Avoid Reusing Passwords

Do you use the same password on multiple websites?
 
If so, it is possible that hackers can download a list of email addresses and associated passwords with your information. Are you on a list like this?
 
This is the reason that everyone should use strong passwords along with a password management program like Keepass. Keepass helps you keep track of passwords so that it is easier to use unique ones for each website.
 

Google Knows…

If you have an Android phone, Google likely has a history of most of the places that you have been over the past 10 years.  You can view that history by signing onto your Google account (via Gmail, etc.) and then going to:

https://myactivity.google.com/more-activity

Under location history, click “View Timeline.”  A map will appear with dots showing where you have been.   Based on my map, it appears that the history may only include locations within the United States and Canada.  And there are missing places.  But, the accuracy of the information displayed is quite refined.  For example, I can zoom into a location I visited on a business trip a few years ago and can tell the hotel I stayed at.  I can tell when I arrived at the hotel for the evening and when I left for the airport the next morning.

This location tracking is turned on by default on Android devices.  It can be turned off in theory.  But, it is entirely possible that Google collects and retains this information anyway.

Wi-Fi Networking Links

TL-WR802N Router

Here is the official link to the TL-WR802N router that I purchased in November 2018.  Note that this router comes with a highly insecure default configuration.  With some simple cracking tools in Kali Linux, I was able to obtain its login name and password in under one minute…

https://www.tp-link.com/us/products/details/cat-5506_TL-WR802N.html

Nevertheless, Open-WRT and DD-WRT can be installed on it to provide a more secure system.

https://openwrt.org/toh/tp-link/tl-wr802n

https://wr802n.blogspot.com/2018/04/dd-wrt-install-on-tp-link-tl-wr802n.html


Secure Your Router’s Access (OpenWRT)

How to Make an ISO Copy of Your Hard Drive on Ubuntu

Portable Apps

 

 


General Links

Lock Down Wi-Fi with Wireless Isolation

Wi-Fi Security – WEP, WPA, and WPA2 (hakin9_wifi_EN.pdf)

CVE Details – The Ultimate Security Vulnerability Database

https://tools.tracemyip.org

 

 

IPTABLES Personal Firewall

Personal Firewall is a tidy little set of scripts for implementing a pretty tight firewall on a machine that is connecting to an open (or otherwise untrusted) network.  It is a set of scripts for allowing a minimal set of traffic (HTTP, DNS, DHCP, NTP, etc) immediately and then save the configuration to be persistent upon reboot.

Of course, add or delete services you do not need.  For example, do you need Skype?  If not, delete the Skype configuration from the script.

https://github.com/meetrp/personalfirewall

This link also contains a script to convert URLs to CIDR addresses.  For example, the script will identify the IP address ranges of an unwanted website so that you can block it with the Personal Firewall.

The Personal Firewall uses iptables.  So, it only works on a Linux machine.  However, it could be of use for a home router running a Linux based firmware build such as OpenWRT.

Chocolatey Package Manager for Windows

Chocolatey is a package manager for Windows (like apt-get or yum but for Windows). It is a single, unified interface designed to easily work with all aspects of managing Windows software (installers, zip archives, runtime binaries, internal and 3rd party software) using a packaging framework that understands software versions as well as dependencies.

Chocolatey packages encapsulate everything required to manage a particular piece of software into one application by wrapping installers, executables, zips, and scripts into a single package.  This makes applications easy to install.  It simplifies the process of checking for updates.  And it makes installing those updates easy.  Installing updates on a regular basis is crucial for maintaining the security of your Windows machine.

Thousands of packages are available through Chocolatey.  Most, if not all, of them are free and open source.

Open a command prompt in Windows under administrator privileges:

Copy and paste the following command into the command prompt:

@”%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe” -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command “iex ((New-Object System.Net.WebClient).DownloadString(‘https://chocolatey.org/install.ps1’))” && SET “PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin”

After the installation finishes, type the following into the command prompt:

choco upgrade chocolatey

Finally, type the following into the command prompt if you want to use the GUI interface:

choco install chocolateygui

The installer will ask if you want to run the script.  The answer is Yes.

Once the installation has completed, close the command prompt.  Chocolatey should now be visible on your Start menu.

 

Professer Messer Security+ Videos

A good video supplement to Mike Meyer’s Videos for Security + is the Professor Messer set of videos:

Professor Messer Security+ Videos and Notes

These videos are 100% free.  And they are transcribed for those who prefer audio or visual learning.  Professor Messer also has detailed notes for a reasonable fee.

APT and RAT

An APT is an Advanced Persistent Threat.

An APT is underway when an attacker targets a particular system over a long period of time.  The goal is to gain information – not to damage or destroy the system.  His attack is perpetrated against well-chosen targets and the attackers have specific objectives.  For example, an enemy government may want to target a nuclear weapons facility.  Or an attacker might want to target a credit reporting company to get access to credit card numbers.

APTs usually target corporations, banks, government entities, and national defense systems for espionage purposes.  The attackers seldom want the target to discover their presence.

The steps to an APT attack are to gain access to a system, create backdoors and tunnels so that attackers can move around unnoticed, crack passwords and use other methods to gain enhanced privileges (like administrator rights), and then transfer targeted data to their own systems.

They often repeat this process until they are detected.

A Remote Access Trojan (RAT) is a program that includes a backdoor for the attacker to access administrative privileges on a target system.  These programs may be part of freeware programs from dubious sources.  Or they may be sent as an attachment to an email that the attacker entices the recipient to open.  One famous RAT is called Back Oriface.