/os/ - Online Security

News, techniques and methods for computer network security.

Boards | Catalog | Bottom

Drawing x size canvas

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.

Welcome to Online Security: Sticky Thread Endwall 07/13/2016 (Wed) 03:11:01 [Preview] No. 181 [Reply]
Hello and Welcome to /os/, Online Security.

This is a board for the discussion of online security / privacy / news in the privacy world.

>I don't have anything to hide

>GPG GNU Privacy Guard

>Privacy Guides

Message too long. Click here to view full text.

Edited last time by Endwall on 01/02/2017 (Mon) 11:02:15.

Sticky Bump Endwall 10/23/2016 (Sun) 18:54:40 [Preview] No. 624 del
TENS , https://spi.dod.mil/lipose.htm , US Air Force Live CD <-- online banking for mom and dad.
LibertyBSD http://libertybsd.net/ , https://libreboot.org/docs/bsd/openbsd.html
Edited last time by Endwall on 01/02/2017 (Mon) 11:03:40.

Meta Thread Endwall 07/12/2016 (Tue) 12:03:36 [Preview] No. 171 [Reply]
Post any comments, concerns, or requests for the board in this thread.
Edited last time by Endwall on 07/12/2016 (Tue) 12:15:00.
6 posts omitted.

Anonymous 08/22/2016 (Mon) 08:34:59 [Preview] No. 354 del
Hello. Your onion address is not working. Connection refused at TCP 25.

Anonymous 08/22/2016 (Mon) 08:50:08 [Preview] No. 355 del


Endwall 08/23/2016 (Tue) 00:49:16 [Preview] No. 356 del
I got the email. It does that because it rejects you if you try to rendevous in a country that I've banned in my exlude nodes in my torrc-defaults file. I have to comment that out, but it seems that the message got through. I'll decrypt this and see if it's the same message I read earlier.
Edited last time by Endwall on 08/23/2016 (Tue) 01:09:43.

Endwall 08/23/2016 (Tue) 01:14:18 [Preview] No. 359 del
Nope... this message was slightly shorter, but had a similar ending.
Edited last time by Endwall on 08/23/2016 (Tue) 01:17:20.

Endwall 09/04/2016 (Sun) 17:27:56 [Preview] No. 544 del
I'm back at school, so activity from me will be slower than usual until I get settled in. I won't have time to post as many news articles, but my main sources of information are as follows:

Tor News
Deep Dot Web
Soylent News
Security NewsFeeds

Feel free to post any relevent news articles you find into the news section. I'll post things here and there as I run across them. Thanks.
Edited last time by Endwall on 12/17/2016 (Sat) 00:27:04.

Endware Endwall 05/03/2016 (Tue) 08:54:28 [Preview] No. 32 [Reply]
Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.

iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.

spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.

alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.

mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.

Message too long. Click here to view full text.

152 posts and 2 images omitted.

Anonymous 02/11/2017 (Sat) 21:37:28 [Preview] No. 827 del
can you make a batch renaming script that replaces `\|, characters into _ or - to also become an integral part of renum.sh? Some of the crappy file names that I save lots of images into tend to break renum.sh somehow. Also, if there's more than one . in the filename, it ignores any other . after the first . so I manually find that one and change it and run renum.sh again. I have so much files these days that Thunar's batch renaming function fails to work when I load it up. so I can't use search and replace to change the problematic characters myself. Also, every time I use renum.sh, I think I lose one file.

Endwall 02/11/2017 (Sat) 23:11:21 [Preview] No. 828 del
Yeah sure. I'll start working on that next friday.

I also have a script that annotates proxies with the protocol but it's not much. I'll add the headers to it and release it next week.

>>826 I also just added --headers-on flag to endtube to turn on the hardcoded headers and overide the defaults. So this in principal returns the full functionality of the previous versions, but defaults to the defaults.

