Create a Secure Wireless Internet Access Point With Linux

|

Linux.com has an article on how to create a secure Linux-based wireless access point.

"Wi-Fi Protected Access version 2 (WPA2) is becoming the de facto standard for securing wireless networks, and a mandatory feature for all new Wi-Fi products certified by the Wi-Fi Alliance. We all know the security weaknesses of its predecessor, WEP; this time they got it right. Here's how to implement the WPA2 protocol on a Linux host and create a secure wireless access point (WAP) for your network."

New Invisible Rootkit

| |

CIO.com has an article about a new type of invisible rootkit.

"Security researchers have discovered a new type of rootkit they believe will greatly increase the difficulty of detecting and removing malicious code.

The rootkit in question, called Backdoor.Rustock.A by Symantec and Mailbot.AZ by F-Secure, uses advanced techniques to avoid detection by most rootkit detectors."

A rootkit, is a type of malicious program that allows someone to conceal that they have taken over your computer. Rootkits are very difficult to find, and this new method is even more sophisticated.

As usual, using a Linux live CD will bypass all possible rootkits that may be running on public computers.

How to Install Linux on a Bootable USB Thumb Drive

|

A few people have asked me how to install Linux to a bootable thumb drive. I carry around Damn Small Linux on my thumb drive and it works great. It only takes up 50MB on my 256MB thumb drive, which leaves me about 200MB free for my other files.

With Damn Small Linux, you just download it and burn the Linux file to a CD. Then boot the computer from the CD drive and use the menu option to install Damn Small Linux to the thumb drive.

I just found this great resource on how to install Linux to thumb drives: pendrivelinux.com. I haven't installed Linux to a thumb drive with any distro except for Damn Small Linux, and I'm looking forward to trying some of the methods mentioned on pendrivelinux.com.

Europe Has the Most Zombies

EmailBattles.com has an article about how Europe has the most zombie computers.

Zombie computers are computers that have been taken over by malicious software. Zombies are used for various unwholesome purposes, such as the creation of botnets — massive networks of zombie computers that combine computing power and bandwidth to distribute spyware, send spam, and perform other bad activities. One botnet was found to contain 1.5 million zombie computers. It was controlled by only three persons, and as the article said, "...it was just a drop in the ocean". That gives some idea of the magnitude of the problem.

Computers can be turned into zombies through trojan horses. They are just another example of the high security risk of using public computers that have thousands of different people using them. You just don't know what kinds of bad things the computer might be doing. Fortunately you can entirely bypass the infected state of a public computer by using a Linux live CD.

Zombie Computer Statistics

If you are interested in seeing live statistics about zombie computers, check out CipherTrust.com.

Phishers Bypass Two-Factor Authentication

| |

Phishing is a common form in Internet fraud, where criminals send you an email (for example) that pretends to be from a bank, PayPal, eBay, Amazon.com, or another web site. The emails often say things like, "Your password has been compromised. Please click here to login and update your password."

If you click on the link you are taken to a fake web site that looks just like the real thing. The criminals hope that you will enter your password and credit card information into their fake web site.

In a twist on the common form of phishing, a scam has been spotted where the criminal's web site asks you to type in your two-factor authentication code (example) and it automatically logs into your bank account with your credentials.

Browser Stats for LinuxforTravelers.com

Interesting browser statics for July. These are the browsers that people are using to visit this site:

Upgrade to Firefox 1.5!
Firefox 56.9 %
MS Internet Explorer 22.6 %
Unknown 11.5 %
Opera 4 %
Safari 1.3 %
Netscape 1.2 %
Mozilla 1 %
Konqueror 0.9 %
K-Meleon 0.1 %
Lynx >0 %

It is interesting that only 22% are using Microsoft's Internet Explorer. 4% is an unusually high figure for Opera.

Security experts have warned people not to use Internet Explorer. If you haven't tried Firefox, you can download Firefox for free. It runs on Windows, Mac and Linux, so give it a try!

Online Identity Theft

|

According to a Federal Trade Commission Report, "Internet-related complaints accounted for 46 percent of all fraud complaints."

In contrast, a study by Javelin Strategy and Research indicated that 9% of identity theft comes from malware and hacking. The Javelin study suggests that most identity theft happens offline, but that online identity theft can be more severe and harder to figure out:

"...per-incident losses for online fraud have increased from an average of $2,897 in 2004 to an average $6,432 in 2005 (an increase of 122 percent)...

Phishing scams also seem to take longer for victims to figure out: the average length of misuse of personal information resulting from a phishing scam was found to be 173 days. Personal information stolen by friends, family, or employees was misused for an average of 134 days, while lot or stolen credit cards were misused for an average of 75 days."

For more information on identity theft, visit the Federal Trade Commission's identity theft web site.

Ubuntu Live CD: Save Settings to Thumb Drive

|

Cyberciti.biz has a tutorial on how to save your settings and data to a USB device on the Ubuntu live CD.

The tutorial involves use of the terminal. If you want to save your settings to a thumb drive without having to set things up with the terminal, there are other distros that have this feature built in. Examples of distros that include this feature are PCLinuxOS, Slax, Knoppix, and Puppy Linux.

After I try this technique with the Ubuntu live CD, I'll post my results here and see if I can explain it in simpler terms.

Taiwan Mandates Linux-ready PCs

Zdnetasia.com has an article about how Taiwan is mandating that all new government PCs must be Linux-compatible.

"According to media reports, the new requirement came into effect last month, marking the start of efforts to boost adoption of open-source software in Taiwan. About 120,000 new desktop PCs acquired by the Taiwan government will have to comply with the new mandate, the reports stated."

You can read the full article here.

Debian-based GNU/Linux Live CDs

|

DebianHelp.co.uk has a great list of Debian-based GNU/Linux live CDs.

Some excellent live CDs based on Debian are Ubuntu, Damn Small Linux, Knoppix, Elive, and many more.

Some interesting excerpts from the DebianHelp.co.uk page, highlighting Linux live CDs that are being developed by European governments:

"Linex
Linex is a Debian-based distribution being developed by the regional government of Extremadura (Spain). The main goal is to migrate all the computer systems, from government offices, to businesses to schools into Linux.
Project Home Page :- http://www.linex.org/

...

MoLinux
MoLinux is an Ubuntu-based Linux distribution developed by the government of Castilla la Mancha in Spain.
Project Home Page :- http://www.molinux.info/

...

ERPOSS
During LinuxTag 2004 the German Federal Office for Information Security (BSI) and the company credativ unveiled the Linux Government Desktop. The Linux Goverment Desktop has been developed within the scope of the project ERPOSS which evaluates Open Source Software in government environments.Composed entirely of free software the distribution is available as a live CD as well as an install CD. One of the highlights brought by the Government Desktop is the fact that it saves the whole data on encrypted filesystems.
Furthermore KMail is preconfigured to send and receive encrypted e-mail (GnuPG and S/MIME) and to make use of all kinds of authority certificates. The package is completed by integrated spam and virus protection and a preconfigured personal firewall.
Project Home Page :- http://www.bsi.bund.de/produkte/erposs/"

You can see the full list of live CDs here.