...........:::::::Crossing Platforms::::::..................
di 5am ...no warranty!
written by feramenta - feramenta@10011.org
----------------------------------------------------------------
A little basical how-to to use your own resources on any platform.
Minimal knowledge required: knowledge of your own OS!
----------------------------------------------------------------------------------
Intro
We often have to tackle some problems, that we can easily solve by ouselves, by conforming the way we use e-mail, sharing standard files which are readable for all, checking if we have virus or "disturbing" processes and -above all- remaining anonymous, no matter wich OS we use. Because it does happen that sometimes we mightuse a PC with windows, or a PC with Linux or a Mac OS X, at a friend's, at work, in an internet cafe, at school or at a university.
1. Files
A file is a series of codified information, a single sequence of bytes ( a byte - contraction for of bynary term - is a sequence of bits) and their number depends on the physical implementation of our computer, stored as a single block on a mass storage (any medium which is able to store data: hard disks, floppy disks, cd-roms, dvds, usb-pen drives, smart cards) in the file system.
Files can have different permissions (that means: who can do what and how) and executability (interaction with the computer).
The fun of linux is that everything is a file! But we have to tackle problems when we have to use other OS...so it's important to understand how to share files, that is which extensions we have to use. An extension is the capacity of associating a programme and a file, so that users can (at least!) read the file.
file.txt readable by all > not formatted text
file.pdf readable by all > not formatted text
file.htm or .html readable by all > web browser
file.zip readable by all > compressed data
file.jpeg or file.jpg readable by all> image
file.gif readable by all> image
file.png readable by all> image
file.mp3 readable by all> audio
file.ogg readable by all> audio
file.avi readable by all> video
file mp4 readable by all> video
file.mpg readable by all> video
It's important, therefore, to use "standard" extensions, and not specific extensions, independently from the OS you use, in order that your file is always usable.
2. E-Mail
E-mail is today an essential tool, but it's also necessary to be conscient in its use.
Avoid sending personal data. Do it only if you're sure about the receiver in the transaction! Try, as much as possible, to be anonymous. Use, if possible, encryption. If you send a message to several people who don't know each other, it' important not to let them all see their e-mail adresses; so put the receiver adresses in BCC (which stands for Blind Carbon Copy); you can either put your own adress as first receiver (in the To: field), or leave it blank,and put all the other email addresses in BCC: .
It is possible to attach files.
A lot of servers set a maximum allowed size for the message you send, and you have to observe it otherwise your message cannot be sent. Wen you receive an attachment, verify who is the sender of the files; the files could contain a virus (for microsoft). You can send any kind of file as attachment. Mail clients can allow you to set filters, in order to avoid downloading certain kinds of files. Use always standard and not proprietary extensions (see chapter 1). Do not send the same attachment to a list of people, unless they are expecting it.
2.1 E-Mail client
An e-mail client is a programme that allows us to send and receive e-mails; e-mails can be delivered directly by the "mailman" (SMTP -simple mail transfer protocol-) to your home (POP, POP3) or delivered to the "post office" (IMAP - internet message access protocol - or webmail). The mailman is, in this case, a protocol that, depending on the "uniform" he wears, allows a certain kind of connection. SMTP transmits your mail, POP, POP3 and IMAP are mail transfer protocols like webmail.
You can use different clients (post offices), but if you want to semplify your life use, we suggest you to use Thunderbird; you can install it very easily on all OS, if you have a PC which allows you to manage a graphical interface! ;) and if you have the permissions to install your stuff!
Use SSL (Secure Socket Layer)* for your mail. Verify the source from which you download your programs, data, images, etc. Always verify who sends you what!
3 Browser
A browser is a program which allows you to visualise (interpret) multiple files (hypertext) with html or xhtml extensions.
Browsers interpret the HTML (Hypertext Markup Language) code more or less freely. Some HTML editors include "proprietary" tags that not all browsers can interpret, for example "Front Page", that optimises HTML for Internet Explorer, but that causes interpretation problems with other browsers!
Use SSL as much as possible, which allows you to send and to receive encrypted web pages.
4 Computer viruses and processes
Computer viruses are self-replicating computer programmes that spread by inserting copies of themselves into other executable code or documents. Sometimes they just damage the software of your computer, sometimes the hardware, too, for example causing the fan to power off, or causing overclocking (forcing a computer component to run at a higher clock rate than designed). All that applies to the Windows world. Regarding Linux, we can't talk about viruses, but about "security holes" and "process vulnerability".
