Detect malicious traffic with MalTrail in Linux

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name, URL, IP address or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).

Features

  • Uses multiple public blacklists (alientvault, autoshun, badips, sblam etc)
  • Has extensive static trails for identification (domain names, URLs, IPaddresses or User-Agent values)
  • Optional heuristic mechanisms for detection of unknown threats
  • Based on Traffic -> Sensor <-> Server <-> Client Architecture
  • Web reporting interface

Continue reading “Detect malicious traffic with MalTrail in Linux”

Build a virtual machine with VirtualBox in Linux

Virtualization is almost as old as our beloved integrated silicon chips.
At the beginning of the 1960s, there had been two major computing issues.
First, many individual mainframe models were bespoke, so incompatible.
The other stumbling block was that as integrated processors became more powerful, institutions wanted to implement flexible “timesharing” between multiple users.

VirtualBox 5.2 on Fedora

IBM dismissed this multi-user batch processing was definitely the future! But in 1963, it lost a large MIT contract to General Electric. Realising its huge mistake, IBM developed the general purpose S/360 architecture, which could be implemented on a wide range of compatible systems. In 1965, IBM released the S/360-76, the world’s first mainframe to support virtualisation. And the rest is very much history.

Continue reading “Build a virtual machine with VirtualBox in Linux”

Stop & uninstall Windows Telemetry/Tracking

This has been going around on the ‘Net the past few days. It has been found that Windows 10 uploads data to its servers even when every “feature” and app that normally might be expected to do that is disabled/uninstalled. For example, even if you don’t use the Cortana voice-command feature or Bing search, stuff is still being uploaded to Microsoft servers related to this. And even when users choose to not participate in any sort of customer improvement options and disable any kind of tracking, it is still tracking and uploading things.

maxresdefault

Not only is this a big privacy issue, there is also a system performance issue, as extra CPU cycles must be run and disk and network activity must occur to process these telemetry-related tasks.

And it is also the case that Windows 8.1 and 7 also are now doing this. Microsoft has been adding all these telemetry and tracking aspects to them lately through Windows Update, making them closer to Windows 10.

The advice from many experts now is to not go near Windows 10. Do not install it. Retain your privacy and control over your systems.

Below are instructions for disabling the unwanted telemetry/tracking in Windows 7 and 8.1

Continue reading “Stop & uninstall Windows Telemetry/Tracking”

Do I need An antivirus in linux?

Afraid to answer a bit background knowledge is necessary first.

Viruses hardly exists any more. Programs that infect other executables, overwrite parts of them and/or add new code to them is not how malware spreads nowadays in most cases. In windows that distinction is not really necessary, windows users use the term “virus” to describe every form of malware (and user error, sorry, couldn’t resist 😉 ). But in Linux that distinction is important as virus scanners in Linux do exactly what the name says…they scan for viruses. They don’t protect you against attacks from websites in any form. And on top of that they hardly even scan for Linux viruses…there are only very few proof-of-concept Linux viruses at all. And due to people never installing anything themselves but always packages provided by the distro through the package manager there is almost no attack surface for traditional viruses…no spreading of .exe saying they are the most fancy screensaver or similar. So the Linux virus scanners actually mostly scan for windows viruses, for example in a mail server scanning email attachments before delivering the mails.

Continue reading “Do I need An antivirus in linux?”

How to: Get rid off Microsoft’s OneDrive with one file.

With this shellcode you can get rid of Microsoft’s OneDrive plague. Which allows Windows (10) automatically store you private stuff and can be access by Microsoft staff for “juridical” reasons  according to the privacy statement.
Paste this code below in into your favor text editor such as notepad++ (which i recommend).

@echo off
cls
set x86=”%SYSTEMROOT%\System32\OneDriveSetup.exe”
set x64=”%SYSTEMROOT%\SysWOW64\OneDriveSetup.exe”
echo Closing OneDrive process.
echo.
taskkill /f /im OneDrive.exe > NUL 2>&1
ping 127.0.0.1 -n 5 > NUL 2>&1
echo Uninstalling OneDrive.
echo.
if exist %x64% (
%x64% /uninstall
) else (
%x86% /uninstall
)
ping 127.0.0.1 -n 5 > NUL 2>&1
echo Removing OneDrive leftovers.
echo.
rd “%USERPROFILE%\OneDrive” /Q /S > NUL 2>&1
rd “C:\OneDriveTemp” /Q /S > NUL 2>&1
rd “%LOCALAPPDATA%\Microsoft\OneDrive” /Q /S > NUL 2>&1
rd “%PROGRAMDATA%\Microsoft OneDrive” /Q /S > NUL 2>&1
echo Removeing OneDrive from the Explorer Side Panel.
echo.
REG DELETE “HKEY_CLASSES_ROOT\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}” /f > NUL 2>&1
REG DELETE “HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}” /f > NUL 2>&1
pause

Then, save the file as file.cmd ( example OneDriveSucks.cmd), then execute the .cmd file as administrator by right click on it. Reboot computer and your are 1% in progress of privacy in Windows 10.

Why Linux Distro’s Are More Secured Than Any Other Operation Systems

Linux is an open source operating system where everyone can read the entire codes but still it is considered more secure as compared to the other operating systems. Linux has been extensively deployed in the tech market as many of the gadgets are Linux based and that is why more people are building trust on the Linux platform. To throw more light on why Linux has superior internet security capabilities, let us check out some of its security features.

Linux

Continue reading “Why Linux Distro’s Are More Secured Than Any Other Operation Systems”

The Complete Guide for Hidden Services And Staying Anonymous

The free Internet that many of us loved has become a surveillance web, serving governments and mega-corps, while abusing the rest of us. For those whose eyes are opening to this sad fact, I’ve have assembled this guide.

This purpose of this guide is to make Internet privacy as simple and concise as possible. Our intention is not just for you to understand, but for you to
act upon the information we give you.

Learning to protect yourself online is simple, and does not need to interfere with your daily activity. This is the complete  guide to surfing anonymously. What steps you choose to take depend upon what you wish to guard against. Each level will require more work or money to achieve, but gives much greater protection.

Large Man Looking At Co-Worker With A Magnifying Glass --- Image by © Images.com/Corbis
Large Man Looking At Co-Worker With A Magnifying Glass — Image by © Images.com/Corbis

Continue reading “The Complete Guide for Hidden Services And Staying Anonymous”

Firefox 37 Will Now Encrypt Non HTTPS Traffic

In an effort to protect its users privacy, the developers of Firefox web browser have made some serious changes that will allow to encrypt non HTTPs (http://) traffic.

How is that even possible? You can thank opportunistic encryption, a technique, which encrypts the communication when connecting to another system. As a result, Firefox will route HTTP (port 80) requests that are usually sent in the cleartext to a port of server administrator’s choice. In addition to that, users won’t experience any delays as connections will be fully established before they are even used.

The only requirement? A server must support HTTP/2 protocol and specify the AltSvc header.

As far as other important Firefox 37 changes go, it improves YouTube HTML5 playback on Windows as well as WebGL rendering performance, uses HTTPS for Bing search and improves protection against site impersonation via OneCRL centralized certificate revocation.