Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Softwares linked with security


  • Please log in to reply
15 replies to this topic

#1 Cybbermouse

Cybbermouse

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:25 PM

Posted 21 October 2014 - 02:05 PM

Hello my dear friends.
I want to inquire about softwares linked with security. I know it's a very extensive section. I'm asking about :
a) something maybe better then GnuPg and TrueCrypt?
B) Linux - Debian or Kali? 
c) what firewalls are the best?  Let's say I have Linux - what firewall should I install? Do I have to pay for very good firewall (You know that sometimes paying isn't necessary)? Now I use COMODO firewall
d) software hiding my IP. Can you recommend to me VPN (paid version)?
e) another programs providing me security

From scanners and Anty-Virus I have : Kaspersky, RogueKiller, Doctor Cure it, AdwCleaner, Combofix, Everyday I scan my computer with Kaspersky. Three times a week I scan with others.
I use Comodo Dragon, not Google Chrome, DuckDuckGo, not Google. Do I do well? Or can I do it better?

What can you recommend to me? Some of my friends are perfect hackers. We like each other but I don't trust them completely. Intelligent people are not worth trusting.

Sorry, I'm new and I didn't cath the good categoria for this topic. Now I see I should post it in "General Security".

Edited by Budapest, 21 October 2014 - 02:41 PM.
Moved from All Other Applications ~Budapest


BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 AM

Posted 24 October 2014 - 03:20 PM

You're clearly using Windows. But your questions indicate you want to switch to Linux?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 Cybbermouse

Cybbermouse
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:25 PM

Posted 25 October 2014 - 03:22 AM

I'm a user of Windows 8.1 and I want to switch to Linux. But I'm asking about my general security as you can see. It's not only "Should I choose Debian or Kali?" but much more. The most important points to me are c), d) and e). My questions indicate I want to secure myself, switching to Linux is only consequence of it. I inquire about Linux only in the second point, others points like "d) software hiding my IP. Can you recommend to me VPN (paid version)?are rather closely linked with just protection.



#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 AM

Posted 25 October 2014 - 04:51 AM

I wanted to be sure, because I think you don't have a lot of experience with Linux. You don't buy firewalls for Linux: there are many good open source solutions.

Your Linux distro will probably have iptables to configure the Linux kernel firewall. But you can install other tools to do this.

 

In general, home users of Linux don't buy software, but use open source software.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 Cybbermouse

Cybbermouse
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:25 PM

Posted 25 October 2014 - 11:53 AM

And you're right, I worked with Linux only using Oracle VirtualBox. You say there's no need to buy firewalls. So can you recommend to me open source softwares like free firewalls? And maybe you know some helpful programs I maybe don't used to know? I have just started my adventure - I'm learning C++, using TOR, soon VPN and Linux... Maybe you know a software useful for someone who I am?



#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 AM

Posted 25 October 2014 - 03:23 PM

What I tried to explain is that the Linux kernel already has a firewall: http://en.wikipedia.org/wiki/Netfilter

 

I use this firewall + the default software that comes with my distro to manage it.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 AM

Posted 25 October 2014 - 03:28 PM

BTW, since you want to start using Linux, I suggest you start a new topic in Linux & Unix.

 

The title of your topic in this forum here will not attract the attention of people who can help you with choosing a distro.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 Cybbermouse

Cybbermouse
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:25 PM

Posted 26 October 2014 - 03:02 AM

Yes I know. But Windows 8.1 also have its firewall but I'm searching for something more than basic of system. I know what do you mean. And of course if my question is closely linked with Linux I will start new topic in Linux & Unix but this time I generally asked about security of my computer ( look and point a), B), e) and "I use Comodo Dragon, not Google Chrome, DuckDuckGo, not Google. Do I do well? Or can I do it better?". Thanks for reply and help.



#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 AM

Posted 26 October 2014 - 06:09 AM

You're welcome.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#10 rp88

rp88

  • Members
  • 3,014 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:25 PM

Posted 26 October 2014 - 10:23 AM

a ) for encryption you don't really need something that does your whole drive, just something to put your private files into an encrypted archive. I would use 7z for this, it contains the ability to make encryoted archives, these archives can be opened up through 7z using the passowrd you set, then the files opened up with whatever program opens them, then when you close the program you were viewing the file with and close 7z the file should be safely encrypted again until you next need to open it.


b ) (yes the bbscript on here that turns b and a bracket into a face is annoying) i don't know this


c ) firewalls rarely do much, windows has one inbuilt(so does linux) that is adequate for most purposes. On linux it will be different but a standard one should be adequate, you just need to stop inbound traffic which is going anywhere that you haven't asked for it. You will need one but which one you pick is proabbly not that important.


