/os/ - Online Security

News, techniques and methods for computer network security.

Boards | Catalog | Bottom

Check to confirm you're not a robot
Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096


Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.


Meta Thread Endwall 07/12/2016 (Tue) 12:03:36 [Preview] No. 171 [Reply] [Last 50 Posts]
Post any comments, concerns, or requests for the board in this thread.
Edited last time by Endwall on 07/12/2016 (Tue) 12:15:00.
24 posts and 6 images omitted.


Anonymous 02/11/2018 (Sun) 20:41:09 [Preview] No.1111 del
>>1108
Why do you do it? Considering you have "school," a life to live, why would you sacrifice your resources for all of this?


Endwall 02/12/2018 (Mon) 05:05:49 [Preview] No.1113 del
>>1111

Self defense primarily.

Read these threads the answer is in here:
https://archive.is/INR3l
https://archive.is/bpQXa

Anonymous 02/14/2016 (Sun) 00:10:59 [Preview] No. 1726
About the developer:
I will remain anonymous as best I can.
I am not a professional computer scientist or programmer.
I have other commitments and can't maintain a continuous development cycle, but will work on this project sporadically as I have ideas or as issues emerge.Help and assistance on ideas are welcome. Critique and criticism of my tools are also welcome. Positive and negative reviews of experiences using endwall endset and endtools are also welcome.Point out any bugs that you find in the code and or errors in logic or in style or implementation that you find in the script and I may modify it in a release upon review.

Anonymous 02/13/2016 (Sat) 06:51:33 [Preview] No. 1693
>>1687
1)My hope was to get some help with internet security by starting a thread asking for contributions of techniques and ideas. So far that's worked out pretty well. that ipsets thing has solved a major problem my server was running into. I'm glad I got that tip from here. Thanks >>1652 good work!

Message too long. Click here to view full text.



Endwall 02/12/2018 (Mon) 05:16:08 [Preview] No.1114 del
This entire board >>>/os/ is basically the last 30 mins of Star Trek 2: The Wrath of Khan, with Endwall in the staring roll as Khan, and Admiral Michael Rodgers in the Staring role as Captain James T. Kirk.

Endwall: "I spit my dying last spit at thee Rogers!!"
Admiral Michael Rogers: "ENDWAAAAAAAAALLLLLLLLLLLL!!!!!!!!!!!!!!!!!!!"


Anonymous 02/13/2018 (Tue) 21:59:58 [Preview] No.1118 del
>>1108
There we go.


Endwall 02/18/2018 (Sun) 05:49:07 [Preview] No.1136 del
>>1114

How I thought my computer privacy and security and anonymity was doing:
https://youtube.com/watch?v=e7X01_j_oDA [Embed]

How my computer security privacy and anonymity actually is:
https://youtube.com/watch?v=iPQfwmfRq2s [Embed]
https://youtube.com/watch?v=xrUEjpHbUMM [Embed]
Edited last time by Endwall on 02/18/2018 (Sun) 06:46:54.



Welcome to Online Security: Sticky Thread Endwall 07/13/2016 (Wed) 03:11:01 [Preview] No. 181 [Reply] [Last 50 Posts]
Hello and Welcome to /os/, Online Security. This is a board for the discussion of online security, privacy, anonymity, and news from cybersecurity and privacy world.
RULEZ
1.Follow the global rules
2.No Spam
3.No Classified Documents or leaks of Classified Documents or Files (News articles, or commentary about the documents or files is OK)
4.No Child Exploitation Material
5.Images should be safe for work and relevant to the post or thread, commentary can be NSFW
6.No Advertisements of Hacker Services or Solicitations for Hacking Services
Related Boards
tech >>>/tech/ Hacker >>>/h4x0r/ Security Concepts>>>/sec/ EndSoft >>>/endsoft/
Privacy Guides
https://thetinhat.com/index.html
https://archive.is/zq2Ip
http://crypty22ijtotell.onion/handbook/
http://yuxv6qujajqvmypv.onion
http://deepdot35wvmeyd5.onion/security-tutorials/
Software Recomendations

Message too long. Click here to view full text.

Edited last time by Endwall on 12/23/2017 (Sat) 22:17:05.


Sticky Bump Endwall 10/23/2016 (Sun) 18:54:40 [Preview] No. 624 del
TOP BUMP
Additions:
TENS , https://spi.dod.mil/lipose.htm , US Air Force Live CD <-- online banking for mom and dad.
LibertyBSD http://libertybsd.net/ , https://libreboot.org/docs/bsd/openbsd.html
Edited last time by Endwall on 01/02/2017 (Mon) 11:03:40.