Endwall 02/12/2017 (Sun) 04:57:41 [Preview] No. 829 del
proxyload.sh version 0.12

##fixed a bug where the ssl_proxies wouldn't download, added a while loop and a check to make sure that they download. Might take longer to run but should give the correct output.

protofix.sh version 0.02

## A file to append the protocol extension to the proxies for use with endtube

$ protofix https ssl_proxies_checked.txt >> plist_ssl.txt
$ protofix socks5 socks_proxies_checked.txt >> plist_socks.txt


Message too long. Click here to view full text.

Edited last time by Endwall on 02/12/2017 (Sun) 05:04:16.

Endwall 02/14/2017 (Tue) 05:56:56 [Preview] No. 830 del
endjail.sh version 0.01

a fire jail default to apply to programs. restrict network with --no-net flag

xtrac-ytpl.sh version 0.02

Rebrand of endxtplist.sh for extracting youtube playlists into url list text file.

If you have any comments or suggestions about these files or any other files, notice any bugs, or have product requests, suggestions or ideas comment below. Thanks.
Edited last time by Endwall on 02/14/2017 (Tue) 06:04:16.

Endwall 02/23/2017 (Thu) 00:48:23 [Preview] No. 839 del
endstream.sh version 0.04

This is not a security product. It currently opperates in clearnet, but I'll advertize this here as well.

This is a live streaming application using mpv and youtube-dl but operates in the Clearnet (No Tor). This can be modified to do so if you think that streaming is fast enough behind tor, which I have found to be tedious and unuseable. You can use this on a media center computer connected to a large screen tv, or for personal desktop use. Currently it is only grabbing streams from youtube, However if you make some suggestions of other live streams that work with mpv and youtube-dl, I will add them in later releases.

I have added more channels. Some of these streams go dead after a day. But I'm sure some of these will stabalized over time. Go ahead and add your own streams from 121-140. If you know any other sources or good streams post below. Thanks.

Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
381 posts omitted.

Endwall 02/11/2017 (Sat) 08:47:37 [Preview] No. 825 del
Jupiter Broadcasting
Gambling with Code | TechSNAP 305
We’ve got the latest on GitLabs data disaster, a clever new method to cheat at the slots & a new Netgear exploit thats coming for your network!
Illuminating the desktop | BSD Now 180
This week on BSDNow, Kris is out of town but we have a great interview with Ken Moore, his brother, about the latest in BSD desktop computing & Lumina specifically. Stay tuned to your place to B…SD.

Endwall 02/18/2017 (Sat) 02:05:57 [Preview] No. 831 del
Jupiter Broadcasting

Metadata Matters | TechSNAP 306
February 15, 2017
The latest on just who has access to your private email, Dan dives deep on the GitLab Postmortem & did you know that Transport for London has been tracking your wifi? We’ve got the details.

The Cantrillogy | BSD Now 181
February 15, 2017
This week on BSDNow we have a Cantrill special to bring you! All three interviews back to back in their original glory, you won’t want to miss it. Stay tuned for your place to B…SD!

Endwall 02/18/2017 (Sat) 02:08:39 [Preview] No. 832 del
Hak 5
Steam Profile XSS Attack - Threat Wire - Duration: 5 minutes, 53 seconds.
https://youtube.com/watch?v=ZIcLFkmgFqI [Embed]

Endwall 02/22/2017 (Wed) 04:21:14 [Preview] No. 833 del
Hak 5
Operation BugDrop Targets Ukrainian Infrastructure - Threat Wire - Duration: 5 minutes, 54 seconds.
https://youtube.com/watch?v=Ap2xkiBZ9hw [Embed]

Endwall 02/22/2017 (Wed) 20:11:46 [Preview] No. 838 del
Can Foreign Governments Hack Americans With Impunity?

