Upload
eon01
View
2.115
Download
1
Embed Size (px)
DESCRIPTION
A complete guide to secure your Linux distribution and Internet , web and wireless connection . This presentation contains a description of many open source and free tools and security tips .
Citation preview
Linux / Internet Security
Aymen [email protected]
Social Innovation In A Digital Context
Mars - 2013
Distros focused on computer security
Astaro Security Appliance BackTrack Linux IPFire Lightweight Portable Security Live Hacking DVD Etc ..
Security Distros : Astaro Security Appliance
Formerly known as Astaro Security Linux .
The Astaro Security Appliances come in three flavors: Hardware, software and virtual.
In the virtual appliance category, Astaro offers appliances built specifically for network security, mail security, Web security and Web application security.
VMware Ready certfication.
Configurable firewall, intrusion protection, DoS attack protection, NAT tools, VPN, IPSec Remote Access, LDAP authentication integration, and bandwidth control.
Sophos recently acquired Astaro .
Sophos boasts over 100 million worldwide business users in more than 150 countries.
Security Distros : BackTrack Linux
The highest rated and most acclaimed Linux security distribution.
Not a business desktop or server system but is a securityoriented system built solely for the purpose of network and computer penetration testing.
Specialized to assist security professionals in performing security audits on target networks.
You don't have to be a seasoned security professional to use it .
Security Distros : IPFire
Firewall distribution that is small, highly secure and easy to use.
The Pakfire system (package system) is unique to IPFire
Delivers updates and packages via encrypted transfer and digital signatures.
Easy addon installation : Samba, NFS, mail services, antivirus, multimedia applications, VoIP applications, intrusion detection, network tools, security tools, backup tools ..etc
Security Distros : Lightweight Portable Security
Boots a thin Linux system from a CD or USB flash drive.
It isn't meant to be run from a local hard disk.
Public, generalpurpose Web browsing and Allows no traces of activity or browsing history.
Provides secure browsing during banking transactions or other securitysensitive sessions.
Security Distros : Live Hacking DVD
An ethical hacker's playground (workbench). Fully graphical desktop interface (GNOME) Most of the hacker tools are command
line(CD version) . You can use an old Pentium III or IV class
system and as little as 512 MB RAM.
CalmAV - Anti-Virus
ClamAV can detect viruses and move any infected files into a quarantined folder
CalmAV don't remove them from files. Can be used from terminal Two modes of operation: a program that loads into
memory only when you want to scan a file, or a daemon (clamavdaemon) that is always running.
This speeds up virus scanning as the program is always in memory.
Nixory - Antispyware Free and open source antispyware Malicious tracking cookies from browser. Mozilla Firefox, Internet Explorer and Google
Chrome. It runs on all OS, including Windows, Linux and
MacOSX.
BotHunter - Botnet Diagnosis System
Networkbased botnet diagnosis system . Tracks the twoway communication flows
between your personal computer and the Internet.
Available for Linux and Unix but now they have released a Private Test Release and a PreRelease for Windows.
BotHunter2Web.pl : an addon allows BotHunter to profile infections into web pages .
UFW – Uncomplicated Firewall
Command line program that helps manage the netfilter iptables firewall.
Few simple commands to manage iptables. Gufw is a graphical interface. Very intuitive and easy to manage your
iptables firewall using Gufw. Gufw needs Python, GTK and ufw. Example : sudo ufw allow ssh/tcp
BleachBit - Work Session Wiping
Frees disk space and guards privacy. Free cache, delete cookies, clear Internet
history, shred temporary files, delete logs, and discard junk .
Firefox, Internet Explorer, Adobe Flash, Google Chrome, Opera, Safari,and more.
Shred files to prevent recovery Wipe free disk space to hide traces of files
deleted by other applications, Makes Firefox faster .
Ddrescue – Data Recovery
ddrescue (gddrescue) is a data recovery tool that copies data from a file or hardware device that contains data to another place, making every effort to rescue data in the event of read errors.
With two or more damaged copies of a file (or CD, DVD, etc) ddrescue should be able to reconstruct a complete and errorfree file.
Foremost – File recovery
Commandline tool Recover files (fat, ext3 and NTFS). Live cd. Recover files from an image of the drive, or
from the drive directly. Assuming the lost files are on hda, you need
to create a writeable directory on another drive where you can put the recovered files
Shred - Secure File Removal
Deleting a file (rm) or reformatting a disk does not destroy your sensitive data.
Command line Destroy files so that their contents are very
difficult or impossible to recover. shred accomplishes its destruction by
repeatedly overwriting files with data patterns designed to do maximum damage
Difficult to recover data even using highsensitivity data recovery equipment .
TrueCrypt - Secure File Storage
Free opensource disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux
There are two types of TrueCrypt volumes: Filehosted (container) Partition/devicehosted
TrueCrypt volumes can be encrypted using 8 algorithms: AES , Serpent , Twofish ..etc
Ecryptfs – File System Encryption
Package of disk encryption software for Linux. Filesystemlevel encryption / full disk encryption. Stores cryptographic metadata in the header of
each file encrypted files can be copied between →hosts .
