/os/ - Online Security

News, techniques and methods for computer network security.

Boards | Magrathea | Catalog | Bottom

Site Announcements
Check to confirm you're not a robot
Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)
Drag files to upload or click here to select them

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096


Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.


Windows Security Thread Endwall 02/24/2018 (Sat) 02:29 [Preview] No. 1147 [Reply] [X] [Last 50 Posts] >>1774
WINDOWS NT Security Thread

It turns out that MS Windows NT has an 80% market share in the Desktop Operating Systems Market (whatever that is...) So in all likelihood, if you work a job anywhere, you will be forced to sit down and work on one of these machines running this well known gem of an operating system. You probably won't have administrator rights, but that's OK, we'll make do.

In reality there is no Windows security but in this thread we will try to make life a little bit better even if it is just for a placebo effect. Also Windows hackers come and show us how you hack us up real good, and help our poor unprivileged users gain administrator rights without a password, so that they can install Mahjong. Windows Advanced Firewall, Registry Editing, Browsers, etc. Post all the tips and tricks to make Windows NT better than ever.
5 posts and 1 image omitted.Expand thread


Endwall 05/08/2020 (Fri) 22:28:39 [Preview] No.1532 [X] del
Windows Defender Firewall

Go to the search tab and type firewall. Select windows defender firewall. Click on advanced settings. Block all incoming and outgoing traffic by default. Then wipe out all of the policies or click disable, better to click delete and remove them. Then add the policies that you need. Lock them down by application if need be. Play around with the detailed rules and use filters for programs, ports and ip addresses to get the desired effects for your network applications to work. Adding new programs magically changes your firewall settings, but go back and fix them after each new application install. Wipe out and delete all inbound rules. If you need to let inbound come in, then you should know enough about the application to configure it.
Block everything and only let out/in what you need to go out/in, specific programs, ports and ip addresses.


Endwall 05/08/2020 (Fri) 22:55:56 [Preview] No.1533 [X] del
Windows Subsystem for Linux

Installation guide:

https://docs.microsoft.com/en-us/windows/wsl/install-win10

I installed Debian, seems to work well for some applications. I'll import endware and test some fo the tools out. If you install debian you can install a windowing server Xming or CygwinX

http://www.straightrunning.com/XmingNotes/

https://sourceforge.net/projects/xming/

Then you can install programs that work in Xorg server and call them from the command line and they'll pop up in windows on the desktop.

Bear in mind all of this is for convenience while you work on Windows, you can also access Linux tools in the shell and some GUI programs as well. Alternatively try Cygwin and CygwinX:

https://www.cygwin.com/

Message too long. Click here to view full text.



Anonymous 05/09/2022 (Mon) 15:51:00 [Preview] No.1774 [X] del
>>1147
I know Google has been hacking and censoring my sons emails. They do not get forgiven for that. William Gates & his entire staff and bloodline are banned from Heaven.

Regards,

YHVH


Endwall 09/04/2022 (Sun) 00:41 [Preview] No.1814 [X] del >>1815
Local Security Policy

There are firewall settings that don't change when new programs modify windows advanced firewall. These rules sit beneath and supersede the main windows advanced firewall rules.

Type here to search-> "Local Security Policy" -> Click Local Security Policy.

There is a folder Windows Defender Firewall, with the same layout. Put your rules in here and they won't change, and they override the other rules.

I have also found out that these rules can be scripted by the command netsh, so I might make something later on.


Endwall 09/04/2022 (Sun) 00:45 [Preview] No.1815 [X] del
>>1814
General Policy and Inbound rules:



I for one welcome our new overlord Anonymous 07/07/2016 (Thu) 17:44 [Preview] No. 152 [Reply] [X] [Last 50 Posts]
I was about to claim this board, but seems like Endwall guy claimed it. Please disable captcha for replies. Also, guess this is a meta thread.
6 posts omitted.Expand thread


Endwall 07/12/2016 (Tue) 11:30:51 [Preview] No. 170 [X] del
Alternatively start a thread or add it to one of the current threads.


Anonymous 07/16/2016 (Sat) 19:52:18 [Preview] No. 196 [X] del >>427
This looks like a related board:

https://masterchan.org/nsa/


Anonymous 08/26/2016 (Fri) 20:22:48 [Preview] No. 427 [X] del
>>196
>no Tor hidden service
>suggests deanoning self via logging in to "Anon ID"
>while suggesting stronger way of deanon than cookies, they claim to not store IP
>just made post with Tor Browser with no JS, cookies only, no "anon id" crap
>post shows up as by "Outlander", suggesting that majority of users there deanon self across sessions
Gee, I wonder why people call it honeypot


Anonymous 08/26/2016 (Fri) 20:39:19 [Preview] No. 428 [X] del
Wanted to join their IRC
OFTC is a bunch of rulecucks. While they allow Tor access, they limit amount of connections per Tor exit node. I had to rotate circuit 11 times to connect.
>#masterchan Illegal channel name
Looks like "identified anon's" message on that imageboard is truth
>Why is someone possibly IRCOP banning users right and left in #masterchan?

