Black Ops Puppy
- mysticmarks
- Posts: 159
- Joined: Tue 27 Feb 2007, 01:56
- Location: California
- Contact:
bop
not that i'e heard of anything about that thing we know nothing about, but i did have an idea. Say the folks who want this were to join forces with the tor pup crew. Just a conspiracy though.
- ttuuxxx
- Posts: 11171
- Joined: Sat 05 May 2007, 10:00
- Location: Ontario Canada,Sydney Australia
- Contact:
I'll try it in a few days, I'm in the middle of 4.2 stuff which has to come first
ttuuxxx
ttuuxxx
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
I suggest those individuals interested in testing think about virtual machines or a separate computer connected to the internet.
Please provide links to related or relevant projects.
ToDo list:
Create logo
Create initial wiki page
some interesting ideas here
http://paranoidlinux.org/
Please provide links to related or relevant projects.
ToDo list:
Create logo
Create initial wiki page
some interesting ideas here
http://paranoidlinux.org/
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
How to write a Linux virus in 5 easy steps
http://www.geekzone.co.nz/foobar/6229
http://www.geekzone.co.nz/foobar/6229
THis came out in distrowatch.
http://www.remote-exploit.org/backtrack.html
if we were to make a very evil puppy, i'd suggest this as a logo
Perhaps we can turn it into a Vectorial graphic
I'll help, and i am so good, that i am willing to run a extremely vulnerable system (as long as the other user doesn't delete my good puppy ¬¬) but i think that's not gonna happen. I guess. I'll backup. LOL.
Or this one, it looks paranoid !
http://www.remote-exploit.org/backtrack.html
if we were to make a very evil puppy, i'd suggest this as a logo
Perhaps we can turn it into a Vectorial graphic
I'll help, and i am so good, that i am willing to run a extremely vulnerable system (as long as the other user doesn't delete my good puppy ¬¬) but i think that's not gonna happen. I guess. I'll backup. LOL.
Or this one, it looks paranoid !
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
This will show your firewall settings from the command line
. . . now I have to have a lay down after being freaked out by the manic Puppy/syringe image
Yesterday I was playing 'Resident Evil' on the Wii
The red eyed Puppy is more scary . . .
Code: Select all
# iptables -L -n -v
Yesterday I was playing 'Resident Evil' on the Wii
The red eyed Puppy is more scary . . .
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Improve your Firefox security
http://www.linuxplanet.com/linuxplanet/reports/6682/1/
http://www.linuxplanet.com/linuxplanet/reports/6682/1/
How about this?
You download and install a must have pet package.
Did you examine the contents before installing it?
Lets just say that the pet includes code for setting up backgrounded remote access to puppy with no indication that it has happened.
Most users of puppy do not check out the validity of pet files as far as internals.
Is this a possibility?
Think about it?
You download and install a must have pet package.
Did you examine the contents before installing it?
Lets just say that the pet includes code for setting up backgrounded remote access to puppy with no indication that it has happened.
Most users of puppy do not check out the validity of pet files as far as internals.
Is this a possibility?
Think about it?
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Yes the pets can be a potential entry point - for now I have been downloading and install tarbal, pups and pets without any regard for
their potential abuse
Meanwhile - our firewall . . .
Is there any merit in adding these two options?
#47: Stop replying to pings
* Difficulty: Easy
* Application: sysctl
While ping is a very useful command for discovering network topology, the disadvantage is that it does just that, and makes it easier for hackers on the network to target live servers. But you can tell Linux to ignore all pings - the server simply won't respond. There are a number of ways to achieve this, but the best is to use sysctl. To turn off ping replies:
sysctl -w net.ipv4.icmp_echo_ignore_all=1
To turn it back on, again use:
sysctl -w net.ipv4.icmp_echo_ignore_all=0
If turning off ping is too severe for you, take a look at the next hack.