Widely used, as the basis for Ubuntu's Encrypted Home Directory.
Natively within Google's ChromeOST Transparently embedded in several network
attached storage (NAS) devices.
Pidgin with OTR - Secure Instant Messaging
Private conversations over instant messaging by providing:
Encryption : No one else can read your instant messages.
Authentication : You are assured the correspondent is who you think it is.
Deniability : During a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
Perfect forward secrecy : If you lose control of your private keys, no previous conversation is compromised.
Thunderbird with Enigmail and GPG - Secure Email Client
Mozilla Thunderbird (Mail client). Enigmail (Thunderbird Module) . GnuPG (public key encryption program) Generate and manage the key pairs to be
used in encrypting and decrypting messages, Keep your email communications private and
secure.
Firefox with add-ons - Secure Web Browser
Stabilty / Security Protection from potentially dangerous
programs and malicious web sites . Wipe any traces. Beef Taco, GoogleSharing , HTTPS
Everywhere , Ghoestry .. etc
TOR - Anonymity Online
Free/OS software and an open network . Defend against traffic analysis :
Surveillance , confidential business activities, and state security .
Tails : Live CD/USB . Orbot : For Google Android devices. Tor Browser . Obfsproxy : attempts to circumvent
censorship.
KeePass - Secure Password Storage
Save all your passwords in one convenient and secure database.
Create and store many strong passwords without having to remember them
External device or USB memory stick, and portable tools are safer than the computer →Portable KeyPass version .
Secure Passwords
Long Complex Practicle Not personal Secret Unique Fresh
Secure Passwords
Don't use all numbers or all letters. Avoid reusing or recycling old passwords. Change at regular intervals. Change all vendor default passwords. Eliminate or lock shareduser accounts. Avoid : Dictionary words, letter or number
sequences, usernames, relative or pet names, romantic links (current or past), or biographical information.
Secure Passwords
Entropy Definition : In information theory, entropy is a measure of the uncertainty in a random variable. In this context, the term usually refers to the Shannon entropy, which quantifies the expected value of the information contained in a message.
It is usual in the computer industry to specify password strength in terms of information entropy, measured in bits
Secure Passwords
A password with 42 bits of strength would require 242 attempts to exhaust all possibilities during a brute force search .
Adding one bit of entropy to a password doubles the number of guesses required .
RootKit Scanner - RootKit Detection
A rootkit is a stealthy type of software, often malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.
Rootkit scanner is scanning tool to ensure you you're clean of nasty tools.
This tool scans for rootkits, backdoors and local exploits by running tests .
Secure Wirless Home Network
Enable encryption on your access point (128bit encryption or higher | WEP/WPA/WPA2 )
Set the router access password . Change the Service Set Identifier (the
network name or "SSID") from the default to something unique.
Enable MAC Address filtering. Disable remote login. Disable wireless administrating.
Sppedometer - Monitoring Bandwidth
Display and measure the rate of data across a network connection .
Monitors network interfaces (upload & download) and your file system.
System Log Viewer - Viewing Logs
System Log Viewer is a graphical, menudriven viewer to view and monitor system logs.
Easier, more userfriendly display of your logs .
Live view that automatically refreshes (Xorg , auth,bot,boot.log,bootstrap.log,btmp, daemon.log,debug,dmesg,dpkg,fontconfig, jockey,kern,lpr,mail.err,mail.info .. and many other log files)
Physical Security
Computer locks . Boot Loader Security (password for
LILO/GRUB). Locking (xlock,vlock) . Security of local devices (eg:webcams) USB Stocks / External Hardrive encryption .
●https://securityinabox.org/en●http://www.serverwatch.com/server-trends/10-secure-linux-distributions-you-need-know-about.html●https://securityinabox.org/en/keepass_portable●http://www.truecrypt.org/docs/?s=version-history●http://www.linuxlinks.com/article/20100226123455346/ddrescue.html●http://www.ubuntugeek.com/tools-to-delete-files-securely-in-ubuntu-linux.html●http://bleachbit.sourceforge.net/●http://www.cypherpunks.ca/otr/●https://www.torproject.org/●https://www.computerworld.com/s/article/82883/Secrets_to_the_best_passwords●https://en.wikipedia.org/wiki/Information_entropy●https://en.wikipedia.org/wiki/Password_strength●http://ecryptfs.org/about.html●http://linuxaria.com/article/free-open-source-rootkit-and-malware-detection-tools?lang=en&utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+Linuxaria_En+%28Linuxaria%C2%BB+English%29●http://linuxaria.com/article/monitor-your-bandwidth-from-the-linux-shell?lang=en
Webography
Linux / Internet Security
Thanks ..
Aymen [email protected]
twitter.com/eon01
Creative Commons License Linux / Internet Security by Aymen Amri is licensed under a Creative Commons Attribution
NonCommercialShareAlike 3.0 Unported License.