Sticky Bump Endwall 04/30/2017 (Sun) 03:29:12 [Preview] No. 894 del
Heads https://heads.dyne.org/ http://fz474h2o46o2u7xj.onion ; Devuan non-systemd version of Tails (Disclaimer: Website/Project uses occult language with communist signals)
Devuan https://www.devuan.org/ http://devuanzuwu3xoqwp.onion
Systemd Free http://systemd-free.org/
Edited last time by Endwall on 10/07/2017 (Sat) 03:03:59.


Endwall 06/01/2017 (Thu) 08:14:41 [Preview] No. 933 del
Mozilla Firefox Hardened Profile
https://github.com/ghacksuserjs/ghacks-user.js



Endware Endwall 05/03/2016 (Tue) 08:54:28 [Preview] No. 32 [Reply] [Last 50 Posts]
Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.

iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.

spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.

alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.

mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.

Message too long. Click here to view full text.

195 posts and 3 images omitted.


Endwall 12/28/2017 (Thu) 20:08:02 [Preview] No.1095 del
proxycheck.sh version 0.18
https://raw.githubusercontent.com/endwall2/endware/master/proxycheck.sh

I think it's working now. I just needed to change the search terms in the regular expressions in AWK to match some keywords in the html. Should be working now.


newfag 01/20/2018 (Sat) 10:41:40 [Preview] No.1101 del
>>50
when trying this i get:
>gpg: Can't check signature: no public key found
when trying to gpg --verify my tor archive


Endwall 01/22/2018 (Mon) 07:36:07 [Preview] No.1103 del
>>1101

Go here for the latest files:

https://dist.torproject.org

$ wget https://dist.torproject.org/tor-0.3.2.9.tar.gz
$ wget https://dist.torproject.org/tor-0.3.2.9.tar.gz.asc

The Tor developers change their keys periodically so if this happens after you type

$ gpg --verify tor-0.3.2.9.tar.gz.asc

Can't verify because
blah blah no key for key ID #######

$ gpg --recv-key #######

Message too long. Click here to view full text.



Update Endwall 02/08/2018 (Thu) 05:09:51 [Preview] No.1106 del
Updates:
Proxyload is down again (I noticed this 2 weeks ago). They changed something with the website. I'll look at this next weekend.

I fixed some channels in endstream and added some stuff to endradio.

I spruced up rmpac-files so that the user just needs to capture the error output of pacman -Su, but doesn't need to edit the file as it will jump to the proper line automatically. It now asks you for deletion confirmation.

I also made a windows version of endstream called winstream as a batch file it's in prototype stage and works with the windows version of youtube-dl and mpv, it needs some sprucing up, but it's low priority. I made this to play news at school on the windows computers with the projector screens, it works well enough.

https://raw.githubusercontent.com/endwall2/endstream/master/winstream.bat

I'm bogged down with homework, so it might be a month or so before I do any more work on the products. Just thought I'd write something about the suite status.

Any product requests, complaints, bug reports comment below. Thanks.


Anonymous 02/21/2018 (Wed) 21:22:28 [Preview] No.1138 del
bastille linux
deep-6'd by the deepstate



Internet Security General Anonymous 04/16/2016 (Sat) 07:56:30 [Preview] No. 4 [Reply] [Last 50 Posts]
Continuing from >>>/tech/597
https://archive.is/INR3l
This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.
75 posts and 6 images omitted.


Anonymous 02/15/2018 (Thu) 04:23:43 [Preview] No.1126 del
>>1119
Thanks for this, it's coincidentally at an opportune time and will be of use to a project I just started.
>ghostery phoning home
I did a quick sweep and didn't find anything, but I mostly skimmed. There's a few links I'm not too privy too and I didn't look deeper into any of the XMHL or send requests though, they're a mess.
https://pastebin.com/raw/czfymKNi
https://pastebin.com/raw/6mZmcSiH
IP greps bring back nothing of note: https://pastebin.com/raw/6mZmcSiH
https://pastebin.com/raw/puaX68W5
Did you make the image yourself? You can mess with the settings on most apps, repack them, and run them your way instead of having them screw with everything.