Posted by: DividedBy0 February 21, 2017

A lawsuit being heard by the US Court of Appeals for the District of Columbia Circuit seeks to answer the question of whether foreign governments can hack Americans with impunity. In the case of Kidane v. Ethiopia, lawyers for the Electronic Frontier Foundation (EFF) and the law firm of Jones Day and Robins Kaplan are representing a man from Maryland, who is going by the pseudonym of Mr. Kidane, in a lawsuit where Mr. Kidane alleges the government of Ethiopia infected his computer with spyware. The lawsuit alleges that the secret malware, known as FinSpy, allowed the government of Ethiopia to conduct wiretaps on his Skype calls and monitor everything he and his family did on the computer for a period that lasted months. The court has allowed the man to use a pseudonym that he had used in the Ethiopian community, because the Ethiopian government has a history of punishing the family members of people who dare to oppose it. Mr. Kidane was born in Ethiopia and moved to the United States 20 years ago, where he sought asylum and became an American citizen. Kidane became infected with the spyware after he opened a Word document that was sent to him by agents of the Ethiopian government. After opening the document, FinSpy was secretly downloaded onto his computer from a server with an IP address located in Ethiopia. All activities, including Skype calls, keystrokes, passwords, e-mails, chats, and web browsing was monitored, recorded, and uploaded to a command and control server with an IP address located in Ethiopia and controlled by the Ethiopian government. FinSpy is developed and marketed by FinFisher, formerly known as Gamma International, a company based in the United Kingdom. It is part of a line of “IT intrusion” software made by FinFisher, which are only sold to government agencies. Their software is frequently used to spy on activists around the world. Kidane continues his lawsuit, which is being appealed. Recently, attorneys for Mr. Kidane argued before a 3 judge panel that the lawsuit should be allowed to continue. Under the Foreign Sovereign Immunities Act, foreign governments are only liable for acts committed within the United States. Kidane’s attorneys argued that his computer was located in Maryland and remained there the entire time it was being spied upon. Attorneys for Ethiopia argued that they should not be held liable because they did not have a human agent who was physically located within the United States. One of the judges on the panel asked the attorneys representing Ethiopia if they believed that they could be held liable for mailing a letter bomb to the United States, or for remotely hacking a self driving car in the United States and causing it to crash. The attorneys for Ethiopia responded to the judge’s question by saying that they believed they could not be sued for such actions. Kidane was spied on from at least late October of 2012 until March of 2013. The lawsuit was originally filed in February of 2014. Previously in the case, a federal court ruled that foreign governments could not be held liable for wiretapping American citizens within the United States. The DC Circuit Court is expected to rule on the appeal within a few months.

Secure OSes Anonymous 05/09/2016 (Mon) 18:21:17 [Preview] No. 37 [Reply]
What is the best OS option for a secure setup?
How do OpenBSD and Linux with patches compare in terms of the security they offer?
50 posts and 1 image omitted.

Anonymous 01/12/2017 (Thu) 20:45:27 [Preview] No. 788 del
why no linux-libre kernel for alpine
what are they trying to hide

Anonymous 01/15/2017 (Sun) 22:12:14 [Preview] No. 798 del

if you don't know how to compile kernel, don't buy hardwares that requre firmwares to work properly in the first place

Anonymous 02/22/2017 (Wed) 05:27:00 [Preview] No. 834 del
(2.77 MB 287x191 feels.gif)
I use a Librebooted laptop with Debian that has FDE enabled. I also have a GRUB password set up. Works well enough.

If you're going full tinfoil, then use a Librebooted machine with an OS you've made yourself and remove the networking hardware. Encrypt with Twofish to make brute forcing harder for the attacker.

Anonymous 02/22/2017 (Wed) 05:59:54 [Preview] No. 836 del
Epic thread doods, thanks for bouncing.

https://youtube.com/watch?v=EjbQ-BDh4PU [Embed]

Anonymous 02/22/2017 (Wed) 06:08:36 [Preview] No. 837 del
I didn't use GRUB because of the claims behind being easily accessible through hitting backspace a specific number of times to being the password. I don't have 100% FDE also because of that claim. I'm also worried that if I update to a newer version of GRUB some time in the future that it won't be compatible with Libreboot. To ease my paranoia, I made myself use syslinux instead, but of course, it's no real solution either.