#48: Slow down ping rates
* Difficulty: Easy
* Application: sysctl
You may want to keep the ability to reply to pings, but protect yourself from a form of attack known as a 'ping flood'. So how can you manage such a feat? The easiest way is to slow down the rate at which the server replies to pings. They are still valid, but won't overload the server:
sysctl -w net.ipv4.icmp_echoreply_rate=10
This slows the rate at which replies are sent to a single address.
their potential abuse
Meanwhile - our firewall . . .
Is there any merit in adding these two options?
#47: Stop replying to pings
* Difficulty: Easy
* Application: sysctl
While ping is a very useful command for discovering network topology, the disadvantage is that it does just that, and makes it easier for hackers on the network to target live servers. But you can tell Linux to ignore all pings - the server simply won't respond. There are a number of ways to achieve this, but the best is to use sysctl. To turn off ping replies:
sysctl -w net.ipv4.icmp_echo_ignore_all=1
To turn it back on, again use:
sysctl -w net.ipv4.icmp_echo_ignore_all=0
If turning off ping is too severe for you, take a look at the next hack.
#48: Slow down ping rates
* Difficulty: Easy
* Application: sysctl
You may want to keep the ability to reply to pings, but protect yourself from a form of attack known as a 'ping flood'. So how can you manage such a feat? The easiest way is to slow down the rate at which the server replies to pings. They are still valid, but won't overload the server:
sysctl -w net.ipv4.icmp_echoreply_rate=10
This slows the rate at which replies are sent to a single address.
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
I am not sure if you can get the video prog in all areas . . . (14 March 2009)
http://news.bbc.co.uk/1/hi/programmes/click_online/
Basically the Click team bought an illegal robobot
and took over drone machines which they used to
1. Spam
2. do a DDOS (Denial of service attack)
3. warn the infected users
It was fascinating and taught me many things (I am no security expert)
First of all Windows machines are going to be targeted
and any exe program could be sent and activated remotely
One important point a DDOS attack needs as little as 60 simultaneous
accesses of a web site to slow it down and make it unusable
This may explain why the forum is slowing. I am sure as Puppy gets more popular we are receiving increased traffic . . .(that does not mean we are being attacked)
http://news.bbc.co.uk/1/hi/programmes/click_online/
Basically the Click team bought an illegal robobot
and took over drone machines which they used to
1. Spam
2. do a DDOS (Denial of service attack)
3. warn the infected users
It was fascinating and taught me many things (I am no security expert)
First of all Windows machines are going to be targeted
and any exe program could be sent and activated remotely
One important point a DDOS attack needs as little as 60 simultaneous
accesses of a web site to slow it down and make it unusable
This may explain why the forum is slowing. I am sure as Puppy gets more popular we are receiving increased traffic . . .(that does not mean we are being attacked)
Hi there.
this is worth looking at:
http://knoppix-std.org/tools.html
And here I found some interesting links:
http://murga-linux.com/puppy/viewtopic. ... 90&t=24431
A user thinks we should have available:
nmap, hping2, wireshark, nessus, metsploit, ettercap, firewalk, paros, john the ripper, burp, webscarab.
Hey lobster, do you by any chance know how to compile stuff? We won't get too far without that.
PD: I have figured a way for people not to find out the advances of BlackOps. Nono, it's not crypting, neither changing to another forum. What we will do is to continue posting here. Once we are on page 40, or maybe 50, noone will ever bother on watching We should spam a bit tho, to make it effective.
this is worth looking at:
http://knoppix-std.org/tools.html
And here I found some interesting links:
http://murga-linux.com/puppy/viewtopic. ... 90&t=24431
A user thinks we should have available:
nmap, hping2, wireshark, nessus, metsploit, ettercap, firewalk, paros, john the ripper, burp, webscarab.
Hey lobster, do you by any chance know how to compile stuff? We won't get too far without that.
PD: I have figured a way for people not to find out the advances of BlackOps. Nono, it's not crypting, neither changing to another forum. What we will do is to continue posting here. Once we are on page 40, or maybe 50, noone will ever bother on watching We should spam a bit tho, to make it effective.
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
I don't make a habit of it.Hey lobster, do you by any chance know how to compile stuff?
