Black Ops Puppy

[mysticmarks]

not that i'e heard of anything about that thing we know nothing about, but i did have an idea. Say the folks who want this were to join forces with the tor pup crew. Just a conspiracy though.

[ttuuxxx]

I'll try it in a few days, I'm in the middle of 4.2 stuff which has to come first
ttuuxxx

[Lobster]

I suggest those individuals interested in testing think about virtual machines or a separate computer connected to the internet.

Please provide links to related or relevant projects.

ToDo list:
Create logo
Create initial wiki page

some interesting ideas here
http://paranoidlinux.org/

[Lobster]

How to write a Linux virus in 5 easy steps
http://www.geekzone.co.nz/foobar/6229

[droope]

THis came out in distrowatch.

http://www.remote-exploit.org/backtrack.html

if we were to make a very evil puppy, i'd suggest this as a logo



Perhaps we can turn it into a Vectorial graphic


I'll help, and i am so good, that i am willing to run a extremely vulnerable system (as long as the other user doesn't delete my good puppy ¬¬) but i think that's not gonna happen. I guess. I'll backup. LOL.

Or this one, it looks paranoid !

[Lobster]

This will show your firewall settings from the command line

Code: Select all

# iptables -L -n -v

. . . now I have to have a lay down after being freaked out by the manic Puppy/syringe image
Yesterday I was playing 'Resident Evil' on the Wii
The red eyed Puppy is more scary . . .

[Lobster]

Improve your Firefox security
http://www.linuxplanet.com/linuxplanet/reports/6682/1/

[8-bit]

How about this?
You download and install a must have pet package.
Did you examine the contents before installing it?
Lets just say that the pet includes code for setting up backgrounded remote access to puppy with no indication that it has happened.
Most users of puppy do not check out the validity of pet files as far as internals.
Is this a possibility?
Think about it?

[Lobster]

Yes the pets can be a potential entry point - for now I have been downloading and install tarbal, pups and pets without any regard for
their potential abuse

Meanwhile - our firewall . . .
Is there any merit in adding these two options?

#47: Stop replying to pings

* Difficulty: Easy
* Application: sysctl

While ping is a very useful command for discovering network topology, the disadvantage is that it does just that, and makes it easier for hackers on the network to target live servers. But you can tell Linux to ignore all pings - the server simply won't respond. There are a number of ways to achieve this, but the best is to use sysctl. To turn off ping replies:

sysctl -w net.ipv4.icmp_echo_ignore_all=1

To turn it back on, again use:

sysctl -w net.ipv4.icmp_echo_ignore_all=0

If turning off ping is too severe for you, take a look at the next hack.


#48: Slow down ping rates

* Difficulty: Easy
* Application: sysctl

You may want to keep the ability to reply to pings, but protect yourself from a form of attack known as a 'ping flood'. So how can you manage such a feat? The easiest way is to slow down the rate at which the server replies to pings. They are still valid, but won't overload the server:

sysctl -w net.ipv4.icmp_echoreply_rate=10

This slows the rate at which replies are sent to a single address.

[Lobster]

I am not sure if you can get the video prog in all areas . . . (14 March 2009)
http://news.bbc.co.uk/1/hi/programmes/click_online/

Basically the Click team bought an illegal robobot
and took over drone machines which they used to
1. Spam
2. do a DDOS (Denial of service attack)
3. warn the infected users

It was fascinating and taught me many things (I am no security expert)

First of all Windows machines are going to be targeted
and any exe program could be sent and activated remotely
One important point a DDOS attack needs as little as 60 simultaneous
accesses of a web site to slow it down and make it unusable

This may explain why the forum is slowing. I am sure as Puppy gets more popular we are receiving increased traffic . . .(that does not mean we are being attacked)

[droope]

Hi there.

this is worth looking at:
http://knoppix-std.org/tools.html


And here I found some interesting links:
http://murga-linux.com/puppy/viewtopic. ... 90&t=24431

A user thinks we should have available:

nmap, hping2, wireshark, nessus, metsploit, ettercap, firewalk, paros, john the ripper, burp, webscarab.

Hey lobster, do you by any chance know how to compile stuff? We won't get too far without that.

PD: I have figured a way for people not to find out the advances of BlackOps. Nono, it's not crypting, neither changing to another forum. What we will do is to continue posting here. Once we are on page 40, or maybe 50, noone will ever bother on watching We should spam a bit tho, to make it effective.

[Lobster]

Hey lobster, do you by any chance know how to compile stuff?

I don't make a habit of it.

I think we need to know what vulnerabilities are likely and possible.
So far it seems the main issue is browsing to a site that uses javascript
or other means to access data, run a command etc.
In fact this is one area that makes the whole of web2
a security nightmare.

[droope]

Hey lobster, do you by any chance know how to compile stuff?

I don't make a habit of it.

I think we need to know what vulnerabilities are likely and possible.
So far it seems the main issue is browsing to a site that uses javascript
or other means to access data, run a command etc.
In fact this is one area that makes the whole of web2
a security nightmare.

If we knew what vulnerabilities were likely possible we would be "hackers", that's what "hackers" know...

So, i'd cross that out if I were you.

I'll google it tho.

[droope]

Look, this seems interesting:

http://searchenterpriselinux.techtarget ... 86,00.html

[Lobster]

more info
http://www.yolinux.com/TUTORIALS/LinuxT ... urity.html

[puppyluvr]

Hey Ed, IDK where right now, but Pizzasgood did a whole thing about how to hack Linux in another thread...It was scary...LOL..I suggested he delete it.....

[jamesjeffries2]

one thing I always wondered about puppy is that surely the user system used by most linux distributions is partially for security? is this true? could this be a possible security issue in puppy?

EDIT - by user system i mean the users and login managers etc

[droope]

Don't worry, your private information is just as safe in puppy as it would be in any other linux

[Pizzasgood]

Just as unsafe, yup. The multiuser thing is really about protecting, guess what... multiple users! As in, there are some Linux and Unix servers at my college that I have to use for some of my assignments. There are thousands of other people who use them. It would be bad if I could delete their things, or if I caught a virus that infected all of them. So we all have to run as limited users who don't have the ability to do that. If I do something stupid and get a virus, it will only affect me, nobody else. It protects everybody else from me, and me from everybody.else. But it does nothing to protect me from myself.

Important point: Even if I was a limited user, if I were hacked, all of my own personal (possibly confidential) data would be at risk, along with my configuration options and what-not.

In Puppy, there is typically only one user on a given machine. Therefor, using a limited user wouldn't be protecting anybody at all. What it would do is protect the OS itself. If a person got hacked, his personal data would all be compromised, but the OS would have that extra layer of security.

With Puppy however, it is very easy to reinstall the OS. Additionally, I would not trust the multiuser to protect the OS anyway*, and would feel the need to reinstall the entire thing even if I saw no evidence of tampering (unless I had md5sums of all files, kept on a separate CD/DVD, so that I could verify that everything was fine). So it wouldn't save much time and effort.

On the other hand, running as a limited user would be inconvenient much of the time. That inconvenience is much more than the inconvenience of reinstalling Puppy, say, once a year. The average user will be hacked much less than once per year. Therefor, it's less hassle to just run as root.


*Just because you're a limited user doesn't mean the hacker cannot elevate himself to root. If you don't realize you've been hacked, he could find a way to trick you into giving him your root password. Or he could find a glitch to exploit. I read something recently about an old method that involved a way to dump an "error report" into a directory that Cron reads, causing the arbitrary code you placed in the "error report" to be executed as root the next time Cron reads it.

[droope]

Just as unsafe, yup.

Shhh