Hardware Endwall 09/18/2016 (Sun) 18:31:31 [Preview] No. 580 [Reply]
Discuss hardware and alternative hardware concepts to increase computer and online privacy and security.
Edited last time by Endwall on 09/18/2016 (Sun) 18:50:04.

Anonymous 12/24/2016 (Sat) 17:47:43 [Preview] No. 740 del
Lynxchan installation tutorial

Anonymous 02/22/2017 (Wed) 05:31:33 [Preview] No. 835 del
(23.44 KB 500x327 dunno.jpg)
RISC-V looks pretty cool.

Compile Thread Anonymous 11/27/2016 (Sun) 20:44:39 [Preview] No. 692 [Reply]
Endwall guy should keep irrelevant compile instructions in this thread by editing the OP or edit the Sticky thread before purging said irrelevant posts in various threads. Just remind them to compile from source and redirect them to this thread.
5 posts omitted.

Tor mods Endwall 12/04/2016 (Sun) 06:01:18 [Preview] No. 709 del
change this to

digest_algorithm_t alg = DIGEST_SHA1;
digest_algorithm_t alg = DIGEST_SHA256;
Leave this alone it will break tor if you change it.


change to

Message too long. Click here to view full text.

Edited last time by Endwall on 12/22/2016 (Thu) 05:15:38.

Install torsocks from source Endwall 12/04/2016 (Sun) 06:01:50 [Preview] No. 710 del
Install Torsocks from source

$ su
# pacman -S git
# apt-get install git
$ mkdir -p ~/git
$ cd ~/git
$ git clone https://git.torproject.org/torsocks.git

or if tor is already running with previous version of torsocks
$ torsocks git clone https://git.torproject.org/torsocks.git

$ mkdir -p ~/tor
$ mv torsocks ~/tor
$ cd ~/tor
$ cd torsocks
$ ./autogen.sh

Message too long. Click here to view full text.

youtube-dl from git Endwall 12/04/2016 (Sun) 06:02:28 [Preview] No. 711 del
Install Youtube-dl from source git

$ cd ~/
$ mkdir -p git
$ cd git
$ torsocks git clone https://github.com/rg3/youtube-dl.git
$ cd youtube-dl
$ su
# torsocks pacman -S zip pandoc
# pacman -Rc youtube-dl
# exit
$ make
$ ls
$ cd ~/bin
$ ln -s ~/git/youtube-dl/youtube-dl youtube-dl
$ cd ~
$ export PATH=$HOME/bin:$PATH

Message too long. Click here to view full text.

Tor from git repo Endwall 12/04/2016 (Sun) 06:03:18 [Preview] No. 712 del
Clone tor from git repo


$ mkdir ~/git
$ cd ~/git
$ torsocks -i git clone http://dccbbv6cooddgcrq.onion/tor.git
$ cd tor
$ cd src
$ cd or
$ nano or.h
$ nano routerparse.c
$ nano circuituse.c
$ cd ..
$ sudo su

Message too long. Click here to view full text.

Anonymous 01/15/2017 (Sun) 22:04:32 [Preview] No. 797 del
is there reason to use torsocks over git's builtin socks5 proxy?

wouldn't it be better if you just register as http.proxy and https.proxy variable by git config?

Not sure what revision of git your distro ships with but using torsocks should be considered depreciated hack for applications with builtin socks5 proxy support.

SSH privacy Anonymous 05/11/2016 (Wed) 18:16:01 [Preview] No. 42 [Reply]
How can I anonymously ssh into something? Going through Tor and using a freshly generated key for identification is obvious, but how can I make sure that there is no data leakage above all that? I haven't been able to find any guides on that, even though it seems like something a lot of people might be interested in doing.
2 posts omitted.

Anonymous 05/11/2016 (Wed) 21:01:41 [Preview] No. 45 del
>posting in the little retard's pet board
>captcha required

post this somewhere else if you are interested

Anonymous 10/21/2016 (Fri) 05:56:34 [Preview] No. 620 del
you gotta make suer your ssh deosn't show your key files to the server too

Anonymous 10/21/2016 (Fri) 12:05:39 [Preview] No. 621 del
Commenting out
SendEnv LANG LC_*
can help too.