Anonymous 02/15/2018 (Thu) 06:51:46 [Preview] No.1129 del
>>1126
I didnt make the image I found it on one of the rebeccablack/tech/ archives. Ghostery I still never was crazy about because it is like noscript if it noscript was bloated and didnt work.
I always try and remember the addons I am missing when configuring a firefox fork and that was a good image to use back a year or 2 ago.
>You can mess with the settings on most apps, repack them, and run them your way instead of having them screw with everything.

That is something I will keep in mind because some addons stop working like "white noise generator" which did what "trackmenot" does but in a seperate window with tabs randomly switching to random webpages.

I have a few suggestions to add to the list
adnausium, dolus, tamperdata and http nowhere

if I did not lock the prefs.js I will use https://jm42.github.io/compare-user.js/ for about:config modifying.


Anonymous 02/15/2018 (Thu) 13:50:29 [Preview] No.1130 del
>>1129
>if I did not lock the prefs.js
I just read up on this. It seems like locking is temporary and all you need to do to reverse it, is delete the lockfile.
>I will use https://jm42.github.io/compare-user.js/ for about:config modifying.
These might be useful to you:
https://pastebin.com/pdEbeX1m
Full list of all prefs defined in Mozilla's source code for 52. Some of them are hidden/ i.e not set in about:config so there'll be no way to know about them. And: http://kb.mozillazine.org/About:config_entries
Is a nice util for quickly finding out what each does, and available settings.


Anonymous 02/15/2018 (Thu) 14:48:33 [Preview] No.1131 del
>>1129
And if you're using a beta version or one with a "MOZ_TELEMETRY_ON_BY_DEFAULT", telemetry is perma-on, so be careful.
firefox-52.0esr/modules/libpref/preferences.cpp


Anonymous 02/15/2018 (Thu) 18:05:59 [Preview] No.1132 del
>>1130
>>1131
Thanks I always got confused about that. But you can never be too sure with firefox even forks have things like

camera.control.face_detection.enabled

set to true on default.



Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply] [Last 50 Posts]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
473 posts and 3 images omitted.


Endwall 01/13/2018 (Sat) 22:25:55 [Preview] No.1100 del
Jupiter Broadcasting
Performance Meltdown | TechSNAP 351
Posted on: January 11, 2018
http://www.jupiterbroadcasting.com/121472/performance-meltdown-techsnap-351/
The types of workloads that will see the largest performance impacts from Meltdown, tools to test yourself & the outlook for 2018. Plus a concise breakdown of Meltdown, Spectre & side-channel attacks like only TechSNAP can. Then we run through the timeline of events & the scuttlebutt of so called coordinated disclosure. We also discuss yet another security issue in macOS High Sierra, a backdoor in popular storage appliances.

http://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/92c20700-9d53-4470-a263-d3e009a19100.mp3

show links
https://blog.barkly.com/meltdown-spectre-bugs-explained
https://www.bloomberg.com/news/articles/2018-01-08/-it-can-t-be-true-inside-the-semiconductor-industry-s-meltdown
https://techcrunch.com/2018/01/06/how-tier-2-cloud-vendors-banded-together-to-cope-with-spectre-and-meltdown/
https://www.postgresql.org/message-id/20180102222354.qikjmf7dvnjgbkxe@alap3.anarazel.de
http://web.archive.org/web/20180102084848/https://lkml.org/lkml/2017/12/27/2
http://www.pcgameshardware.de/Sicherheit-Thema-229955/News/Meltdown-Spectre-Intel-Benchmarks-1247650/
http://www.gamestar.de/artikel/meltdownspectre-performance-laut-microsoft-unter-win-7-und-8-schlechter-als-bei-win-10,3324502.html
https://www.blog.google/topics/google-cloud/protecting-our-google-cloud-customers-new-vulnerabilities-without-impacting-performance

Message too long. Click here to view full text.



Endwall 01/26/2018 (Fri) 04:28:55 [Preview] No.1105 del
Hak 5
Meltdown and Spectre - Everything You Need To Know - ThreatWire 15:25
Published Jan 24,2018
https://youtube.com/watch?v=sNgiYM8e5iE [Embed]

FISA Lives On & The NSA Keeps Surveillance Authority 9:22
Published on Jan 17, 2018
https://youtube.com/watch?v=-i90CDqTBHc [Embed]

How to setup Metasploitable 3 - Metasploit Minute
Published on Jan 20, 2018
https://youtube.com/watch?v=orYbXHm_UXY [Embed]