4.1 Windows
Windows, the Microsoft OS, is made up in its kernel of strings* and keys* that compose registries*. Registry keys tally with variables (a value assigned to a memory location) in Linux. A .exe file always depends on a .dll or .inf file. A virus is made up of a little group of files, spread in the System32 or System, that also penetrate the registries so that they are executed when the system starts. A lot of programmes are able to clean registry keys, but they actually build other ones!to visualize the windows registry:
"run" window--->regedit--->enter
finestra ╲run╡ ---> regedit ---> enter
You'll have a window with a series of "mother" directories and subdirectories.
The registry classes are made like this:
HKEY_CLASSES_ROOT >> data that associates programmes with files
HKEY_CURRENT_USER >> user configurations and customisation
HKEY_CURRENT_CONFIG >> hardware configuration
HKEY_USERS >> configuration information for all user profiles
HKEY_LOCAL_MACHINE >> configuration information for all users profiles
matches with systemroot\system32\config hw, software
and OS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
here are the .exe that start when the system starts
HKEY_USERS\username\Software\Microsoft\Windows\CurrentVersion\Run
here are the .exe referring to the user, that start when the system starts.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page
here the Explorer startpage is modified.
To open a console (command line) on windows xp:
start ---> run ---> cmd (command line) enter
A DOS window will open, where you can write commands to verify your computer status. To verify your net connection you have two essential commands: "netstat -an", to verify your connection status, address and port numbers (numbers that identify a connection) and the IP adress (name and surname of your network card); and ipconfig/all to see full configuration information.
Tips:
Disable Outlook
Disable system restore
Disable Macros* and server connection of various programs (Adobe, Winplayer...), use alternative programmes with GNU/GPL license:
Open Office for every platform...and the pain is gone!
Always update your programmes and system with the patches released from time to time.
Disable the Macro Functions in Office and Outlook. Do this operation during the installation of the programme (MS Office).
4.2 Linux
If you are working with a PC with Linux or something similar, you'll get less virus problems and malicious code. A good policy is to enable and disable services depending on your needs and your aims. If you want to check which processes are active, write on the command line:
--------------------------------------------------------------------
| [my_machine@me me]$ ps -aux |
--------------------------------------------------------------------
This command allows you to visualise all system processes with the username of the process owner, process ID, process path, real memory used, and the terminal port associated with the process. If you can read it, you'll find out what's wrong.
To verify the network connection and the connections created with other computers, write:
-------------------------------------------------------------------
| [my_machine@me me]$ netstat -aepln |
-------------------------------------------------------------------
and:
------------------------------------------------------------------
| [my_machine@me me]$ more /var/log/messages | ------------------------------------------------------------------
In this file you can find out what your computer is doing: system errors, various reports, various host negotiations and authentications.
Some services are "dangerous" too; telnet*, which allows your computer to communicate with other computers in the same network, is actually a communication protocol, which works with a specific port (23); FTP (file transfer protocol) has a specific port, too (21)...like SSH* (22) or HTTP* (80). The file /etc/services manages this information.
"A closed port is a totally safe port!!!!!"
You find services (as processes) in /etc/rc.d/ or /etc/init.d/ (it depends on the linux distrubution you use). It's important to understand what we actually need in an OS and what we don't need, in order to use the resources in the best possible way and to get as much security as possible.
Chkrootkit is a good tool!
Chkrootkit is a set of tools to locally check for processes in Unix and scan all the system parts very thoroughly.
SSH/SCP/SFTP
SSH (secure shell) is the best way to log into an other machine and share/copy files. Always update your version. Generally you have to deal with .tar.bz, that you have to compile by yourself. SCP is an encrypted protocol which allows two hosts to share files, like SFTP, the encrypted version of FTP.
tips:
Multiuser as self-defense (root, users and su); never log in as root, use an user; if you need administrator privileges use su or sudo (su is easier)!
5. Password
Keep your password secret.
Never give you password to anybody.
Never use the same password for more things.
Never use your root password for other stuff!
Neither write nor register you password online.
Your password should be a reasonably long combination of upper/lower case letters, numbers and special characters.
Never use words that you can find in a dictionary.
Never use personal information, like age, hostname, date of birth...
6. "Live Distro"
Sometimes you cannot log-in on a computer, but a live distro can easily save our lives!! boot from the CD-ROM, and start. This way you’ll be able to use all the resources without "violating" anything! If your PC doesn't start from CD, you have to enter in the BIOS and set boot device CDROM. Live distro are several: choose your favourite one! Of course you can use an installation CD, whitout "installing" anything on the hard disk. Working this ways requires some hardware and software knowledge.
for further information:
http://www.cert.org
http://www.symantec.com
http://www.openssh.org
http://www.openssl.org/
http://www.chkrootkit.org./
http://en.wikipedia.org/