Security Resources/Tutorials?

[Gualicho32]

I'm looking for linux security tutorials/courses that are dedicated to guarding against hacker intrusions, and finding and removing stealth rootkits; hopefully simplified and fairly straightforward. Does anybody have some good links on this subject? Thanks.

[Pjotr]

You might find this article of mine interesting:
https://easylinuxtipsproject.blogspot.c ... urity.html

[Gualicho32]

You might find this article of mine interesting:
https://easylinuxtipsproject.blogspot.c ... urity.html

I appreciate you taking the time to respond. That was some good information, thanks.

While searching for intrusion detection systems (abbr. "IDS"), I stumbled across this article:

https://www.comparitech.com/net-admin/n ... ion-tools/

The "Solar Winds" sounds pretty cool, but it's a Windows Only program unfortunately. What are your thoughts about this list, Pjotr? And which FOSS programs do you think would work best together on Linux? When you have the time, maybe consider writing an entry dedicated to this topic in your blog? I noticed that you strongly advised against "RKHunter" and similar type programs on there because you believe it actually gives attackers more to work with. I'm still very ignorant on all this, so forgive me if I seem a bit presumptuous or like I'm not listening intently, or appear like I have poor reading comprehension skills (I am indeed paying attention). I'm just hopeful of finding more tools that will further augment and simplify the threat detection process. Not all of us are coding wizards.

[Pjotr]

I'm just hopeful of finding more tools that will further augment and simplify the threat detection process.

You don't need them for desktop Linux. Perhaps stuff like that can be useful in the poisonous and heavily infected Windows ecosystem, but you've escaped from that.

Relax, you're running Linux.

[Gualicho32]

You mentioned the importance of being highly selective of which Firefox Add-ons to trust. What is your opinion of Ghostery, Ublock Origin, and Noscript?

[Pjotr]

You mentioned the importance of being highly selective of which Firefox Add-ons to trust. What is your opinion of Ghostery, Ublock Origin, and Noscript?

All three are of good repute. But personally, of those three I only install uBlock Origin. Not invasive, not talkative and just works.

I often run my Firefox and Chrome in the sandbox of Firejail. My Firefox has been configured to dump all history and cookies upon closing. I use Startpage.com as search engine (I love its "Anonymous View" option). That's about it, more or less....

[catweazel]

You mentioned the importance of being highly selective of which Firefox Add-ons to trust. What is your opinion of Ghostery, Ublock Origin, and Noscript?

NoScript is a real pain, and bug-riddled. I installed it yesterday to deal with one site but it affects all sites. It has an option to set global defaults but it doesn't honour those defaults and sets hard restrictions anyway, forcing you to have to set up each and every site that you visit. I uninstalled it this morning. Both ghostery and Ublock work as advertised.

On script blockers in general, all of those that I've tested result in broken pages. For example, titles and headings might all appear at the top of the page, text in the middle, and all images at the bottom, which makes the pages unusable.

[BG405]

My Firefox has been configured to dump all history and cookies upon closing.

I'd like to ask: How does clearing your browser {u}history[/u] help in any way, shape or form, even with browser issues? I totally rely on it; it's a subsitute for my lack of inbuilt (human, if I can call it that) memory & is also synced. I've seen mention of deleting browser history on a number of occasions on this Forum, but what does that really achieve?

Personally I've set mine to remember for 36525 days .. far longer than I'm likely to be around for, but it's a record for me which I can refer to; for me it is the same as deleting all the bookmarks and subscribtions to topics on this Forum. it is a bit like burning your diaries and I don't understand why preserving browser history could impact current usage as, AFAIK, it isn't accessible to outside (Web-based) sources i.e. the likes of Google, unless you somehow allow that in some way.

[Gualicho32]

Pjotr, two things...regarding the "Improve the settings for installing software1.2.1." section of "10 Things To Do First in Linux Mint 19.1 Xfce", when I input "sudo sed -i 's/false/true/g' /etc/apt/apt.conf.d/00recommends" into the terminal following the previous step, nothing seems to happen. What is the cause of this?

Also, when I tried encapsulating/integrating(sandboxing) Firefox into Firejail, a Firefox window suddenly opened on its own (nothing but a blank field of white inside it), and I got this weird dialogue in the terminal:

"Reading profile /etc/firejail/firefox.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Parent pid 2190, child pid 2191
Blacklist violations are logged to syslog
Child process initialized in 260.16 ms"

After I tried closing the Firefox Window some minutes later after seeing no visible activity, I tried "firejail --tree",and I got this:

"[Parent 7, Gecko_IOThread] WARNING: pipe error (71): Connection reset by peer: file /build/firefox-z7Op23/firefox-66.0.2+linuxmint1+tessa/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 357
[Parent 7, Gecko_IOThread] WARNING: pipe error (70): Connection reset by peer: file /build/firefox-z7Op23/firefox-66.0.2+linuxmint1+tessa/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 357"



Some help, please.

[Pjotr]

My Firefox has been configured to dump all history and cookies upon closing.

I'd like to ask: How does clearing your browser {u}history[/u] help in any way, shape or form, even with browser issues? I totally rely on it; it's a subsitute for my lack of inbuilt (human, if I can call it that) memory & is also synced. I've seen mention of deleting browser history on a number of occasions on this Forum, but what does that really achieve?

Personally I've set mine to remember for 36525 days .. far longer than I'm likely to be around for, but it's a record for me which I can refer to; for me it is the same as deleting all the bookmarks and subscribtions to topics on this Forum. it is a bit like burning your diaries and I don't understand why preserving browser history could impact current usage as, AFAIK, it isn't accessible to outside (Web-based) sources i.e. the likes of Google, unless you somehow allow that in some way.

Privacy protection (do you ever lend your computer to someone else for a while?) and keeping Firefox as "mean and lean" as possible.

[Pjotr]

Pjotr, two things...regarding the "Improve the settings for installing software1.2.1." section of "10 Things To Do First in Linux Mint 19.1 Xfce", when I input "sudo sed -i 's/false/true/g' /etc/apt/apt.conf.d/00recommends" into the terminal following the previous step, nothing seems to happen. What is the cause of this?

That's normal. The change has been applied, without feedback.

Also, when I tried encapsulating/integrating(sandboxing) Firefox into Firejail, a Firefox window suddenly opened on its own (nothing but a blank field of white inside it)

I assume you skipped this:
https://easylinuxtipsproject.blogspot.c ... html#ID2.1
(item 2.1)

[BG405]

Privacy protection (do you ever lend your computer to someone else for a while?)

Good point but I wouldn't lend a machine with anything personal on it to someone I don't trust well enough. I'd remove my profile for a start, for later reinstatement.

My mate (who I've known for nearly 30 years .. and who now lodges here) has one of my machines to learn on (it's in his room & I'm currently upgrading it, via SSH), but he has his own account; in any case I don't really care if my history is accessible to others. Others may differ, though. I don't store e.g. banking login credentials on my machines.

keeping Firefox as "mean and lean" as possible

He's currently using Firefox as Waterfox needs an upgrade on that machine, but when that's done (it takes a while, I'll do it when we get back after a drink) it'll be synced, meaning I can send tabs he may be interested in, also we can both access each others' history which is handy sometimes. FF is not synced as it would remove my essential add-ons.

For me, there are currently approx. a couple of dozen tabs active & a few hundred not loaded. I'm not exactly a lean user of browsers; however, performance is still very good IMHO, despite the hardware limitations. I do have to put up with some swapping but it's no biggie.