Black Ops Puppy
ping reply
I tried the suggestion to turn "ping reply" off with the following command from a console window as outlined earlier in this thread:
sysctl -w net.ipv4.icmp_echo_ignore_all=1
Shields-Up site (at)https://www.grc.com/x/ne.dll?bh0bkyd2 says that I'm still replying to their ping.
Didn't stop the response while running Puppy 410 and 412 USB frugal installs
sysctl -w net.ipv4.icmp_echo_ignore_all=1
Shields-Up site (at)https://www.grc.com/x/ne.dll?bh0bkyd2 says that I'm still replying to their ping.
Didn't stop the response while running Puppy 410 and 412 USB frugal installs
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Is this in Seamonkey too? I am sure I have had javascript interrupts in Seamonkey - taking me to some spam site. However would that be something that happens in any javascript enabled browser
Anyways Firefox 3.5 vulnerable
http://mashable.com/2009/07/15/security ... refox-3-5/
Anyways Firefox 3.5 vulnerable
http://mashable.com/2009/07/15/security ... refox-3-5/
backtrack, is the best I know of...
http://www.remote-exploit.org/backtrack_download.html
https://wiki.remote-exploit.org/backtrack/
[you may get a security warning about this site!]
Aitch
http://www.remote-exploit.org/backtrack_download.html
https://wiki.remote-exploit.org/backtrack/
[you may get a security warning about this site!]
Aitch
I've just dwlnd & burnt this one:
http://aircrack-ng.org/doku.php?id=slit ... 5cfc49cd71
It looks interesting, small, only 60 Mb and tailored for AAO netbook.
No sound card support, and very basic, but has the right wifi drivers for wardriving & more...
Can't wait to see this turned into a pupplet.
http://aircrack-ng.org/doku.php?id=slit ... 5cfc49cd71
It looks interesting, small, only 60 Mb and tailored for AAO netbook.
No sound card support, and very basic, but has the right wifi drivers for wardriving & more...
Can't wait to see this turned into a pupplet.
Don't poop it down... Pup it Up !
Out of sheer curiosity I went to the following website:Lobster wrote:When I posted initially that 'Black Ops Puppy' does not exist
That was true.
Many insisted on testing this non-existent puplet
I wonder what the results were?
For those still interested in tin foil and testing maybe this project is suitable?
http://www.yolinux.com/TUTORIALS/LinuxT ... urity.html
And ran CHKROOTKIT on Puppy 4.10 Retro. The following were infected.
BASENAME
DIRNAME
ECHO
ENV
LOGIN
PASSWD
TRACEROUTE
/SBIN/INIT
I ran CHKROOTKIT on a fresh puppy livecd boot - pfix-ram, no saved session, and got the same result.
Need I be worried?
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
No idea. Maybe.Need I be worried?
Worry seems part of some peoples search and experience
routine. In other words they look for reasons to wear tin foil hats.
Maybe someone will know . . .
Nobody seems much bothered - if we were a BSD distro we would now be on red alert. All websites would be closed down etc
Meanwhile. Puppy 4.3 Pre beta reloaded
has adblock on by default (good move)
Another tip:
If you are visiting warez, porn or hard core Microsoft sites
go to menu / shutdown / restart X server
It is quick and flushes any javascript hovering about . . .
There is another way besides sysctl to turn off pings, for those having problems with that. See /etc/rc.d/rc.firewall:
Of course if we want a black ops Puppy, it should be based on OpenBSD, not Linux. E.g. http://bsdanywhere.org/
Code: Select all
...
LOGGING="yes" # PJB Let's try logging
REQUIRE_EXTERNAL_CONFIG="no"
############################################
# -- Advanced Firewall Behavior Options -- #
############################################
# The default settings provide the suggested firewall configuration.
NO_RP_FILTER_INTERFACES=""
INTERNAL_DHCP="yes"
RFC_1122_COMPLIANT="no" # PJB Drop pings even though some say that's naughty
DROP_NEW_WITHOUT_SYN="yes" # PJB See http://www.ledow.org.uk/linux/config.html
DUMP_TCP_ON_INIT="no"
TTL_STEALTH_ROUTER="no"
LOG_LIMIT="1/minute"
LOG_BURST="5"
LOG_LEVEL="notice"
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Puppy based on BSD . . .