Endwall 02/09/2018 (Fri) 04:57:09 [Preview] No.1109 del
Hak5
Half a Billion in Cryptocurrency Stolen - ThreatWire 10:28
https://youtube.com/watch?v=jGQbLXeyJsM [Embed]

Is AutoSploit for Script Kiddies? - ThreatWire
https://youtube.com/watch?v=_CztCSkt48g [Embed]


Endwall 02/10/2018 (Sat) 19:27:13 [Preview] No.1110 del
Jupiter Broadcasting
Here Come the Script Kiddies | TechSNAP 354
Posted on: February 1, 2018
http://www.jupiterbroadcasting.com/122057/here-come-the-script-kiddies-techsnap-354/
AutoSploit has the security industry in a panic, so we give it a go. To our surprise we discover systems at the DOD, Amazon & other places vulnerable to this automated attack. We’ll tell you all about it & what these 400 lines of Python known as AutoSploit really do. Plus injecting arbitrary waveforms into Alexa and Google Assistant commands, making WordPress bulletproof & how to detect and prevent excessive port scan attacks.
Video
http://201406.jb-dl.cdn.scaleengine.net/techsnap/2018/techsnap-0354.mp4
Audio
http://aphid.fireside.fm/d/1437767933/95197d05-40d6-4e68-8e0b-2f586ce8dc55/e2e1b46b-2f05-465f-821b-95680dc0cda0.mp3

https://arstechnica.com/information-technology/2018/02/threat-or-menace-autosploit-tool-sparks-fears-of-empowered-script-kiddies/
https://www.theregister.co.uk/2018/01/31/auto_hacking_tool/
https://www.digitalocean.com/community/tutorials/how-to-use-psad-to-detect-network-intrusion-attempts-on-an-ubuntu-vps

https://github.com/NullArray/AutoSploit


Endwall 02/18/2018 (Sun) 05:36:11 [Preview] No.1135 del
Hak5
Break And Enter Dropbox - Amazon Key Gets Hacked - ThreatWire
Amazon's Key has another vulnerability, Apple's source code gets leaked, and cryptomining hits government sites.
https://youtube.com/watch?v=YFgKJ2liAUs [Embed]



OPSEC Endwall 08/23/2016 (Tue) 01:08:39 [Preview] No. 357 [Reply] [Last 50 Posts]
Discuss best practices for operational security.
5 posts omitted.


Endwall 08/25/2016 (Thu) 20:19:17 [Preview] No. 405 del
Run minimal, if there is a zero day for one service say apache, but you also host your mail using postfix, depending on the severity of the exploit, your loose your mail security as well.

If your server doesn't need a package to do its job, don't install it. Run minimal for the same reason as above. Once the attacker gets in they'll have more tools to work with the more you install.

Run postfix and dovecot on one server, and httpd on another shut off port 25 143 on the apache server, and depending on your use case shut off port 80, input on the mail server, etc. Run with the minimum number of ports open for each service to operate.

I'm not an expert but these are just feelings about it. I'm not rich enough to host all of my services on different computers but if you are you should.


Anonymous 08/26/2016 (Fri) 12:05:12 [Preview] No. 419 del
>>405
That's why every sane program on Linux drops root privileges after binding to wanted network interfaces and such.

Local attacker could just download wanted code or use scripting. And I doubt tools attacker would want to bring is X11 apps.


Anonymous 08/26/2016 (Fri) 12:11:06 [Preview] No. 420 del
iptables is great.

There is "owner" module that allows controlling OUTPUT traffic on per user or per group basis. And if you use separate users for every service running just like you should, you can control every service with iptables. For example permit traffic going to internet for tor daemon user and permit only localhost traffic for everything else.

Tails already uses similar iptables setup.


Anonymous 12/24/2017 (Sun) 15:09:42 [Preview] No.1090 del
What about having a fileserver to share anonymously? Like an open directory. How to do this?


Anonymous 02/15/2018 (Thu) 04:33:27 [Preview] No.1128 del
>>1090
FTP has a default "anon" account, add to that no logging, some hardening, and messing with file and folder permissions, and you're good to go.



Compile Thread Anonymous 11/27/2016 (Sun) 20:44:39 [Preview] No. 692 [Reply] [Last 50 Posts]
Endwall guy should keep irrelevant compile instructions in this thread by editing the OP or edit the Sticky thread before purging said irrelevant posts in various threads. Just remind them to compile from source and redirect them to this thread.
9 posts omitted.


