<action>defaultbrowser http://www.vpnbook.com/webproxy &</action>
</menuitem>
<menuitem>
<label>HideMe Proxy</label>
<action>defaultbrowser https://hide.me/en/proxy &</action>
</menuitem>       
<label>Services</label>
</menu>
<menu>       
<menuitem>          
<label>Puppy Security Discussions</label>
<action>defaultbrowser http://www.murga-linux.com/puppy/index.php?f=47&ppage=30&sort=lastpost&order=DESC &</action>
</menuitem>    
<menuitem>          
<label>About Flash Cookies</label>
<action>defaultbrowser http://www.murga-linux.com/puppy/viewtopic.php?p=340237#340237 &</action>
</menuitem>
<menuitem>
<label>Security Tips</label>
<action>defaultbrowser http://puppylinux.org/wikka/security &</action>
</menuitem>
<menuitem>
<label>Browser Security Add Ons</label>
<action>defaultbrowser https://addons.mozilla.org/en-GB/firefox/extensions/privacy-security/ &</action>
</menuitem>
<menuitem>
<label>ISP shaping traffic?</label>
<action>defaultbrowser http://broadband.mpi-sws.org/transparency/glasnost.php &</action>
</menuitem>
<menuitem>
<label>Spot, Fido, root</label>
<action>defaultbrowser file:///usr/share/doc/root.htm &</action>
</menuitem>
<menuitem>
<label>FAQ</label>
<action>`Xdialog --wrap --screencenter --left --title "FAQ" --msgbox "Lock screen - security protection level = low, suitable for young children, colleagues at work and Window users \n Load firewall - security protection level = high \n Run as spot, run browser as spot, run Puppy browser as spot - security protection level = high \n Encrypt a file bycrypt - security protection level = high \n Tip: Restart x server - flushes memory \n Tip: Use Encrypt save file if saving \n Tip: Make sure adblock is enabled (low) or install noscript (high security)" 600x0`</action>
</menuitem>
<menuitem>
<label>Honeynet Open Security info</label>
<action>defaultbrowser http://www.honeynet.org/about &</action>
</menuitem>
<menuitem>
<label>CIA Hacking info</label>
<action>defaultbrowser https://wikileaks.org/ciav7p1/cms/index.html &</action>
</menuitem>
<menuitem>         
<label>GNU Privacy Guard</label>
<action>`Xdialog --wrap --screencenter --left --title "GNU Privacy Guard" --msgbox "Install gnupg from the puppy installer \n GPG stands for GNU Privacy Guard. It is a key-based encryption method which means that a pair of keys is used to encrypt  \n and decrypt a message so that it arrives securely \n " 600x0`</action>
<action>defaultbrowser https://distrowatch.com/weekly.php?issue=20140407 &</action>
</menuitem> 
<menuitem>
<label>Install 64bit Tor Browser</label>
<action>defaultbrowser http://www.murga-linux.com/puppy/viewtopic.php?p=947972#947972 &</action>
</menuitem>   
<menuitem>
<label>Edit source</label>
<action>geany GROWL20 &</action>
</menuitem>
<menuitem>
<label>Build a tin hat</label>
<action>defaultbrowser http://zapatopi.net/afdb/ &</action>
</menuitem>
<menuitem>
<label>Credits</label>
<action>`Xdialog --wrap --screencenter --left --title "About" --msgbox "Growl v 2.0\nMarch 2017\nUpdated by Lobster" 600x0`</action>
</menuitem> 
<menuitem>
<label>Final thoughts ...</label>
<action>mplayer −novideo /root/puppy-reference/audio/goodluck.m4a &</action>
</menuitem>
<label>Help</label>
</menu>   
</menubar>
<frame>
<pixmap>
<input file>/usr/share/midi-icons/lock-screen48.png</input>
</pixmap>
<text><label>GROWL 2.0</label></text>
</frame>
<hbox>
<button help>
<action>`Xdialog --wrap --screencenter --left --title "'$(gettext 'GROWL - Quick Start Help')'" --msgbox "'$(gettext 'GROWL is a simple, open, configurable, Puppy Security Tool. \n\n Puppy Linux for the desktop, is more secure than Ios, Windows or Chrome OS \n\n GROWL is used for enhancing security, education, online services and probing ones set up. \n\n Lobster, March 2017')'" 600x0`</action>
</button>
<button cancel></button>
</hbox>
</vbox>
</window>'

gtkdialog4 --program Grrr
unset Grrr

_________________
YinYana AI Buddhism
Back to top
View user's profile Send private message Visit poster's website 
8Geee


Joined: 12 May 2008
Posts: 1103
Location: N.E. USA

PostPosted: Tue 21 Mar 2017, 23:52    Post subject:  

I would be concerned more about intel's back-door-on-a-CPU.
"Remote Managemwnt System" on newer i3,5,7 series.

The very scary link.

Wikipedia scary link.

_________________
Linux user #498913
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15231
Location: Paradox Realm

PostPosted: Wed 22 Mar 2017, 02:34    Post subject:  

8Geee wrote:
I would be concerned more about intel's back-door-on-a-CPU.
"Remote Management System" on newer i3,5,7 series.

The very scary link.

Wikipedia scary link.


Shocked I should be scared? Well I ain't! So there. Wink

Is there something similar in AMD chips? ARM? What are the Chinese cooking up? They have RISC processors experiments among others
https://www.nextplatform.com/2016/02/17/china-lays-the-chip-foundation-for-its-next-platform/

My feeling is recognizing insecurity and open security/transparency is far more helpful to my peace of mind.

The raspberry pi edition 1 had a very simplistic bios from what I remember.

... and now back to the worrying . . .

_________________
YinYana AI Buddhism
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 1 [11 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0688s ][ Queries: 11 (0.0055s) ][ GZIP on ]