Grass Roots Security will be presenting on 4-29-2010

Anthony Gartner will be doing a presentation on Thursday April 29, on the topic of “What is Cyber Security?”  It is part of a local meet up group for technology.

The presentation will be done at:

575 Lynnhaven Pkwy #101
Virginia Beach, VA 23452

Topics that will be discussed include:

  • Using Care when reading and opening email attachments
  • Making backups of important files and folders
  • Using strong passwords
  • Using and installing and hardware firewall
  • Things you need to know before connecting to that “FREE” WiFi
  • When to hire an IT professional

Have questions on piracy, intrusion, identity theft, virus, spam, worm, Trojan horse, malware, spyware, etc…We will discuss and help answer these questions to avoid cyber crimes and security risks.

More information can be found at the meetup site.

So please come out and look for me on Thursday Night!!!!

Turning on a Software Firewall on Ubuntu (Linux): Prep Step(s)

This post is meant to be a follow up to Anthony’s earlier entries regarding Firewall preparation.  Anthony had covered preparing your Windows XP/Vista/Win7 & Mac OS X software firewalls.

What about Linux though?  For those of you that just shook your head and asked “What the hell is Linux?”, it is an Open Source Operating System that has been around since 1991 and is worked on by thousands of developers.  It is probably the most configurable OS out there, but the heavy use of command line tends to scare many average users away.  There are many different distributions of Linux, with one of them being Ubuntu.  With the development of Ubuntu, Linux is now not only for the technically savvy (read: command line junkies).  Ubuntu has become a very popular version of Debian-Linux, which is a fairly stable Distro, that is excellent for average computer users and is focused on usability & ease of installation (read: lots of GUI).

With that said, I am going to focus on Ubuntu here.  The firewall that is used by Linux distributions is called iptables.  It is a command line utility that would make the average user faint.  In Ubuntu, the UFW or Uncomplicated Firewall was created, but is still another command line utility.  So, eventually, Gufw or Graphical Uncomplicated Firewall was born.  It is the GUI frontend for the UFW firewall utility.

The prep for the Ubuntu firewall is not as simple as with Mac OS X or Windows XP/Vista/7, but it is a very easy application to work with.  Let’s get started….

First off, Gufw is not installed by default.  Let’s get that taken care of.  Open a terminal and type apt-get install gufw:

Or, you can use the GUI, Synaptic Package Manger by going to System->Administration->Synaptic Package Manager, go to the search box and type in gufw and mark it for installation & click Apply:

Once that is done, open up Gufw by going to System->Administration->Firewall configuration:

Gufw will now open and you will see this when it first starts:

When you first enable the firewall, it will be set to Allow both Incoming & Outgoing traffic.  You will want to change the Outgoing traffic from Allow to Deny to start off:

Also, if you check in Edit->Preferences you will notice that both logging options are turned on by default and that you can set the log detail level you want.  You will need to play with this to get your desired results:

From there you can Add rules for your firewall:

Let’s start at the Preconfigured tab.  For example, let us say you have no intentions to use FTP (File Transfer Protocol) to remotely push files to your computer, you can use the options under the Preconfigured tab to set it up like so:

You can also go to the Simple tab and choose to either Allow, Deny, Reject or Limit incoming or outgoing communications over a specific port.  In the next example, I chose to reject incoming TCP connections to Port 23 (TELNET):

Finally, you can go to the Advanced tab and set rules that will Allow, Deny, Reject or Limit incoming or outgoing communications (TCP, UDP or both) from a range of IP Addresses and Ports:

Well, I hope this post sets you in the right direction.  For more information, check out the following resources:

The Gufw Project homepage:

The Ubuntu Community Help page:

Joe Garcia

Host- Cyber Crime 101

Simple ideas to avoid being compromised!!!

I have been spending a little bit of time on some message boards.  These are areas where you basically follow conversations that happen on a specific topics.  While perusing these boards I have seen an increase in people saying to ignore links that have been sent by a person or that the accounts they have had were compromised, and to ignore what might have been sent by the person.

This is a very common problem that people deal with.  What i find funny is how some simple adjustments to their behavior would have prevented this from happening.  The question this invites is “How to I keep from becoming a Victim?”

There are some common sense techniques that will help here.

- Email Links: Do not click a link in an email and expect it to be legitimate.  Bad guys do a GREAT job of duplicating a legitimate web sites look and feel. Especially for bank sites

- Passwords: I know I have gone into passwords before but it is worth repeating.  Change your passwords if nothing else when you reset your clocks for Daylight Savings Times.  Do not use forms of your passwords on sites.  This means you have given someone who manages to get your password a very great advantage to learning more.

- Limited User: Windows computers since Windows 2000 have had a concept of Administrator Users and Limited Users.  If you set up a second account on your computer as a Limited User, you will be expected to put a password in to allow your computer to function for many things like installing software.  This is a minor inconvenience, but a major life saver in the event you have a program trying to install that you did not know about.  It means you have to give it permission to work, and if you did not want it installed the installation will stop when you hit cancel.

Image of the Standard User Selection

Choose Standard User

- Updates: Update your Windows Operating System, your Anti-virus, Spy-ware, Mal-ware, and Programs in general.  Many times patches and updates are released because of a security or program flaw.

These are simple ideas that add up to a fairly robust prevention scheme.  There is nothing that is rocket science on these ideas and nothing difficult to implement.

Fixing the problem, “after the fact” is always more difficult than a few minutes of prevention.

Happy Surfing (and hopefully safer too)!!!

Hear all about it!!! – Anthony Gartner from Grass Roots Security is interviewed by Joe Garcia of Cybercrime101

The other day, I was asked to come on to a friend’s podcast.  This was a treat because, I was asked to specifically talk about this blog.  It was a good question an answer session between me and Joe Garcia.  Joe does the Cybercrime101 Podcast.  It is a podcast about Staying safe as well.  I would encourage you to take a look at it.  It is a great cast to listen to for higher tech and for those that are not.

We talked on a variety of topics, including what I have done with the blog so far, as well as upcoming topics.  Guess you will have to go listen to it to see what the next set of topics will be.

I have set it up so that you can listen to the show at the bottom of this post, or you can go to Itunes to listen to it, or even go to Joe’s site to listen or download the show.  I think it will be informative and give you a chance to hear me speak on the topic of my passion.

Thank you for looking at this new endeavor

Anthony Gartner