Category Archives: Security

Tools: Find Your Missing Computer, Android, or IOS Device

There are lots of ways to track a missing or stolen computer, but if like me, you have many different devices of various types you may wish to give the Prey Project a look.

Prey, will track almost anything. Laptop, desktop, Android, or IOS devices are all supported. Windows phone is on the way as well, but of course if you’re reading this blog, you likely couldn’t care less about Windows Phone!

Prey can geolocate your device, so police can be notified. It can also allow you to remote lock the device, take a photo using the device cameras and much more. There is a very basic free version, as well as paid plans available.

For us Linux users, Prey is available in the repositories, but I’d suggest downloading the installer directly from their web site. This will insure the latest package.

Prey Project web site

Prey Project web site

Their web site will automatically determine the version you require, or you can choose to download for another type of machine right from the menu. IOS, Android users will be directed to the Apple or Google Play stores.

Once you download the Linux package, just double click on it to open it up in your package installer.

The first thing that will pop up will be a notice that an older version is available from the repositories.

Install Warning

Install Warning

Ignore that and then do the install.

Installing Prey

Installing Prey

Once installed, create your free or paid Prey account, and if the unthinkable happens, you may well be able to recover your stolen machine!

 

Security: Watch That Email!

Got a very convincing email this weekend, seemingly from my registrar for one of my many domain names. The message was stating that the DNS was about to be changed on that domain, to point to another location. They wanted me to click on an enclosed link to prevent it.

But I wasn’t born yesterday!

Listen folks, there ways to ensure an email, is actually from who it says it’s from.

First of all,do NOT allow html email! Had I been using html in my email reader, I would not have seen that the link that was showing as my registrar, actually was going to somewhere completely different!

Also, you should actually look at the email headers. In this case, the header information almost looked legitimate, but careful examination found that the email was actually coming out of an IP address in South America!

Also, be aware that some bad guys will hide the actual email address that you’re clicking on, by masking it as an encoded string.

An example is a url that looks like this:  http://%6C%6E%78%67%6F%61%74

Which is actually this url: http://lnxgoat.com

Also, if the address is pointing directly to an IP address like: http://192.168.1.2/Americanexpress.com as an example, run away fast!

Yes, you see Americanexpress.com, but that’s not where you will end up!

Your inbox, is a dangeroud place. Use it with care!

 

 

 

Breaking Things: When Hackers Attack

Had an interesting evening here on the farm. As I’ve mentioned before, we stream our goats on ustream.tv 24/7, and as part of that, we have a single odd port inbound to an embedded server so our viewers can control our cameras, changing them as they wish.

Tuesday evening, after  10pm local time, in keeping with our own advice about keeping your router firmware up to date, we updated ours. We have Verizon Fios on the Internet side of our network, and a second WiFi router daisy chained to the Fios modem for our internal farm network.

After flashing the new firmware into both, I began to restore my very strict firewall settings (you do use one I hope!) but as fast as I could get the Fios modem rebooted, someone from China was getting in and taking control of it. It was a cat and mouse game until I finally won, getting the modem booted up and the remote administration  and ping reply turned off before he could get in again.

Continuing my firewall setup, I opened the single obscure  port to my embedded camera controller. The controller is password protected, and automatically blocks the IP address of anyone using the wrong user name and password,  forever! So yes, they can port scan and find the server, but they only get one chance to log in before they are blocked.

One Chinese hacker spent hours port scanning my home IP address, trying to find a vulnerability.

I finally got tired of it, and started port scanning HIM! It was amazing how fast he stopped once he noticed me doing the same to him.

There is a handy web site that I use to see where attacks are coming from, and it’s worth bookmarking for your own use. It’s called: utrace.de

utrace.de web site result of hostile IP address

utrace.de web site result of hostile IP address

Point is, if you are not using the firewall available from your internet service provider, your personal router, and even your individual computers, you should be.

Go check now, configure the hardware and install your Linux firewall software too!

Security: Wipe File Deletion

Under most circumstances, recovering a file that has been deleted is pretty easy, even under most Linux file systems. So what do you do if you wish to securely delete a file so that it can not be recovered? Use Wipe

Head over to your Software Manager and do a quick search for Wipe. Once found, just install it as usual. Wipe is a Terminal program, so once installed, there will be no menu item for it.

Wipe Secure File Deletion

Wipe Secure File Deletion

Using Wipe is easy. First thing you’ll want to do is learn the syntax for using the tool. Open a Terminal, and type: wipe -help

Wipe Secure File Deletion

Wipe Secure File Deletion Help Listing

This will give you a full listing of the options and usage for this powerful tool.

Next thing to do is navigate to the directory that contains the file(s) you wish to securely remove from your hard drive and running Wipe against the file name like in the example below:

Wipe Secure File Deletion

Secure deletion example

In this case, I simply typed: wipe filetodelete.png at which point Wipe will ask you to confirm your desire to delete the file. This will be your last chance to say no, before the file is gone for good!

 

Privacy: Pidgin-OTR

We use Pidgin a lot on the farm, chatting back and forth between buildings while we get our farm chores done. There is a plugin for the Pidgin chat client that can make your chats private by encrypting them so you know you are talking to who you think you’re talking to, and prevent man in the middle snooping.

Open your Software Manager and search for pidgin-otr and install it.  Once installed, it’s time to activate and set up the plugin.

First, open Pidgin and select Tools—> Plugins and scroll down to the pidgin-otr plugin.

Pidgin-OTR Setup

Pidgin-OTR Setup

Once you check the box to the left of the description to turn on the plug in, then click the bottom Configure Plugin button to set up your private encryption key and other preferences.

Key Generation

Key Generation

Note that it can take awhile to generate the encryption key on an older, slow machine!

When you first chat with another user using pidgin-otr, the system will ask you to send a question and answer to expect back and forth to authenticate each other. After that, your chats are private and secure!