/os/ - Online Security

News, techniques and methods for computer network security.

Boards | Catalog | Bottom

Drawing x size canvas

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.

Meta Thread Endwall 07/12/2016 (Tue) 12:03:36 [Preview] No. 171 [Reply]
Post any comments, concerns, or requests for the board in this thread.
Edited last time by Endwall on 07/12/2016 (Tue) 12:15:00.
11 posts omitted.

Anonymous 03/21/2017 (Tue) 02:50:26 [Preview] No. 859 del
Useful to use before proxycheck.sh because it is much faster like seconds for a thousand proxies. But proxycheck.sh is still useful because it weeds out the proxies that give certificate errors in the google or youtube check.

Endwall 05/23/2017 (Tue) 03:33:49 [Preview] No. 925 del

Good catch. OK thats definite masonic lingo there. Not sure about the logo, it looks like the doppler effect. Just because the website has masonic references doesn't mean that the software doesn't work. I haven't tried it personally, but I liked the advertised anti-systemd approach. I think a disclaimer is in order, rather than a removal of the link. What are your thoughts?

Anonymous 06/22/2017 (Thu) 19:04:55 [Preview] No. 944 del
It already is a disclaimer of sorts but I am pleased you added it to the post where it was linked. (completely not neccisary) I actually trust this more because they are more forthcoming to the vidion of the project. You look at CISCO's logo it is not only the golden gate bridge it is the markings like you see on a ruler. Why is CISCO using ruler indentations as its logo? You look at GNU its baal. Heads tells you they are insiders in the first sentence. This could prove to make it not compromised as it could be using the reputation of this proffesional mens club to vet itself. Or it could mean there is a backdoor of some kind. An eye in the iso. I would check it out but not immediatly choose this os as something to use in a time of elites ruthlessly vying for power.

Anonymous 06/22/2017 (Thu) 19:12:15 [Preview] No. 945 del

Welcome to Online Security: Sticky Thread Endwall 07/13/2016 (Wed) 03:11:01 [Preview] No. 181 [Reply]
Hello and Welcome to /os/, Online Security.

This is a board for the discussion of online security / privacy / news in the privacy world.

>I don't have anything to hide

>GPG GNU Privacy Guard

>Privacy Guides

Message too long. Click here to view full text.

Edited last time by Endwall on 05/23/2017 (Tue) 03:41:57.

Sticky Bump Endwall 10/23/2016 (Sun) 18:54:40 [Preview] No. 624 del
TENS , https://spi.dod.mil/lipose.htm , US Air Force Live CD <-- online banking for mom and dad.
LibertyBSD http://libertybsd.net/ , https://libreboot.org/docs/bsd/openbsd.html
Edited last time by Endwall on 01/02/2017 (Mon) 11:03:40.

Sticky Bump Endwall 04/30/2017 (Sun) 03:29:12 [Preview] No. 894 del
Heads https://heads.dyne.org/ http://fz474h2o46o2u7xj.onion ; Devuan non-systemd version of Tails (Disclaimer: Website/Project has masonic references)
Devuan https://www.devuan.org/ http://devuanzuwu3xoqwp.onion
Systemd Free http://systemd-free.org/
Edited last time by Endwall on 05/23/2017 (Tue) 03:42:52.

Endwall 06/01/2017 (Thu) 08:14:41 [Preview] No. 933 del
Mozilla Firefox Hardened Profile

Hardware Endwall 09/18/2016 (Sun) 18:31:31 [Preview] No. 580 [Reply]
Discuss hardware and alternative hardware concepts to increase computer and online privacy and security.
Edited last time by Endwall on 09/18/2016 (Sun) 18:50:04.
2 posts and 1 image omitted.

Anonymous 05/19/2017 (Fri) 20:38:29 [Preview] No. 922 del

Message too long. Click here to view full text.

Anonymous 06/25/2017 (Sun) 04:59:22 [Preview] No. 946 del
Retrobrew Computers - KISS-68030 homebrew computer with Linux
https://youtube.com/watch?v=MYpMOBaohbw [Embed]
Retrobrew Computers - improvements to the KISS-68030 homebrew computer
https://youtube.com/watch?v=zsdBZ1Z29hs [Embed]
April 2017 update - new printed circuit boards!
https://youtube.com/watch?v=27QhVgdJGJ8 [Embed]


Anonymous 06/25/2017 (Sun) 05:10:11 [Preview] No. 947 del
Malinov Xi-8088

Dr. Scott M. Baker
Building an Xi 8088 PC-XT compatible Computer
https://youtube.com/watch?v=MW5lApN0gWc [Embed]
In this video, I build an Xi 8088, backplane, sound card, floppy controller, compactflash adapter, and VGA. Lots of soldering. For more electronics projects, see http://www.smbaker.com/