Anonymous 01/15/2017 (Sun) 22:04:32 [Preview] No. 797 del
is there reason to use torsocks over git's builtin socks5 proxy?

wouldn't it be better if you just register 127.0.0.1:your_tor_port as http.proxy and https.proxy variable by git config?

Not sure what revision of git your distro ships with but using torsocks should be considered depreciated hack for applications with builtin socks5 proxy support.


Reop from source Endwall 08/09/2017 (Wed) 22:53:08 [Preview] No. 999 del
Install REOP from Source
###############################################
$ mkdir -p ~/src
$ cd ~/src
$ endget --no-check-certificate https://www.tedunangst.com/flak/files/reop-3.0-snapshot.tar.gz
$ tar -xvf reop-3.0-snapshot.tar.gz
$ cd reop
$ ./configure
$ make
$ ./reop --help
$ cd ~/bin
$ ln -s ~/src/reop/reop reop
$ export PATH=$HOME/bin:$PATH
$ reop --help

Generate a key pair
$ cd ~

Message too long. Click here to view full text.

Edited last time by Endwall on 08/09/2017 (Wed) 22:57:34.


newfag 01/20/2018 (Sat) 11:21:06 [Preview] No.1102 del
>>707
do i need to run tor as:
tor_stable -f /usr/local/etc/torrc-defaults ?
or does it do that automatically?


Endwall 01/22/2018 (Mon) 07:47:47 [Preview] No.1104 del
>>1102

It should just work automatically. Start tor like this and read the console output

$ tor_stable &

It should say where it is reading the torrc and torrc-defaults from in the console output lines.


Anonymous 02/15/2018 (Thu) 04:28:39 [Preview] No.1127 del
>>1102
>>1104
Neat trick if you don't want your desktop littered with shells:

$ tor_stable &disown; exit;



VPN/proxy/TOR general thread Anonymous 04/15/2016 (Fri) 22:12:39 [Preview] No. 2 [Reply] [Last 50 Posts]
Cool board idea.

What's the safest possible way to browse the internet anonymously and safely? There's a thread on /tech/ with the endwall developer talking about proxychains, and that seems pretty cool. Some of the links to proxy lists seem dead, and I have found some online but why should I trust these random 'free' proxies?

What about proxychains over VPN? I'm currently using Mullvad which is alright, and I'm curious about more security if need be. Does a VPN -> proxychain -> TOR connection work? Sounds horribly slow in theory, but I think we all know that privacy comes at a cost in our current world.

I suppose I could call this a 'VPN/proxy/TOR general thread.'
52 posts and 5 images omitted.


Anonymous 02/13/2018 (Tue) 03:31:06 [Preview] No.1117 del
>>1116
Cheers, Endwall. Any updates in the interim will be published at that link. And hopefully with another living soul around, it'll attract others and we can turn this closed cycle into a growing fibonacci spiral.


Anonymous 02/14/2018 (Wed) 14:25:42 [Preview] No.1120 del
One thing people will notice but never say is that normies WANT TO USE VPNS THEY THINK THEY CAN USE ONE ON A PHONE.

Look at android and itunes top apps paid and free. Those lists are LITTERED with BULLSHIT VPN apps that DO NOTHING for privacy. Hypocrites. Anyone who says "lets microchip everyone I aint got nothing to hide" They do they are hiding behind that talking point instead of an actual opinion. Somehow the media has convinced the people to want to ban vpns while the top apps for mobile are vpn apps aside from games and shit like tinder.

These cucks want all they microchips laws to go through. They think hola free vpn .apk is going to hide them as they downvote something they are supposed to downvote. Look at chrome extentions firefox extensions. All browser fingerprint spoofing.Look at the most torrented proprietary software. All virus protection programs like mcaffe and norton antivirus.
they think that they are not supposed to use vpns or shit that actually works. A bunch of incognitos pretending they dont need privacy. They dont need privacy now that being a pathetic homosexual that does nothing but pout about liberal nonsense is the ideal citizen.


Anonymous 02/14/2018 (Wed) 15:20:36 [Preview] No.1122 del
>>1120
Perhaps the most loud are the most unaware. I would bet my money the ones who care know anything about VPNs aren't dumb enough to yell and scream about muh terrorists or such. Or atleast there may be a little overlap.


Anonymous 02/14/2018 (Wed) 21:49:40 [Preview] No.1124 del
>>1122
Yes I am a sec beginner so I am loud in my observation of this lol.Any politicizing of technology is dangerous. Also proprietary companies like google are a threat too.


