Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: How does my security model sound?

  1. #11
    Join Date
    Mar 2011
    Beans
    701

    Re: How does my security model sound?

    I would suggest that you set up an AppArmor profile for whichever browser you're using. If you're doing online banking you should configure Firefox to use NoScript and only whitelist the websites you use.

    A combination of Firefox with NoScript and AppArmor is likely the best defense for online banking.

    If you us Google Chrome make sure you go to Content Settings and disable Javascript - only enable it for websites you use. Also disable plugins, set all plugins to Click To Play.

    Make sure you keep your operating system and your browser up to date. There is no level of security that can protect you from an unpatched system.

    If the system is off it can't read info from the USB.

    I suggest installing TrueCrypt and using it to store any and all information that's sensitive/ confidential. Create a strong password of at least 12 characters and possibly store a key file on the USB drive as well (useful if an attacker pulls the encrypted info, but not the key file, or if the encrypted info is on the USB put the keyfile on the disk).

    Depending how crazy you want to get into it you can start to create your own AppArmor profiles for any other programs you've got installed. You can also look into patching your Lubuntu with GRSecurity/ PaX but this is somewhat tedious, you have to weigh the cost and rewards yourself, I don't know how secret your system needs to stay.


    For Windows:
    Make sure you stay up to date. Check your OS for updates daily, and every second Tuesday of the month there's a large set of patches. Make sure you keep your browser, plugins, PDF reader, document viewer, etc all up to date.

    Disable any services (go to services.msc) that you don't use (be careful here, always look up what a services does before disabling it). For example: if you don't print you can disable the spoolsrv service, which handles printing and has been exploited.

    Make sure that you're running EMET (here is a guide I've written to set EMET up ) and that you protect all internet facing profiles. Follow the guide and you should stay secure. Potentially turn DEP, SEHOP, and ASLR to Always On to ensure your system makes use of security mitigations.

    If you can move to Windows 8, and you don't mind the interface, I recommend doing so. It's more secure than Vista/ 7. If you're still on XP you should understand that trying to protect your system against a determined attacker is virtually futile without completely overbearing policy etc. It's outdated and can't be secured easily, move to at least Windows 7.

    I can't think of much else.
    sig

  2. #12
    Join Date
    Nov 2012
    Beans
    10

    Re: How does my security model sound?

    Thank you all for your replies.

    Windows malware won't run if Windows isn't running. If the system is powered off then nothing will be running at all, including the USB drivers that would tell the system that a USB device is plugged in.
    I assume the same applies when booting?

  3. #13
    Join Date
    Nov 2009
    Beans
    919
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: How does my security model sound?

    Yeah, if you don't boot to Windows then anything that only runs in Windows won't run.

  4. #14
    Join Date
    Nov 2012
    Beans
    10

    Re: How does my security model sound?

    Quote Originally Posted by OpSecShellshock View Post
    Yeah, if you don't boot to Windows then anything that only runs in Windows won't run.
    Great, because the only reason I asked is because when I removed the hdd to install Lubuntu on my flash drive, the boot screen said "hard drive not found" and then proceeded to boot from the cd-rom, so I just wanted to make sure it never activated windows during that period.

  5. #15
    Join Date
    Nov 2012
    Beans
    10

    Re: How does my security model sound?

    bump

  6. #16
    Join Date
    Nov 2009
    Beans
    919
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: How does my security model sound?

    If the hard drive that was removed is where Windows was, then it couldn't have booted. As for the CD ROM drive being used for boot rather than the USB stick, that's most likely because of the way the boot order is set up in the BIOS. You can generally go in and specify which disk you want it to use first, and that will default to a CD most of the time.

  7. #17
    Join Date
    Nov 2012
    Beans
    10

    Re: How does my security model sound?

    Quote Originally Posted by OpSecShellshock View Post
    If the hard drive that was removed is where Windows was, then it couldn't have booted. As for the CD ROM drive being used for boot rather than the USB stick, that's most likely because of the way the boot order is set up in the BIOS. You can generally go in and specify which disk you want it to use first, and that will default to a CD most of the time.
    So basically if the USB drive is set at a higher position in the BIOS boot order there is no way that a theoretical Windows malware could read what is on the flash drive when booting?

    Thanks.

  8. #18
    Join Date
    Sep 2011
    Beans
    1,531

    Re: How does my security model sound?

    I think you're confused about how operating systems work. The first thing that boots on a computer is the BIOS, which is the hardware initializing. Once that is complete then the computer looks for an operating system. The BIOS hands control over to the operating system once it finds it.

    If you have told the computer to boot to a flash drive, then all of the other operating systems on your computer remain dormant and essentially turned off. Whatever operating system is on the flash drive is the only one that will wake up.

    If you have malware on the windows operating system of your computer but you always boot to a linux operating system on a flash drive, then the windows malware will remain turned off. There are ways to move files from a sleeping windows drive into a running linux operating system (by using 'mount') but you would have to purposely do that- I don't know how you would accidentally do it.

  9. #19
    Join Date
    Nov 2012
    Beans
    10

    Re: How does my security model sound?

    Quote Originally Posted by Ms. Daisy View Post
    I think you're confused about how operating systems work. The first thing that boots on a computer is the BIOS, which is the hardware initializing. Once that is complete then the computer looks for an operating system. The BIOS hands control over to the operating system once it finds it.

    If you have told the computer to boot to a flash drive, then all of the other operating systems on your computer remain dormant and essentially turned off. Whatever operating system is on the flash drive is the only one that will wake up.

    If you have malware on the windows operating system of your computer but you always boot to a linux operating system on a flash drive, then the windows malware will remain turned off. There are ways to move files from a sleeping windows drive into a running linux operating system (by using 'mount') but you would have to purposely do that- I don't know how you would accidentally do it.
    Now I see, thanks for the info!

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •