Best Password safety?[RESOLVED VIA IRC CHAT]
Question, besides using a strong password (caps, lower case, numbers, and symbols 8 chars or longer)
What else is everyone using, or would recommend? I have some concerns regarding some of the options to stay safe.
I am actively under attack, and would like to at least keep my passwords safe while I work on the rest.
The Key Ring:
Don't feel very comfortable having all my passwords in one spot, are these safe? Would seem if there was a key ring where I could use my mouse to type in the password, that should be safe. Or is it possible to use a keyring for your keyring password? I'm not sure what I should do here.
Other options... not sure.
What is out there these days, what should I be using, and what do you guys use? I need different (or the same if they work on both) solutions for ubuntu 10.10 and windows 7 on the same system.
Free is a requirement due to my current budget.
Notes from irc chat:
dd-wrt.com (to flash the router and change the router OS, will still route, plus allows more security features)
SELinux (Fedora kernal is built around this so you can simply use Fedora, or configure it yourself on a different distro such as ubuntu, but if configured wrong, it makes your system more vulnerable then if you never had it to begin with, reason to have it: even root does not have full control, making attacks more difficult. )
http://www.avira.com (Windows Anti-Virus)
Spybot Search and Destroy (Windows anti spyware)
http://townx.org/simple_firewall_for_ubuntu_using_iptables (will allow all out going, or client initiated incoming connections, will need to be re-configured for samba and some other programs tho)
Comments
-
Honestly I don't trust any consolidated password applications, I use no keyring or password tools and never have my browser save any passwords. All password that I use are stored only in my mind. I even go the extra mile and constantly flush my cookies and browsing history after each session.0
-
I'm wondering if your computer is attached directly to the modem, or, are you attached to a router? If your attached to a router, turn on the logs and look at them and see if you can identify what's being done. You're passwords in Linux are encrypted, so, unless your using a password that can be found in a dictionary (and it doesn't seem like you are) you shouldn't really worry about your passwords. In fedora I have /var/log/secure.log that will show me if anyone is trying something funny. The logs on the router can tell you what addresses are trying to gain access.
If your using ssh, you can disable that in your distros firewall, and depending on what router your using, you can disable features that allow certain types of access from outside. One sure way to batten down the hatches is to only allow access to your local network to those boxes that have the MAC address listed in the allowed section in the router setup. If you can identify the IP address of the box trying to attack you, you can add it to the disallowed section in your router setup.
Beyond that, we'd need more specific info on your home network setup and what brand of router your using, and what security you have working already.0 -
If I had a key logger put on my system it won't help me at all, also as far as checking the router I am having difficulty, finding nothing but other people saying it doesn't work like its supposed to on the router I have. Linksys WRT54G. Looking into IPCop hoping I can figure it out.0
-
My firewall is going nuts right now.
Time:Jun 26 17:41:09 Direction: Unknown In:eth0 Out: Port:3724 Source:174.5.97.216 Destination:192.168.1.101 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:41:09 Direction: Unknown In:eth0 Out: Port:3724 Source:72.46.217.247 Destination:192.168.1.101 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:41:13 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:41:15 Direction: Unknown In:eth0 Out: Port:3724 Source:72.46.217.247 Destination:192.168.1.101 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:41:16 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:42:23 Direction: Unknown In:eth0 Out: Port:3724 Source:74.64.126.28 Destination:192.168.1.101 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:43:29 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:44:45 Direction: Unknown In:eth0 Out: Port:3724 Source:72.197.202.148 Destination:192.168.1.101 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:45:10 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:46:27 Direction: Unknown In:eth0 Out: Port:3724 Source:173.57.189.220 Destination:192.168.1.101 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:47:10 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:47:39 Direction: Unknown In:eth0 Out: Port:3724 Source:68.224.172.50 Destination:192.168.1.101 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:48:12 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:48:59 Direction: Unknown In:eth0 Out: Port:3724 Source:72.39.73.230 Destination:192.168.1.101 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:49:23 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:49:23 Direction: Unknown In:eth0 Out: Port:3724 Source:98.246.48.174 Destination:192.168.1.101 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:49:26 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:49:26 Direction: Unknown In:eth0 Out: Port:3724 Source:98.246.48.174 Destination:192.168.1.101 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:49:32 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:51:29 Direction: Unknown In:eth0 Out: Port:3724 Source:122.201.44.23 Destination:192.168.1.101 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:51:56 Direction: Unknown In:eth0 Out: Port:3724 Source:76.104.25.143 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:52:03 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:52:03 Direction: Unknown In:eth0 Out: Port:3724 Source:76.104.25.143 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:52:06 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:52:07 Direction: Unknown In:eth0 Out: Port:3724 Source:76.104.25.143 Destination:192.168.1.101 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:52:12 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 17:56:51 Direction: Unknown In:eth0 Out: Port:3724 Source:98.246.48.174 Destination:192.168.1.101 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 18:00:15 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 18:00:49 Direction: Unknown In:eth0 Out: Port:3724 Source:70.72.59.170 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 18:01:26 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 18:01:43 Direction: Unknown In:eth0 Out: Port:3724 Source:213.46.202.122 Destination:192.168.1.101 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jun 26 18:04:07 Direction: Unknown In:eth0 Out: Port:3724 Source:116.231.115.237 Destination:192.168.1.101 Length:64 TOS:0x00 Protocol:TCP Service:Unknown0 -
Found my router log, it was disabled. Will let you know if I find anything interesting on it.0
-
I blocked the port, I read its common for world of warcraft, other blizzard games, and trojans.
I blocked it on my router, also figured out how the log files work on it. I'll see how it goes from here.0 -
to answer your question GoinEasy
Cable modem conntected to Linksys WRT54G router which runs DHCP for 3 PCs, one printer on a static address. All connections are wired with the wireless option enabled with a different password then the rest.
The IP address coming in is different every time, I blocked the port at my firewall but its still being allowed in, my firewall on my PC is getting hit still by the same port.0 -
ok now it should be blocked, i added in the policy to block the port but didn't select to do it afterwards. Lets see what happens now.0
-
For some reason i'm unable to successfully block this port, however since that was the case, I am now forwarding that port to a IP Address that isn't being used currently. My PC seems ok for the moment, at least the requests are going into a blank space on my network.0
-
It seems someone may be actively behind this as we speak, because now I am getting hit by multiple ports, none of them common.0
-
I'm hoping one of the network guru's that visit the forum can look at the output from your firewall, they may be able to recognize something. You can always run apps like top, or htop or iotop and watch what apps/tasks are running and see if something strange/unidentifiable can be found. The app iotop shows if anything is being written or read from the HD.0
-
It looks like you want more than key security. I would like to talk to you on the IRC forum tomorrow night so we can diagnose the issue once and for all. I have the same router, so that can help. But also we will need to know if you are using a tool for your firewall or just using an iptables script.
In addition I would recommend flashing your router with dd-wrt so the default linksys trash can be removed and you can have reliable filtering.0 -
mfillpot wrote:It looks like you want more than key security. I would like to talk to you on the IRC forum tomorrow night so we can diagnose the issue once and for all. I have the same router, so that can help. But also we will need to know if you are using a tool for your firewall or just using an iptables script.
In addition I would recommend flashing your router with dd-wrt so the default linksys trash can be removed and you can have reliable filtering.
I agree, solving this in forums might be a little difficult. If you feel up to it, we can gather at the #linuxdotcom channel on irc.linux-foundation.org.
My server is always connected, if I'm there just type my name and I'll get a notification
Regards0 -
That would be great, what time frame should I connect to the server?0
-
I guess Matt will answer with a time. I'm in the IRC channel 24/7, but rarely monitor it. Maybe I'll set up notifications with sound, I'd like to watch/contribute to the discussion also.0
-
Rick, mark and tom,
Can we meet in #linuxdotcom on irc.linuxfoundation.org at 10 pm eastern time tonight?0 -
Yes we can do that, Also I found the chat room. I'll be there at 9pm central (10pm est)0
-
RickSMO wrote:Yes we can do that, Also I found the chat room. I'll be there at 9pm central (10pm est)
Woww Sorry guys I wasn't there but here in Barcelona it was about 4am and, obviously, I was sleeping as I tend to get up at 6-7 am....