Why the hell Tor Project uses this cucked network?


Anonymous 08/30/2016 (Tue) 03:19:37 [Preview] No. 461 [X] del



System Resources Endwall 07/05/2017 (Wed) 03:13:35 [Preview] No. 965 [Reply] [X] [Last 50 Posts]
I have some observations to make.

## I just tested these systems:
MS DOS 6.22 runs in 384K of memory (1994)
MS Windows 3.11 runs in 2MB of memory with a full mouse driven GUI (1994)
Macintosh OS 7.53 runs in 7.4MB of memory , full GUI + TCP/IP (1996)
Macintosh OS 8.1 runs in 13.2MB of memory, (1997)
Macintosh OS 8.6 runs in 26MB of meomory, (1998)

OpenBSD 6.1 starts in text mode command line in 27MB of memory
OpenBSD 6.1 in Xenocara uses 65-80MB of memory to start up.

## from recollection:
Windows 7 800MB of memory (2009)

Parabola GNU/Linux starts in text mode cli using 150MB of memory
Parabola GNU/Linux in weston uses 300MB of memory

Message too long. Click here to view full text.

Edited last time by Endwall on 07/05/2017 (Wed) 03:17:31.
12 posts omitted.Expand thread


Endwall 07/12/2018 (Thu) 08:34:29 [Preview] No.1247 [X] del
Fresh install of Parabola/GNU/Linux-Libre/OpenRC

On an Intel core2 laptop

boot into cli from OpenRC

$ free -h

used 60 MB

start xorg as root

# startx

# free -h

used 75 MB

Message too long. Click here to view full text.



Endwall 08/20/2018 (Mon) 23:04:48 [Preview] No.1274 [X] del
Alpine Linux on OpenRC
Fresh install on encrypted lvm with the services it said to start in the wiki guide. In command line on busybox.
$ free -m
120MB.

I couldn't get X org to start, but it would probably add another 20MB on top of that.


Endwall 08/20/2018 (Mon) 23:11:21 [Preview] No.1275 [X] del
Hyperbola with linux-libre-lts on OpenRC is similar to parabola. Boots into user account in command line in at around 100MB xorg adds another 20MB ontop to around 120MB. Booting into a user shell seems to be more memory expensive than starting as root.

I want to boot to command line in no more than 20MB with a GUI that brings me up to no more than 40-50MB of memory usage. Any more than that and there is too much going on.


Endwall 08/15/2021 (Sun) 04:30:05 [Preview] No.1738 [X] del
Gentoo Linux (2021)
Gentoo Hardened 10.3.0-r2
Linux/x86 5.13.10-gentoo Kernel

text mode: 51 MiB

Fresh install running with Btrfs on LVM on LUKS. Hardened Gentoo amd64 no-multilib stage 3,70 packages emerged. Running dm-crypt, iptables, lvm and bash. Could probably trim it down to 40MiB with some other choices (shell, daemons etc). I think this is going to be as good as it gets for Linux (for me) without changing things drastically. Maybe I'll switch my shell to ksh or dash or something else and see how it performs.


Endwall 07/10/2022 (Sun) 18:48:11 [Preview] No.1785 [X] del
MacOS HighSierra (2017)

Installed on a MacMini 2011 with 16GB RAM, fresh install:

PhysMem: 4981M used (1945M wired)

The system needs at least 5GB to run properly, and uses up to 10-14GB of RAM when using applications. The memory usage is similar on Monterey.



Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply] [X] [Last 50 Posts]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
494 posts and 3 images omitted.Expand thread


Endwall 07/13/2021 (Tue) 23:03:13 [Preview] No.1731 [X] del
Hak5
7 Year Old Linux Flaw Newly Discovered - ThreatWire
https://youtube.com/watch?v=12oSZ3FVXBA [Embed]
Jun 15, 2021
"EA Source Code was Stolen, a 7 Year Old Linux Flaw was Discovered, and 1.2 Terabytes of Data was Mysteriously Stolen from millions of Windows pcs!"


