[[HomePage]] > [[ComponentHowTo Components and HowTos]] {{image width="48" height="48" url="http://img814.imageshack.us/img814/5626/logowoof4.png" title="text" alt="text"}} --- ~Security includes protection from data loss, data theft and data corruption. ==Security Precautions== - Adobe Flash Player may pose too high a risk for some users - either disable it or configure the Web browser to restrict its use - //never// open e-mail attachments from strangers; delete them instead - renew the default system password using the [[passwd]] utility - activate the software firewall ([[http://www.murga-linux.com/puppy/viewtopic.php?t=66966 discussion]]): //Menu > Setup > Linux-Firewall Wizard// - use the latest available versions of file-system tools: [[bzip2]], [[dosfstools]], [[e2fsprogs]], [[grep]], [[ntfs3g]], [[tar]], [[xz]] - use the latest available versions of cryptography libraries: [[gnutls]], [[libgcrypt]], [[openssl]] - use the latest available version of Web browsers: SeaMonkey, [[Firefox]] - use the latest available version of [[FlashPlayer Adobe Flash Player]] (if it is used) - use a PuppyVersion with a recent Linux kernel version - use [[encryption]] - SecureErase - always have a minimum of three identical versions of valuable or important files on physically //separate// media - disable ""JavaScript"" within the Web browser (with a subsequent loss in Web-page functionality) - perform virus detection: ClamAV ==References== [[http://www.osnews.com/story/21901/Adobe_s_Flash_Flawed_Time_to_Do_Without_/ Potential Flash point]] http://www.builderau.com.au/program/linux [[http://www.murga-linux.com/puppy/index.php?f=47 Security forum thread]] [[http://www.seifried.org/security/index.php/Linux_Security Linux Security]] [[http://csrc.nist.gov/publications/history/ Security History]] [[http://tldp.org/HOWTO/Security-Quickstart-HOWTO/ Linux security Howto]] [[http://www.sans.org/top20/top10.php 10 tips]] [[http://www.heise.de/tp/r4/artikel/5/5263/1.html NSA in Windows]] [[http://www.sans.org/top-cyber-security-risks/ Top Cyber Security Risks]] [[http://www.lonerunners.net/blog/archives/722-My-Top-10-Security-Live-CD.html Live Linux CD for security]] [[http://www.makeuseof.com/tag/how-to-password-protect-grub-entries-linux/ Password protect GRUB]] [[http://group51.org group51.org]] http://www.murga-linux.com/puppy/viewtopic.php?p=405903 http://sectools.org/index.html http://www.virustotal.com/ http://www.cryptoheaven.com/ http://epic.org/privacy/tools.html http://news.cnet.com/8301-13880_3-20010350-68.html?tag=mncol;mlt_related http://murga-linux.com/puppy/viewtopic.php?t=41146 ===Appendix=== Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit told the hearing that he uses two rules to protect himself from cyber-criminals when banking online. The first rule, he said, was to never click on hyperlinks to the banking site and the second was to avoid Microsoft Windows: 'If you are using the internet for a commercial transaction, use a Linux boot up disk - such as Ubuntu or some of the other flavours. **Puppy Linux** is a nice small distribution that boots up fairly quickly. It gives you an operating system which is perfectly clean and operates only in the memory of the computer and is a perfectly safe way of doing Internet banking'. [[http://www.itnews.com.au/News/157767,nsw-police-dont-use-windows-for-internet-banking.aspx Source]] __{{color text="Security set-up for Puppy 2.16" c="green"}}__ 1 Open console type 'passwd'. enter your new password twice. 2 Run 'lock' on desktop and enter password from step 1 *you may want to select 'blank' from the config to save on processor usage 3 edit /etc/inittab to look like this: %%::sysinit:/etc/rc.d/rc.sysinit tty1::respawn:/sbin/getty 38400 tty1 tty2::respawn:/sbin/getty 38400 tty2 ::ctrlaltdel:/sbin/reboot%% *this keeps someone from killing lock with ctrl+alt+backspace and logging back in automatically and also gives the option on bootup to enter 'root' and 'password'. __{{color text="Create Password" c="green"}}__ Boot Puppy ctrl+alt+F2 (because my eyes are going and this is easier to read than in a console) " puppypc login :root Password : well known and published password #passwd Changing password for root New password : a new and unpublished password Retype password : a new and unpublished password Password for root changed by root " ctrl+alt+F3 (back to GUI)(F4 for some puppies) Open terminal and type: passwd Create a user to run applications. Open terminal and type: cd / && mkdir home Think of your new user name and then type in console: cd /home && mkdir ""YourNickHere"" Now copy these files to /home/""YourNickHere"" .bashrc, .fonts.cache-1, .gtkrc-2.0, .gtkrc.mine, .Xdefaults, .Xresources Open terminal and type: adduser ""YourNickHere"" Run applications as ""YourNickHere"" by typing su -c application ""YourNickHere"" example: su -c gaim ""YourNickHere"" Make applications run as ""YourNickHere"" by default: Edit application launchers to resemble this, su -c application ""YourNickHere"" Puppy has a personal wiki called ""DidiWiki"", with its own inbuilt HTTP server, so is accessed from a web browser, either locally or over a network/Internet. What we do in this case is run ""DidiWiki"" as user "spot". We can run an individual server application as a restricted non-root user, even though you yourself are still logged in as root. ==Also on the Wiki== ~[[AttackPup]] - Puppy for network testing ~[[PenetrationTesting penetration testing]] - network testing ~[[Privacy]] - Keeping your information private ~[[WatchDog]] - Puppy for securing your home ==Related Webpages== ~[[http://bkhome.org/blog/?viewDetailed=02241 Fido on Barry's blog]] ~[[http://murga-linux.com/puppy/viewtopic.php?p=335216#335216 Puppy GROWL thread]] ~[[http://youtu.be/_uZ_qZgOwg4 Lobster security podcast]] ~[[http://www.murga-linux.com/puppy/viewtopic.php?p=633797#633797 tallboy perspective]] ---- ==Categories== CategorySecurity CategoryTutorial