Lets talk Linux security! What security programs, CLI tools, GUi tools do you use to keep you linux system secure?

will be interesting to see where passwords and methods of authentication go in the next 5-10 years. I think we will see more bio metrics used like fingerprinting, retina scans ect. no matteer which method is used there will always be a hack or a work around!
I disagree because they've already been going in that direction but it's not practical. Of course security heavy agencies have already been using body chips but I don't see that gaining popularity anytime soon.
 


I disagree because they've already been going in that direction but it's not practical. Of course security heavy agencies have already been using body chips but I don't see that gaining popularity anytime soon.
Body chips are interesting i think there will be a divide of people who want to get implants and those who will want to remain natural. I personally want to remain natural , we are all already bathed in low level microwaves from cell towers, wifi systems and smartphones. I suspect we are a guine pig gerneation with these techs and maybe it will all come out in 10-20 years that humanity cooked themselves with their own tech. Theres research that claims to show low level mircowaves destroy bees and trees, , which are critical for our natural eco system to remain healthy and stable, if we loose the bees and trees its game over!

If anybody is interested there is a british x navy microwave/radar expert named Barry Trower who lectures and warns of the dangers of wifi , 4g/5f technologies- hes not a quack, he has read everysingle scientific paper and study on microwaves and studied microwaves and their effects intenesely for 40 years or so in the brtish navy
 
will be interesting to see where passwords and methods of authentication go in the next 5-10 years. I think we will see more bio metrics used like fingerprinting, retina scans ect. no matteer which method is used there will always be a hack or a work around!
I believe authentication will be something similar to this because we already use fingerprint and face recognition on mobile phones, but i myself don't have a very good sense about this kind of authentication and i prefer to at least have alternative methods like to conventional ones.
 
I believe authentication will be something similar to this because we already use fingerprint and face recognition on mobile phones, but i myself don't have a very good sense about this kind of authentication and i prefer to at least have alternative methods like to conventional ones.
yeah im more in favour of authentication that does not involve biometric data, as if somebody steals your fingerprint, retina, face scan or whatever, you can never change that. At least if a password is compromised you can just chane the password , but nce somebody or some company has your biometric data, the cat is out of the bag so to speak!
 
Body chips are interesting i think there will be a divide of people who want to get implants and those who will want to remain natural. I personally want to remain natural , we are all already bathed in low level microwaves from cell towers, wifi systems and smartphones. I suspect we are a guine pig gerneation with these techs and maybe it will all come out in 10-20 years that humanity cooked themselves with their own tech. Theres research that claims to show low level mircowaves destroy bees and trees, , which are critical for our natural eco system to remain healthy and stable, if we loose the bees and trees its game over!

If anybody is interested there is a british x navy microwave/radar expert named Barry Trower who lectures and warns of the dangers of wifi , 4g/5f technologies- hes not a quack, he has read everysingle scientific paper and study on microwaves and studied microwaves and their effects intenesely for 40 years or so in the brtish navy
That's very interesting, do you have a link to the study about bees and trees? It has been long established that if you spend a lot of time talking on a cellphone, then you have a higher risk of brain cancer, Idk if these smart phones are any different.
 
People coming from windwoes are paranoid about security and so they should be, because there is no security.
anim_59.gif

The first thing I do when I install Linux Mint is ...enable the firewall...keep my system up to date and have a few add-ons on my browsers and change my DNS.
happy0035.gif


I also have windwoes 7 as a VM, so microsuck can't spy on me and in the seven years of running Linux Mint I've never had any security issues.
happy0034.gif
 
People coming from windwoes are paranoid about security and so they should be, because there is no security.
anim_59.gif

The first thing I do when I install Linux Mint is ...enable the firewall...keep my system up to date and have a few add-ons on my browsers and change my DNS.
happy0035.gif


I also have windwoes 7 as a VM, so microsuck can't spy on me and in the seven years of running Linux Mint I've never had any security issues.
happy0034.gif
#windwoes_hate
 
Body chips are interesting i think there will be a divide of people who want to get implants and those who will want to remain natural. I personally want to remain natural , we are all already bathed in low level microwaves from cell towers, wifi systems and smartphones. I suspect we are a guine pig gerneation with these techs and maybe it will all come out in 10-20 years that humanity cooked themselves with their own tech. Theres research that claims to show low level mircowaves destroy bees and trees, , which are critical for our natural eco system to remain healthy and stable, if we loose the bees and trees its game over!