I am assuming that would be possible with Woof
or not? BSD uses a different kernel
Barry is experimenting with Automatic unmounting
http://www.puppylinux.com/blog/?viewDetailed=01004
and this will ensure better security.
It would seem that if running from CD
only a mounted disk could be read
though I suppose it is easy enough to mount from rogue javascript or php?
I am assuming that would be possible with Woof
or not? BSD uses a different kernel
Barry is experimenting with Automatic unmounting
http://www.puppylinux.com/blog/?viewDetailed=01004
and this will ensure better security.
It would seem that if running from CD
only a mounted disk could be read
though I suppose it is easy enough to mount from rogue javascript or php?
- Pizzasgood
- Posts: 6183
- Joined: Wed 04 May 2005, 20:28
- Location: Knoxville, TN, USA
PHP doesn't go "rogue" on the client's machine. PHP is a server-side programming language. It is run on the webserver, not the user's computer. The user never sees PHP, and even if he did, the browser wouldn't know what to do with it. So PHP exploits are dangerous to a webserver, but the only danger they pose to an end user is indirect (if you have any data stored on the webserver, for example).
As for JavaScript, if you managed to find an exploit that allowed you to execute arbitrary code with root permissions, then it wouldn't be hard to mount a drive in Puppy. Unless you only run your browser as a non-root user, which isn't hard to do. Just open a terminal and run
That will start seamonkey as the user spot. You will only be able to save files to /root/spot, as that is spot's home directory, and /tmp, which is world-writable. But if your browser is hacked into, it should only be able to damage things in /root/spot and /tmp, and not the rest of the system. Note: The browser would still be able to read data from anywhere, unless it doesn't have the world-readible bit checked, so if you have confidential information on a mounted partition and the browser is hacked, the hacker could potentially see it.
As for JavaScript, if you managed to find an exploit that allowed you to execute arbitrary code with root permissions, then it wouldn't be hard to mount a drive in Puppy. Unless you only run your browser as a non-root user, which isn't hard to do. Just open a terminal and run
Code: Select all
su spot
seamonkey
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]
[img]http://www.browserloadofcoolness.com/sig.png[/img]
What can i say
Hello all, although this is my second post on these forums i have been tending to my puppy now for about a month (yes i thought that was kinda neat way to say things) by this i mean i have been running puppy for about a month and trying my best to learn about this distro and in general linux as i have been venturing out of windows and realized the worlds of possibilities that linux presents and more so with puppy.
i have been extremely interested in security cryptology and more generally everything being discussed in this thread.
unfortunatly i do not have anything i can really contribute YET however i must say even if nothing in the way of software or an actual distro/puplet come out of this just looking through the links and ideas mentioned here is an amazing learning experience i have just started but i have alot of reading ahead of me.
all i can really do is thank you all for the knowledge that i and anyone else can get out of this.
oh i have been unsuccessful in compiling anything in puppy yet but i have had very limited time to look into it it seems i lake the exact commands to run.
BUT! my main rig (PC) is a intel Core i7 OC'd to 4Ghz over 4 cores with 6Gb's of DDR3 ram so if anyone needs something compiled for this project PLEASE i would love to help. it would also be even more of a learning experience to me so by all means. i would like to become more involved in puppy and all i can offer at this point is my hardware's power.
SORRY for the long post!
i have been extremely interested in security cryptology and more generally everything being discussed in this thread.
unfortunatly i do not have anything i can really contribute YET however i must say even if nothing in the way of software or an actual distro/puplet come out of this just looking through the links and ideas mentioned here is an amazing learning experience i have just started but i have alot of reading ahead of me.
all i can really do is thank you all for the knowledge that i and anyone else can get out of this.
oh i have been unsuccessful in compiling anything in puppy yet but i have had very limited time to look into it it seems i lake the exact commands to run.