Sergey Kiselev


Anonymous 06/25/2017 (Sun) 05:16:19 [Preview] No. 948 del
Zilog Z80 Homebrew

Dr. Scott M. Baker
Building a Zeta 2 Single Board Computer
https://youtube.com/watch?v=wos_AmfgrrU [Embed]
Z80 Retrocomputing 16 - UNIX on RC2014
https://youtube.com/watch?v=1WG8zopGzaA [Embed]

Anonymous 06/25/2017 (Sun) 06:51:03 [Preview] No. 952 del
Monster 6502

Monster6502 Update #1
https://youtube.com/watch?v=HDMkw6lnzmI [Embed]

Monster 6502 Now Powers a Retrocomputer
https://youtube.com/watch?v=tQIwS2GzXLI [Embed]

Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
426 posts and 2 images omitted.

Endwall 06/07/2017 (Wed) 06:57:46 [Preview] No. 937 del
Hak 5
No More Drone Registration! Subtitles Can Be Hacked, Fake Net Neutrality Comments - Threat Wire
https://youtube.com/watch?v=t6yrbDXfD68 [Embed]

Fireball Malware Infects Millions - Threat Wire
https://youtube.com/watch?v=fngjYO6DMvE [Embed]

Endwall 06/07/2017 (Wed) 07:13:01 [Preview] No. 938 del
Jupiter Broadcasting
#NotMyInternet | TechSNAP 322
We discuss who really controls the internet & just how centralized and potentially vulnerable it has become. Plus the latest security letdowns from Windows 10, the story of a questionably ethical hacker & Zomato’s data breach.

PostgreZFS | BSD Now 196
This week on BSD Now, we review the EuroBSDcon schedule, explore the mysteries of Docker on OpenBSD, show you how to run PostgreSQL on ZFS & more!

A Burrito Stole My Money | TechSNAP 321
Not only is the UK leaving the Eurozone, they are starting their own internet, this time with more surveillance! Then we’ve got some top tips on getting recruited by the Israeli NSA & the details of some new WannaCry wannabes that may be infecting a windows server near you.

Message too long. Click here to view full text.

Edited last time by Endwall on 06/07/2017 (Wed) 07:15:41.

Endwall 06/25/2017 (Sun) 05:26:35 [Preview] No. 949 del
Hak 5
Did Russia Hack US Election Systems? - Threat Wire - Duration: 8 minutes, 55 seconds.
https://youtube.com/watch?v=7azBeV0pSwI [Embed]
198 Million US Voters Data Exposed - Threat Wire - Duration: 7 minutes, 6 seconds.
https://youtube.com/watch?v=w6EzZfekQlU [Embed]

Endwall 06/25/2017 (Sun) 05:36:30 [Preview] No. 950 del
Jupiter Broadcasting
Linux Action News 6
Posted on: June 18, 2017
More competition in desktop Linux, Debian 9, Tails 3, Firefox 54, FreeNAS 11 & OpenMediaVault 3 all get released.

DNS Mastery | TechSNAP 324 June 20, 2017
We’ve got the latest on the ‘Stack Crash’ vulnerability affecting a UNIX OS near you. Plus thanks to a recent RNC data leak we’ve got your name, address, birthday & a lot more personal information! Then Dan does a deep dive on his DNS infrastructure, some recent improvements & his integration with Let’s Encrypt.

Endwall 06/25/2017 (Sun) 05:42:55 [Preview] No. 951 del
Jupiter Broadcasting
Halls of Endless Linux | LUP 202
June 20, 2017
Michael Hall from Endless joins us to discuss his new role, Endless’ involvement with Gnome & the unique approach they are taking with EndlessOS. Plus Fedora shares some future plans that have us really excited & we try to grok casync, Lennart Poettering’s new project for distributing file system images.


Tails of Privacy | Ask Noah 13
June 19, 2017
This week we’re back in Grand Forks and we give you a deep dive on TAILS linux – the distro designed from the ground up to provide you with a secure computing environment. Plus we talk about universal installers, the security of messengers & your calls.


Internet Security General Anonymous 04/16/2016 (Sat) 07:56:30 [Preview] No. 4 [Reply]
Continuing from >>>/tech/597
This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.
56 posts and 3 images omitted.