If anybody is interested there is a british x navy microwave/radar expert named Barry Trower who lectures and warns of the dangers of wifi , 4g/5f technologies- hes not a quack, he has read everysingle scientific paper and study on microwaves and studied microwaves and their effects intenesely for 40 years or so in the brtish navy
I'm actually thinking about getting the Vivokey implant.
 
Security is a process, not an application.

I have a very poorly written 'bonus article' on my site that's awaiting a rainy day when I'll publish it. It was written while I was really, really inebriated and there's no salvaging it, so I'll eventually just hit the publish button and let 'er rip.

Anyhow, as a general rule, I don't use any of those things - not even a firewall (on my desktops/laptops). Malware exists for Linux. Don't install it. I use least-permissions type of processes and take care to install only from trusted sources.

I don't bother with a firewall. I'm behind a router that has NAT enabled. I used to use a hardware firewall but I haven't bothered with that in ages. You can't do things like access my network without me noticing. I'm gonna see your car in the driveway! However, you could just access the guest network. It's isolated from my network and only allows internet access.

No, you can't SSH into my systems - at least not without a whole lot of work and a whole lot of information. So, I'm not too concerned.

I keep good backups and don't do much in the way of banking online. So, for all that work you're really not going to get anything. Just like using multiple browsers, I keep things compartmentalized.

Public facing servers are a whole other story. That's not really salient as this site is mostly about desktop use.
As was mentioned security is a process. Most systems are not broken in by someone using elaborate tools. Black hats walk around the internet checking for obvious vulnerabilities and stupid configuration mistakes or send you an email enticing you to infect yourself. Most of the time if proper security is encountered they just move along. If you are a business or government entity they may try harder but same tools are usually applied. I keep all systems under my administrative control secure. Make sure unnecessary ports closed and system software is up to date. I have a firewall in front of everything. Subscriptions to some lists as well as outright blocking traffic from a few countries I have reduce suspicious traffic to a dribble. I check logs on a regular basis to make sure nothing bad is going on. I will also periodically do a few minutes of packet capture just so I have a baseline. I have found bad behavior such as an application communicating with things they shouldn't. Usually a sign someone has downloaded some flavor of shareware that is behaving badly.
 
That's very interesting, do you have a link to the study about bees and trees? It has been long established that if you spend a lot of time talking on a cellphone, then you have a higher risk of brain cancer, Idk if these smart phones are any different.

As was mentioned security is a process. Most systems are not broken in by someone using elaborate tools. Black hats walk around the internet checking for obvious vulnerabilities and stupid configuration mistakes or send you an email enticing you to infect yourself. Most of the time if proper security is encountered they just move along. If you are a business or government entity they may try harder but same tools are usually applied. I keep all systems under my administrative control secure. Make sure unnecessary ports closed and system software is up to date. I have a firewall in front of everything. Subscriptions to some lists as well as outright blocking traffic from a few countries I have reduce suspicious traffic to a dribble. I check logs on a regular basis to make sure nothing bad is going on. I will also periodically do a few minutes of packet capture just so I have a baseline. I have found bad behavior such as an application communicating with things they shouldn't. Usually a sign someone has downloaded some flavor of shareware that is behaving badly.
do you use wireshark for your packet capture??
 