Endwall 07/13/2021 (Tue) 23:06:15 [Preview] No.1732 [X] del
Hak5
PrintNightmare Hits Windows, REvil Kaseya Ransomware Hits Businesses Worldwide - ThreatWire
https://youtube.com/watch?v=iCGuqW7NL9U [Embed]
Jul 6, 2021
"3 Vulnerabilities were Found In Netgear Routers, Ransomware Hits Businesses Worldwide, and PrintNightmare Leads to remote code execution attacks!"
Edited last time by Endwall on 07/14/2021 (Wed) 00:54:52.


Доброго вечера DAVENSIZER84 01/09/2022 (Sun) 04:49:23 [Preview] No.1765 [X] del
No Spam 3 year ban
No Spam 3 Year Ban (WIDE)
Edited last time by Endwall on 01/18/2022 (Tue) 01:10:17.


Свежие новости Adamoym 01/11/2022 (Tue) 08:47:30 [Preview] No.1766 [X] del
Где Вы ищите свежие новости?
Лично я читаю и доверяю газете https://www.ukr.net/.
Это единственный источник свежих и независимых новостей.
Рекомендую и Вам

Translation to English: Where do you look for the latest news? Personally, I read and trust the newspaper https://www.ukr.net/. It is the only source of fresh and independent news. I recommend it to you
Edited last time by Endwall on 01/18/2022 (Tue) 01:12:51.


covid 19 danke mitunsriste 05/12/2022 (Thu) 04:50:33 [Preview] No.1775 [X] del
ich hatte Recht :) mituns



Secure OSes Anonymous 05/09/2016 (Mon) 18:21:17 [Preview] No. 37 [Reply] [X] [Last 50 Posts]
What is the best OS option for a secure setup?
How do OpenBSD and Linux with patches compare in terms of the security they offer?
81 posts and 1 image omitted.Expand thread


Anonymous 08/26/2021 (Thu) 21:58:28 [Preview] No.1742 [X] del
Linux 5.10 Kernel Contributors.


Anonymous 08/30/2021 (Mon) 04:23:56 [Preview] No.1745 [X] del
(316.77 KB 705x825 linux_committers_v3.png)


Anonymous 11/05/2021 (Fri) 21:25:36 [Preview] No.1758 [X] del
When it comes to the desktop model of computing, Linux and BSD are not as secure as you think:

https://madaidans-insecurities.github.io/linux.html
https://madaidans-insecurities.github.io/openbsd.html

Some valid points raised there. If security is paramount, use Qubes OS. Alternatively, use ChromiumOS with all telemetry disabled and enjoy bottoming for Big G.



OPSEC Endwall 08/23/2016 (Tue) 01:08:39 [Preview] No. 357 [Reply] [X] [Last 50 Posts]
Discuss best practices for operational security.
22 posts omitted.Expand thread


Anonymous 03/21/2019 (Thu) 09:13:24 [Preview] No.1383 [X] del
nice try grandpa
are you aiming for privacy, anonymity, security? VMs are unreliable from a paranoid security standpoint due to complexity, nevertheless if they provide anonymity, it may be worth it against larger foes that can compromise security with their access to exploits. Similarly with Tor Browser Bundle, sometimes it is better to blend in rather than to obscure your identity. a hoodie will be less conspicuous than a facemask.
>>1249
>don't post modern photos except PNGs because of exif
you can strip exif data using 'exiftool' and other solutions. I have heard stories about cameras having hidden codes (and more likely, repeatable and detectable design flaws) that can be used to identify the module, but that's real rumor oojie boojie
>avoid all digitized vehicles
avoid vehicles especially with push-button ignition, vehicles with a disabled wireless unlocking mechanism would be preferable but there are vehicles with an option to disable the keyless wireless fob.

>>1248
>don't use social media
endchan is social media
>use a cheap private vpn
use someone else's vpn, don't leave a paper trail of payment leading to your credit card
>do not buy green appliances
enjoy getting vanned because your electricity company can tell when you're browsing the internet via the smart meter. green is just a color, but energy efficient appliances are easier to run off battery power and/or solar power sources.
>>1167
>responding to phishing attempts at all

Message too long. Click here to view full text.



Anonymous 03/29/2019 (Fri) 21:15:48 [Preview] No.1385 [X] del
(91.93 KB 400x400 glownigger.png)
Don't use smartphones.


Anonymous 05/03/2021 (Mon) 06:22:08 [Preview] No.1722 [X] del
I'm not an expert but I have an IQ over 9000.
How I might attack a password.
A. List attack
I will get a list of "common passwords" derived from compromised user password list (the user account you made in ten seconds, 5 month ago because some Jew webpage made you).
>"12345678" and "nopassword".
B. low entropy Brute force of the password list
Common passwords with one character variance, common passwords with 2 character variance.
>1234s6789, Nopassword1
The site made you add a symbol and a number, I'm so scared.

