How to protect the PC?

Moderator: Forum moderators

Post Reply
User avatar
Duprate
Posts: 309
Joined: Sat Aug 22, 2020 8:14 pm
Location: Southern Brazil
Has thanked: 163 times
Been thanked: 107 times

How to protect the PC?

Post by Duprate »

Faced with the growing news about computer security such as:

"Cloudfare: Brazil was the basis for the largest DDoS attack ever recorded by the company";
"Travis CI Cloud Service Exposes Thousands of Authentication Tokens";
"Malware attacks distributed with PDF files are on the rise";
"Symbiote: Linux malware targets Latin American financial systems, including Banco do Brasil and Caixa Econômica Federal";
"Ransomware attacks: Brazil ranks 4th among the most affected countries";
"After paying ransomware ransom, companies still have to spend 7 times more on repairs";
"LinkedIn is the most spoofed brand by cybercriminals in phishing scams";
"Ransomware attack shuts down a college founded in 1865 in the city of Lincoln, in the US state of Illinois";
“Prevention is crucial to mitigate the global increase in ransomware attacks”;

What can we simple Puppy Linux users expect?
How to protect us? Is browsing a system with a frugal install and no savefile safer?
With the system loaded in RAM and HD disk unmounted, is it safe to browse?
After browsing the internet, restarting the system without connecting the HD, does it avoid the problems?
When downloading a file, running anti-virus before opening it will protect us enough?
What about the systems that keep a savefile, therefore with some HD partition mounted?

Many here are interested in this subject... Shall we share opinions, recommendations and experiences? :thumbup2:

Attachments
clamav_logo4.png
clamav_logo4.png (139.35 KiB) Viewed 1633 times
dancytron
Posts: 721
Joined: Fri Dec 13, 2019 6:26 pm
Has thanked: 518 times
Been thanked: 215 times

Re: How to protect the PC?

Post by dancytron »

The first thing is to evaluate the risk.

What needs to be done to protect a laptop that's used to browse the web, read email, and watch YouTube videos is different than what needs to be done if you use it for banking and credit card stuff is different than if it is being used to control cooling rods in a nuclear reactor.

User avatar
Duprate
Posts: 309
Joined: Sat Aug 22, 2020 8:14 pm
Location: Southern Brazil
Has thanked: 163 times
Been thanked: 107 times

Re: How to protect the PC?

Post by Duprate »

dancytron wrote: Fri Jun 17, 2022 5:58 pm

The first thing is to evaluate the risk.

What needs to be done to protect a laptop that's used to browse the web, read email, and watch YouTube videos is different than what needs to be done if you use it for banking and credit card stuff is different than if it is being used to control cooling rods in a nuclear reactor.

Well, my usual usage doesn't include storing personal information, banking and credit card services, and controlling cooling rods in a nuclear reactor. :D
My installation is "frugal" type, I don't use savefiles.
However, it would be interesting to visualize a set of security rules that would serve all interested in security... :idea:

User avatar
wizard
Posts: 1973
Joined: Sun Aug 09, 2020 7:50 pm
Has thanked: 2634 times
Been thanked: 684 times

Re: How to protect the PC?

Post by wizard »

I use VNC to control a separate computers browser that connects to the internet. Browser only used for financial transactions. It's been stated before that a Puppy system booted from a CD (no other drives connected) has tremendous security. The same would apply to a USB that is formatted to ISO 9660 (unwriteable).

There are a lot of Puppy combinations that can be assembled for enhanced security using removable media. Just keep your sensitive info off the computer unless you're actually using it. Ransomware on a Puppy with no save file, NO PROBLEM. Ransomware on a Puppy save file that has no personal data, NO PROBLEM.

Am using a separate system with no internet connection to control my reactor. :mrgreen: :mrgreen: :mrgreen:

wizard

Big pile of OLD computers

Feek
Posts: 398
Joined: Sun Oct 18, 2020 8:48 am
Location: cze
Has thanked: 54 times
Been thanked: 90 times

Re: How to protect the PC?

Post by Feek »

Duprate,
I do it similarly. In most cases I do not use Savefile with the connected partition. Everything I boot is in that case a compressed .sfs file. Here on the forum I previously read that it would be the solution to do regularly md5sum of these files to verify that nothing was modified. However, I do not do this.

In most cases I use Fatdog. You probably know that Internet applications run as spot and, for example, everything from the browser can only access to /home /spot.

Safety could be also increased by using of a container. I tried it, but I don't normally use it.

For online banking, I might think about a special boot entry with the appropriate settings.

General principles I try to follow:
in the browser not to save anything (especially passwords),
not to use extensions (or just a minimum of those you trust),
not to click on anything thoughtlessly on the Internet (several times it has been mentioned that security on the Internet is given by the behavior of an individual sitting in front of the monitor).

ozsouth
Posts: 1560
Joined: Sun Jul 12, 2020 2:38 am
Location: S.E. Australia
Has thanked: 241 times
Been thanked: 693 times

Re: How to protect the PC?

Post by ozsouth »

Old Puppies have security holes unless updates are made. I like ScPup64-20.06, but keep my Firefox-esr updated & run-as-spot.
I also use a recent kernel, & compiled current openssl, curl & wget (I tried to compile busybox, but had 'field length' errors).
My chromebook gets frequent security auto-updates, including to its (now) debian bullseye facility.

User avatar
Duprate
Posts: 309
Joined: Sat Aug 22, 2020 8:14 pm
Location: Southern Brazil
Has thanked: 163 times
Been thanked: 107 times

Re: How to protect the PC?

Post by Duprate »

I also use FatDog64 as my battle system; the browser I trust the most is Mozilla Firefox, setting privacy and security in strict mode and enabled DNS over HTTPS; when I download a file, I run the anti-virus Clamav-0.105.0 in /home/spot/Downloads; and, I don't go around downloading crap!
However, the risk is there.... :shock:

A very recent example: "Symbionte"

A Linux malware dubbed Symbiote has been spotted by security researchers and is being considered nearly impossible to detect.
Its harmful actions start from backdoor infections, that is, through alternative access ports existing in a system, bypassing protection and users. Because of this stealth potential, the malware received the nickname of Symbiote (symbiote) from threat intelligence companies BlackBerry and Intezer.
A few months ago, we discovered a new undetected malware that acts with this parasitic nature affecting Linux operating systems.
Linux malware can hide inside running processes and network traffic, as well as drain a victim's resources like a parasite. The operators behind Symbiote are believed to have started developing the malware in November 2021, with a focus on the financial sector.
As the report puts it, what makes Symbiote different from other Linux malware "is that it needs to infect other running processes to cause damage to infected machines." The rogue agent exploits a native Linux feature called LD_PRELOAD, to be loaded by the dynamic linker (the part of Linux that links and loads the individual shared libraries to a file) in all running processes, and thus infects the host.
Its main purpose is to capture credentials and facilitate backdoor access to victims' machines. “Because the malware operates as a user-level rootkit, detecting an infection can be difficult,” the researchers concluded.

News source: https://olhardigital.com.br/editorias/seguranca/

Post Reply

Return to “Security/Privacy”