BUT! my main rig (PC) is a intel Core i7 OC'd to 4Ghz over 4 cores with 6Gb's of DDR3 ram so if anyone needs something compiled for this project PLEASE i would love to help. it would also be even more of a learning experience to me so by all means. i would like to become more involved in puppy and all i can offer at this point is my hardware's power.
SORRY for the long post!
- ttuuxxx
- Posts: 11171
- Joined: Sat 05 May 2007, 10:00
- Location: Ontario Canada,Sydney Australia
- Contact:
Re: What can i say
I have a couple newer pc's the extra power doesn't help all that much, most 95% or so puppy versions are single core, only a couple are for 2 cores, having 4 or 20 cores won't speed up anything, The extra memory is good but most can pimp out the pupsave like I do to 20GB on a sata2 hd and that's about as good as it getsNekroze wrote:Hello all, although this is my second post on these forums i have been tending to my puppy now for about a month (yes i thought that was kinda neat way to say things) by this i mean i have been running puppy for about a month and trying my best to learn about this distro and in general linux as i have been venturing out of windows and realized the worlds of possibilities that linux presents and more so with puppy.
i have been extremely interested in security cryptology and more generally everything being discussed in this thread.
unfortunatly i do not have anything i can really contribute YET however i must say even if nothing in the way of software or an actual distro/puplet come out of this just looking through the links and ideas mentioned here is an amazing learning experience i have just started but i have alot of reading ahead of me.
all i can really do is thank you all for the knowledge that i and anyone else can get out of this.
oh i have been unsuccessful in compiling anything in puppy yet but i have had very limited time to look into it it seems i lake the exact commands to run.
BUT! my main rig (PC) is a intel Core i7 OC'd to 4Ghz over 4 cores with 6Gb's of DDR3 ram so if anyone needs something compiled for this project PLEASE i would love to help. it would also be even more of a learning experience to me so by all means. i would like to become more involved in puppy and all i can offer at this point is my hardware's power.
SORRY for the long post!
as for compiling let me tell you, that is a art of its own, the best place to look is Barry's blog, he's been giving out his compiling recipes lately which is nice, he's always been the king of making things small, Thats the key to a great puppy package, reduction in size.
My last version of hardware info is about 30% smaller than all the others because I looked at the C code and made it reuse icons for each sub-directory saving about 200kb extracted. not bad for a 110kb pet package
Other tricks is to know what can and can not safely be stripped, Thats a hard call, usually bins and .so files, but sometimes they break, best to try it on the installed version.
A great tip is sources, you can waste your time trying to find them here and there, Or you can go to the Ubuntu package search and search for something 9/10 times its there, just download the sources and from the page and compile, when it says your missing something, look at that page it should have all the missing deps listed, then just download what sources you need and away you go.
usually check and see what you can disable also, like open a package/extract it and do the ./configure --help
that should list what you can --enable --disable --with --without, sometimes it only says --enable, try to use --disable instead
Barry's main commands to compile are
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --build=i486-pc-linux-gnu
My main commands are
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --build=i386-linux --enable-shared --enable-strip
I usually build i386 not i486, my pc's are i686 like yours, I lower it so it works well for everybody,
Some say to use
export CFLAGS="-O2 -march=i386 -mcpu=i686"
before you start to compile
to strip a file use something like
strip -R .note -R .comment path-to-file /usr/bin/abiword
ttuuxxx
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)
Hi
I just came across this link,
http://www.irongeek.com/i.php?page=vide ... -computing
which is very geeky, but covers a lot of useful info, though quite a lot is windoze vista and v7 based, there is some good forensics inside info,
particularly on hard drive storage and how it can be used forensically for tracking/tracing etc and overwritten...
e.g.
http://sansforensics.wordpress.com/2009 ... rive-data/
run the video - it's over 3 hours, so be prepared......
pick out the useful bits......
like gnu-tools shred invocation
http://www.gnu.org/software/coreutils/m ... ation.html
Gives a bit of insight into tinhat mentality, and the sort of programs used for forensics IMO
e.g DEFTlinux
http://www.deftlinux.net/
maybe useful for testing, if ever anyone actually makes BOP
Also some good stuff on private browsing
Didn't watch it all, but I use sandboxIE for windoze.....