It's only if you got this far that any real effort has to be made, honestly if you're not special I will just give up and find a stupider person.

C. dictionary attack
Instead of guessing gibberish I will use whole words.
Long passwords are often made up of whole words and at this point I know your password is fairly long.
There are far more words in any given language than characters (this BTFO's Chinese users incidentally).
Many common phrases will already have been covered in A. "common passwords"

Message too long. Click here to view full text.



Anonymous 05/28/2021 (Fri) 03:07:17 [Preview] No.1727 [X] del >>1737
(16.96 KB 474x496 Gentoo.jpg)
Install gentoo


Endwall 08/15/2021 (Sun) 03:52:23 [Preview] No.1737 [X] del
>>1727

I just finished installing Gentoo with btrfs on LVM on LUKS and spent 15 hrs configuring the kernel parameters to get iptables working with endwall.sh . I have to add some more stuff for IPv6 to make it fully compatible with endwall.sh.

Here is my layout:

http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/content/gentoo/layout.txt

sda is full disk encrypted OpenBSD 6.9, sdb is encrypted with unencrypted boot for Gentoo Linux.

Here is my current working kernel config:
http://nguipxnkrp3qrzrlduhsatpcpwehnblzmlkc5ifiumxq4z5jlh4lwvid.onion/content/gentoo/kernel_config.txt

you can copy this to /usr/src/linux/ and then overwrite .config , and run

$ su
# cd /usr/src/linux

Message too long. Click here to view full text.

Edited last time by Endwall on 08/15/2021 (Sun) 04:09:27.



(55.23 KB 1024x768 218.241.83.20_5900.jpg)
/vnc/ general Anonymous 02/25/2021 (Thu) 02:32:53 [Preview] No. 1598 [Reply] [X] [Last 50 Posts]
Pwn the chink edition
Come explore the internet with other Anons
http://computernewb.com/vncresolver/
>4chan
pozzed
>lainchan
pozzed
Well let's give finalchan a go
107 posts and 13 images omitted.Expand thread


Anonymous 04/21/2021 (Wed) 17:51:05 [Preview] No.1717 [X] del >>1720
Has anyone figured out how to escape an X11 desktop (like "nobody's x11 desktop" in the title) in vnc?


Anonymous 04/22/2021 (Thu) 07:56:18 [Preview] No.1718 [X] del
some oil thing
70.36.21.143


Anonymous 04/25/2021 (Sun) 01:50:24 [Preview] No.1720 [X] del
>>1717
I don't think you can. I haven't found a app or software that hides your device name


Anonymous 06/11/2021 (Fri) 14:52:05 [Preview] No.1728 [X] del
122.176.39.102 win

72.24.222.203 win10


Anonymous 06/18/2021 (Fri) 01:52:21 [Preview] No.1729 [X] del
Dudes. Is shodan worth it?



Cryptography Endwall 05/12/2018 (Sat) 20:26:54 [Preview] No. 1211 [Reply] [X] [Last 50 Posts]
In this thread we will discuss cryptography, cryptosystems, crypt-analysis, and tools for cryptography such as gpg and other tools. If you work in this field or hear of some relevant news about this field feel free to contribute. Use hyperlinks and source citations to back up any claims made if necessary.
15 posts omitted.Expand thread


Endwall 09/23/2019 (Mon) 03:31:11 [Preview] No.1469 [X] del >>1495
>>1467
Yeah that's probably faster/smarter to get the Americium from a smoke detector. Good call.


Anonymous 10/14/2019 (Mon) 19:23:20 [Preview] No.1477 [X] del
crypto101.io is a decent overview of _contemporary_ cryptography, not the usual textbooks


Anonymous 11/14/2019 (Thu) 03:21:11 [Preview] No.1495 [X] del >>1498
>>1469
and it should work the same, right? just a button of a different material.


Endwall 11/15/2019 (Fri) 02:36:19 [Preview] No.1498 [X] del
>>1495
Any radiocative isotope of an element should work. In the video he's using Americium from a smoke detector. You just need some random gamma and beta radiation from a decay event to set off the Geiger counter. Any radio isotope will do. Radioactive decay times and quantities are random and unknowable before the event occurs.