I'll read the logs tonight when I get home and see what happened
Regards0 -
no worries but still would like your input, so please let me know anything additional you'd like to add.0
Categories
- All Categories
- 216 LFX Mentorship
- 216 LFX Mentorship: Linux Kernel
- 783 Linux Foundation IT Professional Programs
- 352 Cloud Engineer IT Professional Program
- 174 Advanced Cloud Engineer IT Professional Program
- 80 DevOps Engineer IT Professional Program
- 146 Cloud Native Developer IT Professional Program
- 136 Express Training Courses
- 136 Express Courses - Discussion Forum
- 6.1K Training Courses
- 44 LFC110 Class Forum - Discontinued
- 70 LFC131 Class Forum
- 42 LFD102 Class Forum
- 226 LFD103 Class Forum
- 18 LFD110 Class Forum
- 36 LFD121 Class Forum
- 18 LFD133 Class Forum
- 7 LFD134 Class Forum
- 18 LFD137 Class Forum
- 71 LFD201 Class Forum
- 4 LFD210 Class Forum
- 5 LFD210-CN Class Forum
- 2 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum - Discontinued
- 2 LFD233 Class Forum
- 4 LFD237 Class Forum
- 24 LFD254 Class Forum
- 692 LFD259 Class Forum
- 111 LFD272 Class Forum
- 4 LFD272-JP クラス フォーラム
- 12 LFD273 Class Forum
- 135 LFS101 Class Forum
- 1 LFS111 Class Forum
- 3 LFS112 Class Forum
- 2 LFS116 Class Forum
- 4 LFS118 Class Forum
- 4 LFS142 Class Forum
- 5 LFS144 Class Forum
- 4 LFS145 Class Forum
- 2 LFS146 Class Forum
- 3 LFS147 Class Forum
- LFS148 Class Forum
- 15 LFS151 Class Forum
- 2 LFS157 Class Forum
- 23 LFS158 Class Forum
- 6 LFS162 Class Forum
- 2 LFS166 Class Forum
- 4 LFS167 Class Forum
- 3 LFS170 Class Forum
- 2 LFS171 Class Forum
- 3 LFS178 Class Forum
- 3 LFS180 Class Forum
- 2 LFS182 Class Forum
- 5 LFS183 Class Forum
- 31 LFS200 Class Forum
- 737 LFS201 Class Forum - Discontinued
- 3 LFS201-JP クラス フォーラム
- 18 LFS203 Class Forum
- 127 LFS207 Class Forum
- 2 LFS207-DE-Klassenforum
- 1 LFS207-JP クラス フォーラム
- 302 LFS211 Class Forum
- 56 LFS216 Class Forum
- 52 LFS241 Class Forum
- 48 LFS242 Class Forum
- 38 LFS243 Class Forum
- 15 LFS244 Class Forum
- 2 LFS245 Class Forum
- LFS246 Class Forum
- 48 LFS250 Class Forum
- 2 LFS250-JP クラス フォーラム
- 1 LFS251 Class Forum
- 150 LFS253 Class Forum
- 1 LFS254 Class Forum
- 1 LFS255 Class Forum
- 7 LFS256 Class Forum
- 1 LFS257 Class Forum
- 1.2K LFS258 Class Forum
- 10 LFS258-JP クラス フォーラム
- 118 LFS260 Class Forum
- 159 LFS261 Class Forum
- 42 LFS262 Class Forum
- 82 LFS263 Class Forum - Discontinued
- 15 LFS264 Class Forum - Discontinued
- 11 LFS266 Class Forum - Discontinued
- 24 LFS267 Class Forum
- 21 LFS268 Class Forum
- 30 LFS269 Class Forum
- 202 LFS272 Class Forum
- 2 LFS272-JP クラス フォーラム
- 1 LFS274 Class Forum
- 4 LFS281 Class Forum
- 9 LFW111 Class Forum
- 259 LFW211 Class Forum
- 181 LFW212 Class Forum
- 13 SKF100 Class Forum
- 1 SKF200 Class Forum
- 1 SKF201 Class Forum
- 795 Hardware
- 199 Drivers
- 68 I/O Devices
- 37 Monitors
- 102 Multimedia
- 174 Networking
- 91 Printers & Scanners
- 85 Storage
- 757 Linux Distributions
- 82 Debian
- 67 Fedora
- 16 Linux Mint
- 13 Mageia
- 23 openSUSE
- 148 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 353 Ubuntu
- 468 Linux System Administration
- 39 Cloud Computing
- 71 Command Line/Scripting
- Github systems admin projects
- 93 Linux Security
- 78 Network Management
- 102 System Management
- 47 Web Management
- 61 Mobile Computing
- 18 Android
- 31 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 370 Off Topic
- 114 Introductions
- 173 Small Talk
- 22 Study Material
- 796 Programming and Development
- 302 Kernel Development
- 476 Software Development
- 1.8K Software
- 236 Applications
- 183 Command Line
- 3 Compiling/Installing
- 987 Games
- 317 Installation
- 93 All In Program
- 93 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)