Anonymous 02/15/2018 (Thu) 01:24:08 [Preview] No.1125 del
>>1124
Ah mate, I'm on your side, there's been some miscommunication. What I meant was the age old "vocal minority" being the loudest, while the majority quietly enjoys their lot, with a slyly opportunistic smirk.



(843.92 KB 1582x929 adblockerultimate1.png)
Chrome Addons Anonymous 12/10/2017 (Sun) 03:54:06 [Preview] No. 1075 [Reply] [Last 50 Posts]
A lot of browser addons or extensions claim to improve privacy and security. These include Ghostery, Disconnect and Privacy Badger along with a slew of others.

I think for most entry level computer users that those type of addons might provide something useful. To people who are more experienced with browsers and their extensions they seem like a gimmick or just fancy visual feedback. A lot bells and whistles with very little actual functionality.

What can really make surfing the internet a much safer experience? If we focus on HTTPS, SSL and Digital Certificates then we have a good head start. From there we can protect ourselves from ads that might lead to sketchy websites. We can beef up our passwords and add authenticators to our accounts. At the most zealous level we can disable javascript and flash.

The following extensions are for Chrome.

https://chrome.google.com/webstore/detail/adblocker-ultimate/ohahllgiabjaoigichmmfljhkcfikeof?hl=en

Adblocker Ultimate accomplishes the two jobs that all adblockers must. First it has to have a pretty good idea of what is undesirable content and what it is that users want to see or interact with. Also there are no false positives; Adblocker Ultimate pretty much never identifies images or other website content as ads when they aren't.

The extension is also easy to turn off. You can disable it entirely or just for a webpage. The function that allows you to add new blocked elements works extremely well.

https://chrome.google.com/webstore/detail/authy-chrome-extension/fhgenkpocbhhddlgkjnfghpjanffonno?hl=en

Authy integrates authentication into the browser. I have not personally used this extension. The use of authenticators is extremely powerful security wise. I prefer to use my phone and download apps that have authenticators because I see having two different pieces of hardware as more secure than an application running beside another on the same device.


Anonymous 12/10/2017 (Sun) 03:57:48 [Preview] No.1076 del
https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp?hl=en

HTTPS Everywhere forces connections on websites to be made through HTTPS instead of HTTP. I have seen a number of times where a website's homepage will have HTTPS enabled but some other portion will not be encrypted through HTTPS.

https://chrome.google.com/webstore/detail/kb-ssl-enforcer/flcpelgcagfhfoegekianiofphddckof?hl=en

KB SSL Enforcer redirects the browser to use SSL/TLS.

https://chrome.google.com/webstore/detail/keeper%C2%AE-password-manager/bfogiafebfohielmmehodmfbbebbbpei?hl=en

Keeper Password Manager is by far one of my favorite addons. It does a perfect job of saving usernames and passwords. It allows for the easy generation of new passwords that are extremely secure. The features that it offers for free are top notch.

https://chrome.google.com/webstore/detail/pop-up-blocker-for-chrome/bkkbcggnhapdmkeljlodobbkopceiche?hl=en

Poper Popup Blocker is effective and consistent about blocking popups when the browser and adblocker fail to do so.

https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en

Message too long. Click here to view full text.



Anonymous 12/10/2017 (Sun) 04:18:38 [Preview] No.1077 del
If you don't trust password managers then I suggest using a solution like pass the unix password manager.

https://www.passwordstore.org/

Also you can just generate passwords with password card and last pass.

https://www.passwordcard.org/en
https://lastpass.com/generatepassword.php


Endwall 12/14/2017 (Thu) 04:06:42 [Preview] No.1081 del
>>1035

I don't endorse google chrome, and generally avoid any products and services produced by this company if you want to maintain computer and internet privacy and security. Their entire business model is to invade your privacy and sell the information to advertisers and to the government. Avoid all of their products if possible.

That said I'm sure this thread might be helpfull to windows users. So go ahead and start a Windows 7 security thread as well.


