Tag Archives: Security

How to PPTPD (PopTop)

Below is a way to connect your clients like smartphone, laptop, etc to the Internets while you are out and about connecting to random WiFi networks etc like Mac Donalds, and to help protect yourself while on them unknown networks with unknown users

Install mppe kernel support

# modprobe ppp-compress-18

Install PPTPD

# apt-get install pptpd

Configure IP Address Range
Edit the file /etc/pptpd.conf for the IP address range

localip 172.16.100.1
remoteip 172.16.100.200-250

restart pptpd to activate changes

# invoke-rc.d pptpd restart

Adding users accounts
Edit the file /etc/ppp/chap-secrets

test_user * lamepassword *

The above will give you a working PPTPD where your able to connect to securely but you’ll most probably can’t connect to the outside network.

To allow you PPTP clients access to the big bad internet

Enable IPv4 forwarding

echo 1 > /proc/sys/net/ipv4/ip_forward

Finally configure your iptables

iptables -A INPUT -i ppp+ -j ACCEPT
iptables -A OUTPUT -o ppp+ -j ACCEPT
iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE
iptables -A POSTROUTING -t nat -o ppp+ -j MASQUERADE

If you want all traffic to go through the PPTP connection
Edit the file /etc/ppp/pptpd-options and change

# Debian: do not replace the default route
nodefaultroute

to

# Debian: do not replace the default route
#nodefaultroute

and don’t forget to restart pptpd ;-)

Reference
Debian pptpd HOWTO
IP Chicken

[How to] Prey 0.5.3 under Debian

Today I setup Prey 0.5.3 on my netbook running Debian testing.

# apt-get install prey

Here is what I modified in my ‘/etc/prey/config

....

# autoconnect feature, disabled by default until we are 200% sure it
# works flawlessly in all platforms. feel free to try it out though.
auto_connect='y'

....

# you can get both of these from Prey's web service
api_key=''
device_key=''

....

# if you're having trouble getting requests across your firewall or proxy,
# you can try adding '-0' to make curl perform HTTP 1.0 requests
curl_options='-0 --compress'

# this option prepends a random number as a subdomain to the check URL on http mode
# makes it harder for other programs to block Prey so its a good idea to be on
randomize_check_host='y'
....

Also I added to my root crontab for updates

# crontab -e

Was
*/10 * * * * /usr/share/prey/prey.sh > /var/log/prey.log
now is

*/10 * * * * /usr/lib/prey/prey.sh > /var/log/prey.log

[LINK] A Trojan spying on your conversations

Here is another example to why one should check the permission(s) of an application(s) before installing on ones Android device.

In one of our earlier blogs, we have demonstrated how a Trojan logs all the details of incoming/outgoing calls and call duration in a text file. This Trojan is more advanced as it records the conversation itself in “amr” format. Also it has got many other malicious activities that we have seen in many of the earlier malware incidents targeted for Android platform.

Read full story

Android Application Permissions in part Explained

When you install an application from the Android market or from else where it will tell you the permission(s) it needs to function. While some legitimate applications often ask for more permissions than they need, it should at least raise some concern when deciding if an application is safe and of good quality.

To see permission(s) of a given application after installation, go to the Market, press menu > My apps, then select the application, press menu > more, then press security. There is an application called ‘permissions‘ to help explain the permissions of the applications you have installed on your smartphone.

Below is a list that was initially prepared by Lost Packet who talks about android security in much greater detail.

Continue reading

[LINK] Telstra, Optus to start censoring the web next month

I wonder how long it will take till they are going to push this censoring and legitimate sites they deem inappropriate and get filtered. I guess they think if no one complains, they can add more to it at a later date and block more sites and stuff till someone does complain about the filtering. And this filter in my honest opinion is for the computer illiterate and the parents that are to lazy to keep an eye on there children whilst on the computer or to have the computer in a family area to better keep an eye on the children’s doings on the computer and the internet.

MOST Australian internet users will have their web access censored next month after the country’s two largest internet providers agreed to voluntarily block more than 500 websites from view. Telstra and Optus confirmed they would block access to a list of child abuse websites provided by the Australian Communications and Media Authority and more compiled by unnamed international organisations from mid-year.

