Security Tutorials

Write tutorials for Linux Mint here
More tutorials on https://github.com/orgs/linuxmint/discu ... /tutorials and (archive) on https://community.linuxmint.com/tutorial
Forum rules
Don't add support questions to tutorials; start your own topic in the appropriate sub-forum instead. Before you post read forum rules
Previous1

Security Tutorials

Post by Previous1 »

Seems like the next best thing until we get a security forum. (Sticky?)

Keep in mind a general understanding of computers and Linux also helps with security. What helps you to understand your system also helps to understand your security.

Quick tips Specifics The Deep approach Far from encompassing but it should be a start.
User avatar
xenopeek
Level 25
Level 25
Posts: 29507
Joined: Wed Jul 06, 2011 3:58 am

Re: Security Tutorials

Post by xenopeek »

This is a good initiative Previous1! Stickied your post.

Some of my tips you link to are a bit dated. I'll revisit those and see if I can update them if needed, or add some more links :wink:
Image
viking777

Re: Security Tutorials

Post by viking777 »

Feb 13th 2014.

Linksys E1000, E1200, and E2400 router attacks.


If you have one of these routers you may/should want to read this link:

http://arstechnica.com/security/2014/02 ... g-malware/

These routers are being attacked with a self replicating worm (whose purpose is at present unknown).

The link above contains a simple shell command to test for the vulnerability. Also a comment at the end suggests that making sure you don't have 'Remote management' enabled in your router (or, if you must turn it on, at least have it locked down to access from specific machines only) is one way to combat the attack. I don't know enough to comment on the validity of that last statement, but it isn't a bad idea to check in your router management console to see what your situation is. I have done so and I don't even use a linksys router.
viking777

Re: Security Tutorials

Post by viking777 »

The Return Of Chrome (well Chromium actually)

I started using Chrome/chromium when it first appeared. I stopped using it at about version 21. I did so because by that time I had christened it "The browser that never fails - to fail". In all the time I used it the same pattern was repeated. It started out as the fastest browser you have ever seen. Then after a period of time it got to the point where it was so useless that it wouldn't even open its own home page
"Aw Snap - Something went wrong"
was all I got to see until I reinstalled it for the umpteenth time. It seemed to have this "Live fast and die young" attitude. Eventually you get tired of this behaviour and revert back to Firefox which, although undoubtedly slower, at least doesn't fail and need reinstalling every other week.

Just recently I have been forced into a rethink, and reluctantly, have reinstalled Chromium onto my pc (it is a different machine now so maybe that will make a difference - I don't know).

The reason is security, more specifically Sandboxing. Chromium has it and Firefox doesn't. If you don't understand what sandboxing is watch this video about it:

https://www.youtube.com/watch?feature=p ... 9e0CtgXZSI

Ah I hear you say, but sandboxing has already been cracked, it is almost a smoke and mirrors exercise. Well, you are right in the first part certainly as this will testify:

http://www.zdnet.com/pwn2own-down-go-al ... 000012283/

But if you read the end of that link you will see the following quote:
"Chrome is probably the most hard to attack because of the sandbox. The weakness in Chrome is Webkit and the strength is the sandbox. Probably one of the reasons Chrome is so secure is that the Google guys don't just fix vulnerabilities but they're proactive in fixing techniques and sandbox bypasses."
That comes from the CEO of the firm that cracked it and really that is a good enough reason for me to reinstall Chromium.

I have it running permanently in 'incognito' mode as well, although that part of it really is of very little value unless you have a publicly usable computer.

My complete and utter lack of trust in this browser means that I only intend to use it for internet banking, nothing else, for everything else I will use FF.

If you aren't already using Chrome/Chromium and security matters to you then it's sandboxing feature is a valid security tool which you may want to consider and one that FF does not have (yet). Even if, like me, you don't like the browser it may still be worth considering.
Blank Reg

Re: Security Tutorials

Post by Blank Reg »

viking777 wrote:Linksys E1000, E1200, and E2400 router attacks.
If you have one of these routers you may/should want to read this link:
There are a lot of vulnerable routers around. Recently a backdoor has been found in many Linksys, Sercom and Netgear DSL routers.

Models affected include: Linksys WAG120N, Netgear DG834B, Netgear DGN2000, Netgear WPNT834, OpenWAG200, Cisco RVS4000, Cisco WAP4410N, Cisco WRVS4400N, Diamond DSL642WLG, SerComm IP806Gx v2 TI, LevelOne WBR3460B, Linksys RVS4000, Linksys WAG120N, Linksys WAG160N, Linksys WAG200G, Linksys WAG320N, Linksys WAG54G2, Linksys WAG54GS, Linksys WRT350N v2, Linksys WRT300N, Netgear DGN1000, Netgear DGN2000B, Netgear DGN3500, Netgear DGND3300, Netgear DGND3300B v2, Netgear DM111P v2, Netgear JNR3210, and Netgear DG834∅/GB/N/PN/GT up to v5, and probably (unconfirmed) Linksys WAG160N, Netgear DG934 and Netgear WG602.

If your router has TCP port 32764 open (backdoor), you can block access to it using the following iptables rule at each reboot (please note, you won't be able to access web admin interface while the rule is in place):

Code: Select all

iptables -I INPUT 1 -p tcp --destination-port 32764 -j DROP
usbtux

Re: Security Tutorials

Post by usbtux »

I posted some videos for encryption on kde which work on MintKDE

File Encryption in KDE using Kgpg http://youtu.be/rh5ybaQ4Rms
Folder Encryption in KDE http://youtu.be/imjCZ3crBoU

Encrypted Home Partition/Folder KDE Debian http://youtu.be/zhDFoLjJfp4 not needed for MintKDE from install.