That's very interesting, do you have a link to the study about bees and trees? It has been long established that if you spend a lot of time talking on a cellphone, then you have a higher risk of brain cancer, Idk if these smart phones are any different.
there is aninteresting book called "inivisible rainbow"
 
As was mentioned security is a process. Most systems are not broken in by someone using elaborate tools. Black hats walk around the internet checking for obvious vulnerabilities and stupid configuration mistakes or send you an email enticing you to infect yourself. Most of the time if proper security is encountered they just move along. If you are a business or government entity they may try harder but same tools are usually applied. I keep all systems under my administrative control secure. Make sure unnecessary ports closed and system software is up to date. I have a firewall in front of everything. Subscriptions to some lists as well as outright blocking traffic from a few countries I have reduce suspicious traffic to a dribble. I check logs on a regular basis to make sure nothing bad is going on. I will also periodically do a few minutes of packet capture just so I have a baseline. I have found bad behavior such as an application communicating with things they shouldn't. Usually a sign someone has downloaded some flavor of shareware that is behaving badly.
this is largely why security/blackhat is not really something that's incredibly interesting to me anymore...it's all just about social engineering and widely known vulnerabilities. If you're white hat, it's all just about fixing those obvious known vulnerabilities, none of the sexy spycraft...boring!

However, if security language wasn't so vague and more specific (how many times i've just read about a "vulnerability" in news articles without any details whatsoever...), then maybe this would be a better topic.
Most of the time I use wireshark. Even when I do packet captures with tcpdump I will use wireshark to look at them. Its easier to do analysis using it. Its a great tool to become familiar with....

yeah and unfortunately most interesting traffic has become encrypted so you can't read people's emails and passwords easily like you coulda done in the 90s/early 2000s. Shoot!
 
this is largely why security/blackhat is not really something that's incredibly interesting to me anymore...it's all just about social engineering and widely known vulnerabilities. If you're white hat, it's all just about fixing those obvious known vulnerabilities, none of the sexy spycraft...boring!

However, if security language wasn't so vague and more specific (how many times i've just read about a "vulnerability" in news articles without any details whatsoever...), then maybe this would be a better topic.


yeah and unfortunately most interesting traffic has become encrypted so you can't read people's emails and passwords easily like you coulda done in the 90s/early 2000s. Shoot!
Using wireshark from a security prospective I am interested in what things on my network are communicating with. Since I own one end of those conversations I can get an idea of what might be going on. I agree that you are not likely to get much information listening to traffic unless you can play man in the middle. Most bad behavior comes with someone gaining access to a system and owning it. Usually some kind of fishing scheme where someone ends up with a set of credential to use
 
Using wireshark from a security prospective I am interested in what things on my network are communicating with. Since I own one end of those conversations I can get an idea of what might be going on. I agree that you are not likely to get much information listening to traffic unless you can play man in the middle. Most bad behavior comes with someone gaining access to a system and owning it. Usually some kind of fishing scheme where someone ends up with a set of credential to use
Analyzing your own network traffic is good to check that its encrypted through https, you can check its not been ssl stripped.
 
will be interesting to see where passwords and methods of authentication go in the next 5-10 years. I think we will see more bio metrics used like fingerprinting, retina scans ect. no matteer which method is used there will always be a hack or a work around!
This would be so nice. Havent used Linux exclusively for some time and got really accustomed to just click 2 times on my apple watch instead typing the 14-digit password. Its a real bummer in Linux. MacOS with watch integration, Windows hello (or even just click "yes") is just so nice. Hope linux gets around.
 
Recently, I installed parrot os on VM and I'm very impressed by its built in features. Not too much resource heavy. parrot developers going to release a ARM edition near in the future. Maybe after that, I'll try it on my RP4
 
Silly me
tongue0009.gif
I forgot to mention...don't use google as they not only spy on users but censor search results, especially for those of us who live in Australia.
mad0035.gif


That's why I only use DuckDuckGo.
happy0034.gif
 

Staff online


Top