Anonymous 06/04/2017 (Sun) 18:01:05 [Preview] No. 935 del
That is much more complicated than it needs to be.
All that can be done with:
tmux new links \; split-window -l 2

Which will
Create a new session running links
Create a new pane 2 line tall

Endwall 06/12/2017 (Mon) 06:11:39 [Preview] No. 939 del
This is more efficient. It didn't work straight from the command line as presented though.

I have to enter command mode to do this.

$ tmux new links
$ Ctrl + b ; Shift + :
: split-window -l 2

Then repeat with a new window to multi tab
$ Ctrl +b ; c

As you can tell I don't know what the hell I'm doing. Another case of RTFM for Endwall.

Thanks for the tip.

Anonymous 06/12/2017 (Mon) 19:02:35 [Preview] No. 941 del
>It didn't work straight from the command line as presented though.
Were you already in tmux? Try this, copy it exactly:
tmux neww links \; split-window -l 2

Endwall 06/12/2017 (Mon) 21:25:43 [Preview] No. 942 del

Yeah it works, I'm not sure why it wasn't working earlier, I can't recall.
You typed an extra w in new. Thanks.

Anonymous 06/14/2017 (Wed) 18:27:58 [Preview] No. 943 del
>You typed an extra w in new.
That is for if you are already in tmux.

Endware Endwall 05/03/2016 (Tue) 08:54:28 [Preview] No. 32 [Reply]
Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.

iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.

spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.

alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.

mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.

Message too long. Click here to view full text.

170 posts and 3 images omitted.

Endwall 04/17/2017 (Mon) 21:12:10 [Preview] No. 881 del

endtv.sh seems to be working again somewhat. I'll keep the filmontv channels out of endstream for now however.

Endwall 05/08/2017 (Mon) 06:35:33 [Preview] No. 913 del
endradio.sh version 0.01

-Stream internet radio stations behind tor using mpv

Endwall 05/29/2017 (Mon) 21:42:59 [Preview] No. 929 del

endtunes.sh version 0.04

- Forked from endradio
- Operates in clearnet
- Mainly for music stations.
- Can be modified for tor use by adding torsocks before mpv

I put this on when I'm doing non computer related things, like studying or cleaning my room. I'll add more channels over time.

Endwall 05/29/2017 (Mon) 23:01:21 [Preview] No. 930 del
I have added a new repository for the streaming products:


I should have done this a while ago, but I was lazy and just added them to the endware repo.

Gitgud won't let me log in to create a new repo so I'll just use github for now.

If you want to make your own channel listings clone it and make a new repo.

Endwall 06/12/2017 (Mon) 06:32:11 [Preview] No. 940 del
endstream.sh version 0.36

I have now added user-agent methods to endstream. you can also supply the commands ua-rand , ua-ranstr, ua-tor, ua-row1, and ua-off in the command line using --ua-randor in the prompt when you are prompted to enter a number by supplying ua-rand without the --. Also you can use the + and - keys followed by enter to increment and decrement channels. It should be easy for someone to make an infrared usb remote control that supplies + ENTER when pressing channel up and - ENTER when pressing the channel down button.

I also made a minor bug fix to endtube.sh and oldtube.sh to do with the ua-ranstr function. It should be working as I originally intended now. I'll implement the user-agent features on the rest of the streaming programs sometime this week.

I'll work on things here and there but I'm going to be on hiatus for the next 2 months with respect to programming. I know I still have some requests to fill but I'll get to dealing with them eventually.

If you have any bug reports, product suggestions, ideas, or concerns about the endware products, please comment below. Thanks.

Youtube Replacements Endwall 06/11/2016 (Sat) 08:29:50 [Preview] No. 78 [Reply]
Google engages in sophisticated datamining of your video viewership. Youtube is also a prism service provider.

List any substitutes for youtube for use with youtube-dl or endtube below:
28 posts omitted.

Anonymous 07/26/2016 (Tue) 22:33:02 [Preview] No. 222 del
My greasemonkey Viewtube script didn't support it.
sage for you

Endwall 08/03/2016 (Wed) 10:41:53 [Preview] No. 247 del

Endwall 10/29/2016 (Sat) 16:29:00 [Preview] No. 633 del

Anonymous 05/24/2017 (Wed) 03:06:35 [Preview] No. 927 del

Secure OSes Anonymous 05/09/2016 (Mon) 18:21:17 [Preview] No. 37 [Reply]
What is the best OS option for a secure setup?
How do OpenBSD and Linux with patches compare in terms of the security they offer?
55 posts and 2 images omitted.

Anonymous 03/24/2017 (Fri) 07:32:18 [Preview] No. 860 del
http://spi.dod.mil/ This doesn't work for me.