Anonymous 05/03/2021 (Mon) 03:27:01 [Preview] No.1721 [X] del
(21.11 KB 336x336 Youdontsay.jpeg)
How does a crypto operator in a client relationship protect themselves against duress?
We are already starting to see digital robberies, because crypto clients are typically anonymous and can use a range of access point the rick of Crypto-ATM robberies is increasing.
A two factor authorization and a silent alarm would be easy to set up- but this presents the risk that the silent alarm keeper could freeze accounts and make demands of clients.
A "two key" system can be used to ensure transactions and blocks are only made with the simultaneous cooperation of the Client and broker, but as with TOR if unilateral blocking is not possible the systematic takeover of brokering services is likely to eventuate.
While in theory if the broker was a bad-actor they still wouldn't gain access, the client would loose their protection without their knowledge- and a large number of bad-actor brokers would emerge to net a large number of clients.

Is this a problem inherent to a single origin (client centered) authorization chain?
Could the blockchain work in tandem in a two factor access system?



Hardware Endwall 09/18/2016 (Sun) 18:31:31 [Preview] No. 580 [Reply] [X] [Last 50 Posts]
Discuss hardware and alternative hardware concepts to increase computer and online privacy and security.
Edited last time by Endwall on 09/18/2016 (Sun) 18:50:04.
9 posts and 1 image omitted.Expand thread


Endwall 09/03/2017 (Sun) 23:52:30 [Preview] No. 1011 [X] del
RC2014
http://rc2014.co.uk/

RC2014 is a simple 8 bit Z80 based modular computer originally built to run Microsoft BASIC. It is inspired by the home built computers of the late 70s and computer revolution of the early 80s. It is not a clone of anything specific, but there are suggestions of the ZX81, UK101, S100, Superboard II and Apple I in here. It nominally has 8K ROM, 32K RAM, runs at 7.3728MHz and communicates over serial at 115,200 baud.

RC2014 is available in kit form for you to solder together.  Through-hole components are used throughout, making soldering easy, even for those with limited soldering experience.  Along with a selection of modules to extend functionality, such as serial terminals with HDMI output, digital input modules or, simple keyboard, the RC2014 is a very adaptable computer.

Assembly guides can be found here:
http://rc2014.co.uk/assembly-guides/

Module information including schematic diagrams and technical descriptions can be found here:
http://rc2014.co.uk/modules/

GitHub repository can be found here:
https://github.com/RC2014Z80/RC2014

Google Group for RC2014 owners can be found here:

Message too long. Click here to view full text.



Endwall 09/04/2017 (Mon) 00:33:49 [Preview] No. 1012 [X] del
RC2014
http://rc2014.co.uk/
As soon as you turn RC2014 on you can start programming in Microsoft BASIC.  This is very easy to get started with and some very complex programs can be written.  To get right down to the metal, though, you can write your programs in Z80 machine code.

Development of the RC2014 has lead to a more powerful machine with pageable ROM, 64k RAM, compact flash storage and a whole range of expansion peripherals.  With the right modules, it’s now possible to run CP/M, which opens the RC2014 up to a wide range of software.

RC2014 can be bought from Tindie:
https://www.tindie.com/stores/Semachthemonkey/


Endwall 09/06/2017 (Wed) 21:07:20 [Preview] No. 1016 [X] del
RC2014

Z80 Retrocomputing 18 - Z180 CPU board for RC2014
https://youtube.com/watch?v=D9u9hhNjcEY [Embed]
Dr. Scott M. Baker
In this video, I build and try out a Z180 CPU board to replace the Z80 CPU in my RC2014 retrocomputer. Aside from simply being faster than the Z80 that I'm currently using, the Z180 offers a lot of on-board peripherals (serial IO, timers, interrupt controller, mmu, dma, etc). I benchmark the 20 Mhz Z180 against my 7.3728 Mhz Z80. I'm saving exploration of the onboard peripherals for a future video. For more retrocomputing projects, see http://www.smbaker.com/

YM2149/ AY-3-8910 Sound Card for the RC2014 computer
https://youtube.com/watch?v=-iLwi9FagFE [Embed]

rc2014-ym2149 Designed by Ed Brindley
Demonstration of my sound card for the RC2014 computer. The board is Open Hardware and was produced entirely with Open Source Software (as was this video) PCB now available on Tindie:
https://www.tindie.com/products/edbrindley/ymay-sound-card-pcb-for-the-rc2014-computer/
Schematics and Gerbers for the board are available here:
https://github.com/electrified/rc2014-ym2149
Edited last time by Endwall on 09/06/2017 (Wed) 21:07:58.


Anonymous 04/22/2021 (Thu) 22:52:38 [Preview] No.1719 [X] del
make a guide for new people niggers
also join discord.gg/obama



Security King Solomon 11/03/2020 (Tue) 08:08:02 [Preview] No. 1579 [Reply] [X] [Last 50 Posts]
I have a VPN and am using Tor with JavaScript turned off. What more can I do to boost security?