But internet experts have warned that the scheme is merely a “feel-good policy” that will not stop criminals from accessing obscene material online and could block websites unfairly.

Read the full story

Android (Google) Collecting Your Data

Apparently Android (Google) are gathering location information as part of their race to build massive databases capable of pinpointing people’s locations via their cellphones. Android devices keep a record of the locations and unique IDs of the last 50 mobile masts that it has communicated with, and the last 200 Wi-Fi networks that it has “seen”.

This post is more a of a guide to help limit the leakage of data.

This is a scripted I knocked up a while ago and have been using for fresh installs of OxygeN ROM to remove the Google stuff I not use before I enter SIM unlock code and log into the phone. All that is left is enough Google stuff to keep market happy, along with Droidwall and allowing apps you want access to the Internet my 3G signal status never goes green ie mean my phone logged into Google.

With doing this I have also noticed that my location information is not being logged to cache.wifi and cache.cell under /data/data/com.google.android.location/files

#!/bin/sh

## edit path to adb
PATH=/home/<user>/bin/android-sdk-linux_86/platform-tools

$PATH/adb remount
$PATH/adb shell rm -f /system/app/GenieWidget.apk
$PATH/adb uninstall com.google.android.apps.genie.geniewidget

$PATH/adb shell rm -f /system/app/Gmail.apk
$PATH/adb uninstall com.google.android.gm

$PATH/adb shell rm -f /system/app/GoogleBackupTransport.apk
$PATH/adb uninstall com.google.android.backup

$PATH/adb shell rm -f /system/app/GoogleCalendarSyncAdapter.apk
$PATH/adb uninstall com.google.android.syncadapters.calendar

$PATH/adb shell rm -f /system/app/GoogleContactsSyncAdapter.apk
$PATH/adb uninstall com.google.android.syncadapters.contacts

$PATH/adb shell rm -f /system/app/GooglePartnerSetup.apk
$PATH/adb uninstall com.google.android.partnersetup

$PATH/adb shell rm -f /system/app/Talk.apk
$PATH/adb uninstall com.google.android.talk

wait 1

echo "All Done, rebooting now"
$PATH/adb reboot

You can also block the following using DroidWall, to try and keep all bases covered:

  • Settings > Location & security and unchecked the “Use wireless networks” box
  • Network Location, Google Calendar Sync, Google Services Framework, Google Contacts Sync
  • (Kernel) – Linux kernel
  • Maps

Reference:
http://www.guardian.co.uk/technology/2011/apr/21/android-phones-record-user-locations?CMP=twt_gu

[How to] Change default search engine in Iceweasel (Firefox)

Type in the URL bar ‘about:config‘ and search for ‘keyword.url‘ and modify the ‘Value‘ from

http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

to your preferred search engine, for me I changed it to Duck Duck Go

https://duckduckgo.com/?q=

You can find a full list of available parameters here to have a more custom search string

https://duckduckgo.com/?kl=au-en&kp=-1&q=

Now all there is left to do is restart Iceweasel (Firefox) and enjoy the new default search engine you can use from the URL bar

Duck Duck Go


Well yesterday when I was stuffing around with my mobile phone I was doing update etc I looked to see what was new in the fdroid repository and stumbled across a new search engine called ‘Duck Duck Go‘ and go by the motto ‘We don’t track you!‘, which I found rather interesting as who doesn’t want to track you in this digital age. Anyways I have started to use Duck Duck Go (DDG) as my prefer search engine for awhile to see how they are as I am sort of getting annoyed with Google(but that another story).

What is DuckDuckGo?
DuckDuckGo is a search engine. Use it to get way more instant answers, way less spam, real privacy and we believe a much better overall search experience. See our about page for more.

Do you track me, i.e. can my searches be tied to me?
No – we do not store any personal information, e.g. IP addresses or user agents: see our privacy policy for details. We also have an encrypted (SSL) version, two non-JS versions (HTML & lite), a Tor hidden service (about), several privacy settings (including POST & RefControl), and we allow you to use URL parameters instead of cookies to store settings.

Read more about there above quoted information here

There plug-ins available for Firefox etc here, and the Android DDG search bar is available here