I think we need to know what vulnerabilities are likely and possible.
So far it seems the main issue is browsing to a site that uses javascript
or other means to access data, run a command etc.
In fact this is one area that makes the whole of web2
a security nightmare.
If we knew what vulnerabilities were likely possible we would be "hackers", that's what "hackers" know...Lobster wrote:I don't make a habit of it.Hey lobster, do you by any chance know how to compile stuff?
I think we need to know what vulnerabilities are likely and possible.
So far it seems the main issue is browsing to a site that uses javascript
or other means to access data, run a command etc.
In fact this is one area that makes the whole of web2
a security nightmare.
So, i'd cross that out if I were you.
I'll google it tho.
-
- Posts: 196
- Joined: Mon 28 Apr 2008, 00:50
- Pizzasgood
- Posts: 6183
- Joined: Wed 04 May 2005, 20:28
- Location: Knoxville, TN, USA
Just as unsafe, yup. The multiuser thing is really about protecting, guess what... multiple users! As in, there are some Linux and Unix servers at my college that I have to use for some of my assignments. There are thousands of other people who use them. It would be bad if I could delete their things, or if I caught a virus that infected all of them. So we all have to run as limited users who don't have the ability to do that. If I do something stupid and get a virus, it will only affect me, nobody else. It protects everybody else from me, and me from everybody.else. But it does nothing to protect me from myself.
Important point: Even if I was a limited user, if I were hacked, all of my own personal (possibly confidential) data would be at risk, along with my configuration options and what-not.
In Puppy, there is typically only one user on a given machine. Therefor, using a limited user wouldn't be protecting anybody at all. What it would do is protect the OS itself. If a person got hacked, his personal data would all be compromised, but the OS would have that extra layer of security.
With Puppy however, it is very easy to reinstall the OS. Additionally, I would not trust the multiuser to protect the OS anyway*, and would feel the need to reinstall the entire thing even if I saw no evidence of tampering (unless I had md5sums of all files, kept on a separate CD/DVD, so that I could verify that everything was fine). So it wouldn't save much time and effort.
On the other hand, running as a limited user would be inconvenient much of the time. That inconvenience is much more than the inconvenience of reinstalling Puppy, say, once a year. The average user will be hacked much less than once per year. Therefor, it's less hassle to just run as root.
*Just because you're a limited user doesn't mean the hacker cannot elevate himself to root. If you don't realize you've been hacked, he could find a way to trick you into giving him your root password. Or he could find a glitch to exploit. I read something recently about an old method that involved a way to dump an "error report" into a directory that Cron reads, causing the arbitrary code you placed in the "error report" to be executed as root the next time Cron reads it.
Important point: Even if I was a limited user, if I were hacked, all of my own personal (possibly confidential) data would be at risk, along with my configuration options and what-not.
In Puppy, there is typically only one user on a given machine. Therefor, using a limited user wouldn't be protecting anybody at all. What it would do is protect the OS itself. If a person got hacked, his personal data would all be compromised, but the OS would have that extra layer of security.
With Puppy however, it is very easy to reinstall the OS. Additionally, I would not trust the multiuser to protect the OS anyway*, and would feel the need to reinstall the entire thing even if I saw no evidence of tampering (unless I had md5sums of all files, kept on a separate CD/DVD, so that I could verify that everything was fine). So it wouldn't save much time and effort.
On the other hand, running as a limited user would be inconvenient much of the time. That inconvenience is much more than the inconvenience of reinstalling Puppy, say, once a year. The average user will be hacked much less than once per year. Therefor, it's less hassle to just run as root.
*Just because you're a limited user doesn't mean the hacker cannot elevate himself to root. If you don't realize you've been hacked, he could find a way to trick you into giving him your root password. Or he could find a glitch to exploit. I read something recently about an old method that involved a way to dump an "error report" into a directory that Cron reads, causing the arbitrary code you placed in the "error report" to be executed as root the next time Cron reads it.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]
[img]http://www.browserloadofcoolness.com/sig.png[/img]