User Controls
ATTN: Sophie AKA The Ultimate NetSec and OPSec thread.
-
2015-11-04 at 3:46 PM UTCConsidering you've never steered me wrong, and you've always been down to help me or a friend. I was wondering if you'd be willing to help me acquire some of your favorite programs for Net/OPSec to setup a new laptop I got. I'm finally getting more serious about these types of things, and I don't want to be fucked from the start. I'm not asking you for you to do all the work, just the programs and a brief guide for each, along with input on my currents such as Comodo Dragon, and if I should switch to Gecko (Firefox) based IceDragon. Simple things like that.
Thanks man, I'd really appreciate it, Hewfil1
EDIT* I installed VeraCrypt and I tried setting it up as you described in your OPSec thread, but I'm unsure if I chose the right settings, etc. Could you help me with that too please? -
2015-11-04 at 8:24 PM UTCOn your dragon question I have used both browsers. I like the Chrome strip down of ice dragon more that the mozilla rip but its really just personal preference towards browsers.
-
2015-11-05 at 1:03 AM UTCWell there's a ton of programs out there. Also, VeraCrypt is pretty self explanatory. If you selected the option for encrypted hidden volume then you just need to mount your encrypted file with VC and input the password to the hidden volume to open it up. If you have it opened up you can select it as a place to which you can install your VM, just set it on one file and install your favorite distro within it. Also, for everyday purpose getting a good VPN is pretty easy, like i said in the other thread for haxxy things a VPS would be best so you connect from within your encrypted linux install to your VPS via TOR and load your programs/tools what have you server side.
Also i don't use chromium icedragon and what have you, it looks good. But for my browser i use firefawx with some sec related addons among which:- WebRTC Disabler
- NoScript
- HTTPS Everywhere
- ZenMate Web VPN
- World IP
And a number of offensive oriented addons, like live HTTP headers, tamper data, hackbar and such. Which i realistically don't even need because i got an intercepting proxy for all that except for what hackbar does.
Also, if you want to increase your security ontop of regular measures you can get something like DNSCrypt to encrypt all your DNS traffic to prevent eavesdropping and MitM attacks. https://www.opendns.com/about/innovations/dnscrypt/ Just read the documentation on the site to get started.
Also if the OS you mean to install in your VM is Kali you might find the following link helpful. http://lewiscomputerhowto.blogspot.nl/2014/01/complete-guide-on-how-to-install-kali.html
If you have any specific questions i'll try to be a little more conciuse in my answers. The most important thing to ask yourself is: What do i intend to do with this PC? Will you be focusing on offensive security? Defensive? Or a combination? And how much protection is enough for you etc. -
2015-11-05 at 3:40 PM UTC
Well there's a ton of programs out there. Also, VeraCrypt is pretty self explanatory. If you selected the option for encrypted hidden volume then you just need to mount your encrypted file with VC and input the password to the hidden volume to open it up. If you have it opened up you can select it as a place to which you can install your VM, just set it on one file and install your favorite distro within it. Also, for everyday purpose getting a good VPN is pretty easy, like i said in the other thread for haxxy things a VPS would be best so you connect from within your encrypted linux install to your VPS via TOR and load your programs/tools what have you server side.
Also i don't use chromium icedragon and what have you, it looks good. But for my browser i use firefawx with some sec related addons among which:- WebRTC Disabler
- NoScript
- HTTPS Everywhere
- ZenMate Web VPN
- World IP
And a number of offensive oriented addons, like live HTTP headers, tamper data, hackbar and such. Which i realistically don't even need because i got an intercepting proxy for all that except for what hackbar does.
Also, if you want to increase your security ontop of regular measures you can get something like DNSCrypt to encrypt all your DNS traffic to prevent eavesdropping and MitM attacks. https://www.opendns.com/about/innovations/dnscrypt/ Just read the documentation on the site to get started.
Also if the OS you mean to install in your VM is Kali you might find the following link helpful. http://lewiscomputerhowto.blogspot.nl/2014/01/complete-guide-on-how-to-install-kali.html
If you have any specific questions i'll try to be a little more conciuse in my answers. The most important thing to ask yourself is: What do i intend to do with this PC? Will you be focusing on offensive security? Defensive? Or a combination? And how much protection is enough for you etc.
Thanks man, the input it really helpful. And I'm doing mainly offensive. -
2015-11-05 at 3:47 PM UTCI think I'll combine IceDragon with the add-ons to increase the sec of my browser.
-
2015-11-06 at 2:52 AM UTC
Thanks man, the input it really helpful. And I'm doing mainly offensive.
Sure thing, like i said if you have any specific questions on any subject post them and i'll try to help you with it. -
2015-11-07 at 1:27 PM UTCForget about network management. Anything you come up with can be hacked. Focus on process detection instead.
ie: http://securityxploded.com/hidden-process-detection.php -
2015-11-07 at 2:29 PM UTCthat's some terrible advice
-
2015-11-07 at 3:54 PM UTC
that's some terrible advice
Sure it is. That's why network administrators at major companies all around the world are getting hacked and having their databases dumped to the public at an increasingly alarming rate. They're so busy watching and enhancementing their network traffic, learning everything after the fact, they completely ignore the elephant in the room. If someone is on your system, they have to open processes to accomplish tasks. Whether those processes are embedded or not makes no difference; they still have to work the controls. If you spy on and know your own system well enough, you can spot those activities the moment they commence, masked or not, hidden or not, and appropriate blocks and shields can be automatically employed in nano-seconds, before any real damage or downloads can be accomplished. Review and investigation can be done at a later time at leisure. All attacks have "tells", and often share the same "tells". Those tells can be detected in a generic sense with a low false positive rate if the detection devices are configured correctly. No attack can operate completely invisible, no matter how good or how tricky it is.