delete the sandbox after browsing/email/banking etc
enjoy
Aitch
I just came across this link,
http://www.irongeek.com/i.php?page=vide ... -computing
which is very geeky, but covers a lot of useful info, though quite a lot is windoze vista and v7 based, there is some good forensics inside info,
particularly on hard drive storage and how it can be used forensically for tracking/tracing etc and overwritten...
e.g.
http://sansforensics.wordpress.com/2009 ... rive-data/
run the video - it's over 3 hours, so be prepared......
pick out the useful bits......
like gnu-tools shred invocation
http://www.gnu.org/software/coreutils/m ... ation.html
Gives a bit of insight into tinhat mentality, and the sort of programs used for forensics IMO
e.g DEFTlinux
http://www.deftlinux.net/
maybe useful for testing, if ever anyone actually makes BOP
Also some good stuff on private browsing
Didn't watch it all, but I use sandboxIE for windoze.....
delete the sandbox after browsing/email/banking etc
enjoy
Aitch
- Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
This is an explanation of a potential exploit I have experienced in Puppy (would happen in any distro not running 'no-script?)
http://www.techcrunchit.com/2009/08/31/ ... -security/
As the commercial world move us into the cloud
for more cummulus fleecing, stay informed . . .
PS.
Went to visit my sister today.
Norton Symnatec ran out (free year from ISP)
does their downloadable uninstaller work?
no - expired.
We needed that because the AVG anti-virus would not install before Norton was uninstalled.
In the end she contemplates being extorted (ahem - have a renewed paid subscription) and blackmailed into not wasting further time
She is of course running MS Windows - blatant, shameful 'business practice'
http://www.techcrunchit.com/2009/08/31/ ... -security/
As the commercial world move us into the cloud
for more cummulus fleecing, stay informed . . .
PS.
Went to visit my sister today.
Norton Symnatec ran out (free year from ISP)
does their downloadable uninstaller work?
no - expired.
We needed that because the AVG anti-virus would not install before Norton was uninstalled.
In the end she contemplates being extorted (ahem - have a renewed paid subscription) and blackmailed into not wasting further time
She is of course running MS Windows - blatant, shameful 'business practice'
Lobster
The Norton Removal Tool uninstalls all Norton
2009/2008/2007/2006/2005/2004/2003 products, Norton 360 and Norton
SystemWorks 12.0 from your computer.
http://service1.symantec.com/SUPPORT...05033108162039
Aitch
The Norton Removal Tool uninstalls all Norton
2009/2008/2007/2006/2005/2004/2003 products, Norton 360 and Norton
SystemWorks 12.0 from your computer.
http://service1.symantec.com/SUPPORT...05033108162039
Aitch
The best place is Major Geeks:
http://www.majorgeeks.com/Norton_Remova ... d4749.html
""""""""""
Or Nortons is here.
http://service1.symantec.com/Support/ts ... g=en&ct=us
Lobster.
I've never had a failure with Nortons Removal.
"""""""""
And try Avira Free.
http://www.majorgeeks.com/Avira_AntiVir ... _d955.html
"""""
Firewall...try Online Armor Free
http://www.majorgeeks.com/Online_Armor_Free_d4872.html
/////////////
Majorgeeks....way to go.
Plus occasionally they mention Puppy.
Chris.
http://www.majorgeeks.com/Norton_Remova ... d4749.html
""""""""""
Or Nortons is here.
http://service1.symantec.com/Support/ts ... g=en&ct=us
Lobster.
I've never had a failure with Nortons Removal.
"""""""""
And try Avira Free.
http://www.majorgeeks.com/Avira_AntiVir ... _d955.html
"""""
Firewall...try Online Armor Free
http://www.majorgeeks.com/Online_Armor_Free_d4872.html
/////////////
Majorgeeks....way to go.
Plus occasionally they mention Puppy.
Chris.
Last edited by cthisbear on Thu 17 Sep 2009, 22:47, edited 1 time in total.
Lobster, sorry, somehow it got abbreviated
http://service1.symantec.com/Support/ts ... 3108162039
Aitch
http://service1.symantec.com/Support/ts ... 3108162039
Aitch