Anonymous 03/24/2017 (Fri) 07:38:06 [Preview] No. 861 del
nvm, I had to use a normal firefox profile then accept the unknown certificate manually.

Anonymous 04/03/2017 (Mon) 22:40:37 [Preview] No. 873 del
you can load syslinux from a librebooted grub

Anonymous 04/09/2017 (Sun) 07:45:36 [Preview] No. 877 del
you can't have full disk encryption if you do that.

Compile Thread Anonymous 11/27/2016 (Sun) 20:44:39 [Preview] No. 692 [Reply]
Endwall guy should keep irrelevant compile instructions in this thread by editing the OP or edit the Sticky thread before purging said irrelevant posts in various threads. Just remind them to compile from source and redirect them to this thread.
5 posts omitted.

Tor mods Endwall 12/04/2016 (Sun) 06:01:18 [Preview] No. 709 del
change this to

digest_algorithm_t alg = DIGEST_SHA1;
digest_algorithm_t alg = DIGEST_SHA256;
Leave this alone it will break tor if you change it.


change to

Message too long. Click here to view full text.

Edited last time by Endwall on 12/22/2016 (Thu) 05:15:38.

Install torsocks from source Endwall 12/04/2016 (Sun) 06:01:50 [Preview] No. 710 del
Install Torsocks from source

$ su
# pacman -S git
# apt-get install git
$ mkdir -p ~/git
$ cd ~/git
$ git clone https://git.torproject.org/torsocks.git

or if tor is already running with previous version of torsocks
$ torsocks git clone https://git.torproject.org/torsocks.git

$ mkdir -p ~/tor
$ mv torsocks ~/tor
$ cd ~/tor
$ cd torsocks
$ ./autogen.sh

Message too long. Click here to view full text.

youtube-dl from git Endwall 12/04/2016 (Sun) 06:02:28 [Preview] No. 711 del
Install Youtube-dl from source git

$ cd ~/
$ mkdir -p git
$ cd git
$ torsocks git clone https://github.com/rg3/youtube-dl.git
$ cd youtube-dl
$ su
# torsocks pacman -S zip pandoc
# pacman -Rc youtube-dl
# exit
$ make
$ ls
$ cd ~/bin
$ ln -s ~/git/youtube-dl/youtube-dl youtube-dl
$ cd ~
$ export PATH=$HOME/bin:$PATH

Message too long. Click here to view full text.

Tor from git repo Endwall 12/04/2016 (Sun) 06:03:18 [Preview] No. 712 del
Clone tor from git repo


$ mkdir ~/git
$ cd ~/git
$ torsocks -i git clone http://dccbbv6cooddgcrq.onion/tor.git
$ cd tor
$ cd src
$ cd or
$ nano or.h
$ nano routerparse.c
$ nano circuituse.c
$ cd ..
$ sudo su

Message too long. Click here to view full text.

Anonymous 01/15/2017 (Sun) 22:04:32 [Preview] No. 797 del
is there reason to use torsocks over git's builtin socks5 proxy?

wouldn't it be better if you just register as http.proxy and https.proxy variable by git config?

Not sure what revision of git your distro ships with but using torsocks should be considered depreciated hack for applications with builtin socks5 proxy support.

SSH privacy Anonymous 05/11/2016 (Wed) 18:16:01 [Preview] No. 42 [Reply]
How can I anonymously ssh into something? Going through Tor and using a freshly generated key for identification is obvious, but how can I make sure that there is no data leakage above all that? I haven't been able to find any guides on that, even though it seems like something a lot of people might be interested in doing.
2 posts omitted.

Anonymous 05/11/2016 (Wed) 21:01:41 [Preview] No. 45 del
>posting in the little retard's pet board
>captcha required

post this somewhere else if you are interested

Anonymous 10/21/2016 (Fri) 05:56:34 [Preview] No. 620 del
you gotta make suer your ssh deosn't show your key files to the server too

Anonymous 10/21/2016 (Fri) 12:05:39 [Preview] No. 621 del
Commenting out
SendEnv LANG LC_*
can help too.

Disabling pubkey auth is important. If you have passwordless key or have key loaded in ssh-agent, option
disables pubkey auth completely.

Also, there's this thing to demonstrate deanon by ssh key:

Anonymous 12/28/2016 (Wed) 01:52:02 [Preview] No. 748 del
Finally, my almonds have been activated.

Anonymous 01/08/2017 (Sun) 19:31:59 [Preview] No. 782 del
In ~/.ssh/config so you don't leak your username if you forget to specify one.
host *

user root