Cinnamon is a bit hit and miss, works some time some times not - Passwords and Keys (seahorse) works and you need to add nemo-seahorse to add encryption to the right click menu (YMMV)

hidden encrypted folders use Cryptkeeper available from synaptic/software manager

Encrypted cross platform containers = Trucrypt, Install TrueCrypt in Linux http://www.youtube.com/watch?v=_3vK2XsiDJQ
Last edited by usbtux on Mon Mar 03, 2014 4:05 pm, edited 1 time in total.
usbtux

Re: Security Tutorials

Post by usbtux »

PCLinuxOSMagazine Nov 2013 has some articles that may interest you. (http://www.pclinuxos.com/)

Encrypting Your Email In Thunderbird
Mailvelope OpenPGP Encryption For Webmail
Root Out Root Kits With rkhunter
Blocking Sites with adblock plus
KeePassX
Hand Of Thief Trojan
VinCenT_VeGa

Re: Security Tutorials

Post by VinCenT_VeGa »

Thanks guys, nice information!
Blank Reg

Re: Security Tutorials

Post by Blank Reg »

Not a tutorial, but relevant nonetheless: Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

A serious security flaw has been discovered in the GnuTLS library currently used in Debian, LMDE, Ubuntu, etc. All users should upgrade to version 3.2.12.
User avatar
xenopeek
Level 25
Level 25
Posts: 29507
Joined: Wed Jul 06, 2011 3:58 am

Re: Security Tutorials

Post by xenopeek »

Blank Reg wrote:All users should upgrade to version 3.2.12.
Nope. All users should upgrade to a patched version of their GnuLTS version, if they are using a version earlier than 3.2.12. On Linux Mint 13, 14, and 16 you will already have received a version of your GnuLTS version that patches CVE-2014-0092. See information on Ubuntu USN: http://www.ubuntu.com/usn/usn-2127-1/
Image
Blank Reg

Re: Security Tutorials

Post by Blank Reg »

At least in Debian testing and LMDE the current version is 3.2.11-1 which is not patched: http://metadata.ftp-master.debian.org/c ... _changelog (sid carries 3.2.11-2 which fixes CVE-2014-0092).
usbtux

Re: Security Tutorials

Post by usbtux »

Previous1

Re: Security Tutorials

Post by Previous1 »

Forum breaks the first link

Code: Select all

https://wiki.manjaro.org/index.php?title=Firefox_about:config_edits
User avatar
xenopeek
Level 25
Level 25
Posts: 29507
Joined: Wed Jul 06, 2011 3:58 am

Re: Security Tutorials

Post by xenopeek »

Fixed (just put it in a URL tag when you have complex URLs).
Image
User avatar
austin.texas
Level 20
Level 20
Posts: 12003
Joined: Tue Nov 17, 2009 3:57 pm
Location: at /home

Re: Security Tutorials

Post by austin.texas »

Heartbleed vulnerability detection

Chromebleed - an app for Google Chrome and chromium
Chromebleed uses a web service developed by Filippo Valsorda and checks the URL of the page you have just loaded. If it is affected by Heartbleed, then a Chrome notification will be displayed.
https://chrome.google.com/webstore/deta ... ggilajhpic

Or you can do the test manually with any browser
Heartbleed test
http://filippo.io/Heartbleed/
Mint 18.2 Cinnamon, Quad core AMD A8-3870 with Radeon HD Graphics 6550D, 8GB DDR3, Ralink RT2561/RT61 802.11g PCI
Linux Linx 2018
Previous1

Re: Security Tutorials

Post by Previous1 »

Additional Heartbleed links:
shengchieh wrote:For your reference, I added all the heartbleed links I know of. Post others that if you know of.
I know there are some links for mobile phones (not included in my website).

http://shengchieh.50webs.com/tuxslinks.html
-> Others
-> Security (see security at the top; includes Heartbleed links)
(about a page from the bottom - see the last handful of links)

Sheng-Chieh

p.s. You can also view the links for Privacy, Privacy Tools, & Patents - all near the bottom.
usbtux

Re: Security Tutorials

Post by usbtux »

usbtux wrote: Cinnamon is a bit hit and miss, works some time some times not - Passwords and Keys (seahorse) works and you need to add nemo-seahorse to add encryption to the right click menu (YMMV)
I'm now using Mint 17 Cinnamon and encryption via seahorse is working fine (for me)
ValerieCasady

Re: Security Tutorials

Post by ValerieCasady »

I will surely check these links! It's absolutely helpful.
mike acker
Level 7
Level 7
Posts: 1517
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Re: Security Tutorials

Post by mike acker »

usbtux wrote:PCLinuxOSMagazine Nov 2013 has some articles that may interest you. (http://www.pclinuxos.com/)

Encrypting Your Email In Thunderbird
Mailvelope OpenPGP Encryption For Webmail
Root Out Root Kits With rkhunter
Blocking Sites with adblock plus
KeePassX
Hand Of Thief Trojan
anyone on this forum wishing to learn Thunderbird/ENIGMAIL feel free to contact me: mike_acker@charter.net
the GnuPG dialog in Thuinderbird/ENIGMAIL makes working with PGP (GnuPG on Linux) a snap.
¡Viva la Resistencia!
Habitual

Re: Security Tutorials

Post by Habitual »

Locked

Return to “Tutorials”