Disabling pubkey auth is important. If you have passwordless key or have key loaded in ssh-agent, option
disables pubkey auth completely.

Also, there's this thing to demonstrate deanon by ssh key:

Anonymous 12/28/2016 (Wed) 01:52:02 [Preview] No. 748 del
Finally, my almonds have been activated.

Anonymous 01/08/2017 (Sun) 19:31:59 [Preview] No. 782 del
In ~/.ssh/config so you don't leak your username if you forget to specify one.
host *

user root

(25.07 KB 274x237 1480165941744.jpg)
Non ICAAN controlled domains Anonymous 01/02/2017 (Mon) 18:30:10 [Preview] No. 760 [Reply]
I have a website but I'm afraid that it won't stay up within the first year that Trump gets in. I would eventually pay for my own static IP but before then, I need to really decide on what website domains I should use that isn't too expensive. Some territorial domains have specifications as to what can and can't be done while other domains are controlled by FVEY. .is BTW, is super expensive, I was told that the price is around $500.

Anonymous 01/02/2017 (Mon) 18:33:10 [Preview] No. 761 del
mispelt ICANN

Anonymous 01/06/2017 (Fri) 22:33:59 [Preview] No. 770 del
.is Is great, archive.is people are smart people.

Anonymous 01/07/2017 (Sat) 04:06:07 [Preview] No. 772 del
Come to think of it, I think that pricing was an error on their part, should be 89 to 99 USD per year.

I wish I was Norwegian so that I can get a .no instead. Besides .no, I was thinking of .fi but then I realized that EU nations are potentially bad. .tv is under Australia but I might have to settle for that if I really don't want to pay up for .is

Anonymous 01/07/2017 (Sat) 18:42:17 [Preview] No. 774 del

Real answer is "onion".

Anonymous 01/08/2017 (Sun) 19:22:37 [Preview] No. 781 del
or .i2p

Internet Security General Anonymous 04/16/2016 (Sat) 07:56:30 [Preview] No. 4 [Reply]
Continuing from >>>/tech/597
This is for non specific, general tips for anonymous web browsing and downloads, tips on browsers and browser configurations for the security concious that you don't want to make a new thread for.
33 posts and 1 image omitted.

Endwall 08/20/2016 (Sat) 19:48:35 [Preview] No. 345 del
Regenerate intermediate term signing key:

$ tor --keygen

This will ask you to create a passphrase and then generates the key, make up a strong passphrase before hand and store it somewhere
$ passgen

Endwall 09/04/2016 (Sun) 23:37:16 [Preview] No. 550 del
If you're forced to use Windows, and you want to browse the internet behind tor you can use the links2 windows binary,


and chain it to the tor expert bundle binary. I just tried this out and it worked fine.


endtorrc works with this setup but you have to comment out the Sandbox variable.
and place the torrc, torrc-defaults, geoip, and geoip6 files in the directory C:\Users\user\AppData\Roaming\tor\

Anonymous 09/07/2016 (Wed) 18:29:36 [Preview] No. 558 del
Are you enabling do not track? I wouldn't suggest that.

Endwall 09/07/2016 (Wed) 23:21:30 [Preview] No. 559 del

I didn't post >>321, but I'm glad someone did. I incorporated the extra header bit into my setup and into the Endware scripts. I personally don't enable the do not track button. That seems to be the recomendation from JonDonym to not send that request. Thanks for pointing this out. Perhaps I should write up new instructions for setting up links2. I'll do that on the weekend.

a@a 11/07/2016 (Mon) 03:47:53 [Preview] No. 665 del
Random trivial info: the tor browser uses 1000x600, so if you're using a hardened iceweasel or something pretending to be tor, change your window resolution to 1000x600 and doublecheck via ip-check.info