Anonymous 02/14/2018 (Wed) 14:30:23 [Preview] No.1121 del
https://chrome.google.com/webstore/detail/ipfuck/bjgmbpodpcgmnpfjmigcckcjfldcicnd?hl=en-US
''IPFuck generates random IPs and fake the use of a proxy with HTTP headers.
It can make you anonymous on several websites.''

https://chrome.google.com/webstore/detail/trackmenot/cgllkjmdafllcidaehjejjhpfkmanmka?hl=en-US

TrackMeNot is a lightweight browser extension that helps protect web searchers from surveillance and data-profiling by search engines. It does so not by means of concealment or encryption (i.e. covering one's tracks), but instead, paradoxically, by the opposite strategy: noise and obfuscation. With TrackMeNot, actual web searches, lost in a cloud of false leads, are essentially hidden in plain view. User-installed TrackMeNot works with the Chrome Browser and popular search engines (AOL, Yahoo!, Google, and Bing) and requires no 3rd-party servers or services.


https://chrome.google.com/webstore/detail/automated-free-proxies-di/ojjklffhhhfpeaelghfocilljceokage?hl=en-US
''
CIAO identifies trusted and working free proxies using its own community. CIAO is instrumented to collect anonymous data about proxy performance and behavior (e.g., amount of data downloaded, page download duration). This data is reported to our servers as an input for the proxy selection algorithm. To bootstrap this process, our servers discover free proxies by crawling proxy aggregator websites. Each proxy is then tested daily to verify reachability, performance, and behavior. ''
(useful for sites like mega.co.nz)

https://github.com/dhowe/AdNauseam/wiki/Install-AdNauseam-on-Chrome-Without-Google‘s-Permission


Anonymous 02/14/2018 (Wed) 17:09:12 [Preview] No.1123 del
I would recommend getting the binary, or compiling yourself, a Firefox 52 ESR. ESR/Nightly/Dev builds have extra features that regular versions don't. Such as installing non-Mozilla signed apps and more about:config options.

https://www.mozilla.org/en-US/firefox/organizations/

I would also recommend using this doc to mess with your settings in about:config. It's not a comprehensive list (I've yet to be able to spoof my vendor), but it has enough where you can work towards making yourself camouflaged. Using this site

http://kb.mozillazine.org/About:config_entries

You can check more in-depth stats about what your browser is giving off. Like, even if you resize your window, your browser still tells websites your native resolution.

https://browserleaks.com/

And HTML5 canvas is one of the best ways to track you, considering it generates a near-unique signature for users. For this, you should use this and set your settings to "fake readout API" and "constant" for random number generation. This will help blend you in with the rest of the user info. Turning it off is almost as bad as having it on, because that in and of itself is a unique fingerprint.

https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/



(378.52 KB 801x501 aeaih.png)
FreeBSD Anonymous 12/05/2017 (Tue) 03:45:16 [Preview] No. 1073 [Reply] [Last 50 Posts]
Anyone here run FreeBSD on hardware?


Anonymous 12/06/2017 (Wed) 14:11:19 [Preview] No.1074 del
There isn't a single person who would use FreeBSD on real hardware. You can't easily port Linux drivers to it, not much community support... Really, using Gentoo FreeBSD edition or Source Mage is better.


Endwall 12/10/2017 (Sun) 08:50:25 [Preview] No.1078 del
I installed FreeBSD 10 on a Sun Microsystems UltraSparc Creator 3D workstation that I got for $30. OpenBSD wouldn't work, something about a bad magic number or something. Anyways the NVRAM had a dead battery so I couldn't get it on the internet because it couldn't register a MAC address which is stored in the NVRAM. I read an article about soldering the NVRAM with a new battery. Replacement is like $70 for a new NVRAM. So it's in the basement for future projects.

That aside I have about 2 or 3 PowerMac G5 silver towers ($50 for a dual 2.3GHz) that I want to install FreeBSD onto. I've read that this is the way to go with those things. I'll experiment with it this summer.

I think if you're going to go BSD go OpenBSD, but really these are for different purposes. If you need to have drivers for video cards and for multiple desktop environments use FreeBSD. If you want nothing to work, no drivers for video cards, etc but a secure environment then use OpenBSD. I mainly use Parabola, Gentoo and OpenBSD. Different use cases for different jobs. I ultimately want to migrate my linux experience to something like Source Mage evenutally when I have more time to spend reading and installing/fixing computers. But I'm too busy with school to change gears right now.

FreeBSD friends post your security tips here in this thread. Links to articles and tutorials about FreeBSD security and other helpful tips are also welcome. Thanks for starting the thread OP.


Anonymous 12/17/2017 (Sun) 05:39:07 [Preview] No.1086 del
>>1074
I do. I run it on the Xeon workstation under my desk.