d ) Tor is free and will help you with anonymity, it is a bit slow but not hugely so. It is a widely used anonymity tool and is regularly updated so that users can maintain anonymity despite advances in the methods used to try and track them.


e ) use an antivirus and some on demand scanners, you seem to already do this. Only run one antivirus at a time, multiple live protection antiviruses often attack each other. But it will be fine to run many on-demand non-realtime scanners to check your system is clean. Put noscript and adblock plus extensions into your browser, you might need firefox (you probably will need mozilla firefox, i don't think that the extensions exist for other browsers if you keep it up to date, run those extensions and make sure flash is "click to play" not "always activate" firefox should be as secure as anythng else) for that but those two extensions really help reduce the number of potential infections you are exposed to.


Judging by your questions it seems you are quite security concious and secretive, so another thing i would recommend to you is the use of a linux live operating system. I have heard a little abut these including one called TAILS (which is mentioned somewhere on Tor's site, the idea is thye run on a usb flash drive, you plug them into a computer, boot up the computer from the flash drive and then you are inside a live environment. You do your secret browsing through tor, and encrypt your private data within 7z files, checking over your shoulder at random intervals (yes that last point is a joke but your overall idea and intentions are quite serious and perfectly valid and rational). Once you have finished your secretive stuff, you log off, turn off and unplug the usb drive. Then when you reboot the cmputer from it's internal operating system it SHOULD have no memory of the fact it was ever used for your private stuff. You can save all your private files and such on a second usb drive, once again encrypted with 7z (or some equivalent). That is my advice of you need to be REALLY secure and anonymous. I've used tor once or twice, to look at blogs about how to be more anonymous (see this webcomic for something similar to my experinces with tor http://xkcd.com/1269/ ), so can tell you a little on my experiences with it but have never used a live OS so don't know anything more than a standard description of what one is. Tor's website is a good place to start when looking for information on online anonymity, note that security is a bit of a different thing, security is keeping hackers and viruses out of your system, anonymity is avoiding being linked back to what you post or read. They are both useful things to have and techniques to preserve them usually work well together.

Edited by rp88, 26 October 2014 - 10:23 AM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#11 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 AM

Posted 26 October 2014 - 12:42 PM

I use TrueCrypt and GPG (for e-mail).

I use several Linux distros. I prefer Red Hat / CentOS. But not for security reasons.

I use the build-in  firewalls (Windows and Linux), but I'm also behind a NAT router.

I use paid and private VPN. I'm not going to recommend a paid service.

 

The most important thing you can do, that you did not ask about, is make backups!


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#12 Cybbermouse

Cybbermouse
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:25 PM

Posted 26 October 2014 - 12:48 PM

Yeach Tor is very popular (and good). I'm grateful to you for your advice. I haven't heard about thing you mention in the last paragraph. I will surely check it out. Thanks.



#13 Cybbermouse

Cybbermouse
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:25 PM

Posted 26 October 2014 - 12:57 PM

Backups! You made a great point : ) And I think a portable disk is a good idea, pendrive that can contain a lot of files. Perfect when I download something 'shady'. Of course files will be then encrypted with my private key (GnuPG can encrypt mails and files) because there isn't any sense in having special disk for something like this if disk is open for everyone.



#14 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:25 AM

Posted 26 October 2014 - 02:03 PM

Yes, I consider backups the single most important thing you can do for your systems.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#15 rp88

rp88

  • Members
  • 3,014 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:25 PM

Posted 26 October 2014 - 03:54 PM

"Yes, I consider backups the single most important thing you can do for your systems. "

Quite true for most users but not neccessarily in the case of those trying for EXTREME anonymity and privacy. Backing up is very important but i can imagine some circumstances where it might reduce privacy, basically because for every extra backup of something really SECRET (secret being quite different from valuable, valuable is you never want to lose even if not losing means letting someone else see it, secret is you never want anyone else to know even if the data must be lost to prevent others becoming aware of it) there is a small but non-zero extra chance it COULD be read. Now if data is of any value it must always be backed up, but if it's extremely private it might be better to risk it's total loss rather than risk it's recovery by someone else. This is a matter the user must decide, i don't have deeply private stuff, but i do have deeply valuable stuff so i always backup. If you do consider something so much more secret than it is valuable that you shoudln't back it up then be prepared to lose the un-backed-up data, but be glad it will more likely remain secret forever that way. I would say always backup but i can imagine some cases in which it might be better to leave REALLY private data in one place only.


p.s. for your information tails is an acronym for something along the lines of "the amnesic incognito live system".

Edited by rp88, 26 October 2014 - 03:56 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users