LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-19-2009, 08:35 AM   #31
asymptote
Member
 
Registered: Mar 2008
Posts: 236

Rep: Reputation: 37

PXE Linux and save the images to the PXE server.
 
Old 04-19-2009, 08:58 AM   #32
DragonSlayer48DX
Registered User
 
Registered: Dec 2006
Posts: 1,454
Blog Entries: 1

Rep: Reputation: 74
CC~

FWIW, PuppyLinux will install to a USB device.

Just a thought.
 
Old 04-19-2009, 09:54 PM   #33
slimm609
Member
 
Registered: May 2007
Location: Chas, SC
Distribution: slackware, gentoo, fedora, LFS, sidewinder G2, solaris, FreeBSD, RHEL, SUSE, Backtrack
Posts: 430

Rep: Reputation: 67
Ok Clueless. I recommended a fix at the beginning to your issue and you just wanted to keep pressing. You said that a file was discovered on your xp machine with all kinds of info on it. The thing is that wiping every night is not going to avoid the same issue that you are trying to prevent. It only takes a skilled hacker a few minutes to get into your machine and own it. If you want to be "secure" by wiping your system all the time. Then ANY time you process CC#'s, or any personal information for that matter you need to reload your system the SECOND you are done otherwise you could give attackers 18 plus hours to get into your system with information on the system also make sure to sanatize all the ram in the system with every reload by overwriting it 30+ times. Remember any infomation that your process on your system sits in ram until you overwrite the ram not just close the app. and if that ram is not overwritten it is possible to recover information for ram up to 48 hours after it has been powered off. You have alot of thinking to do about how to implement security. I have currently have a CISSP-ISSEP, GSEC, and others and in all my years i have never seen anyone try to go the route you are going, not even in the Govt.

I think you should look at other ways of securing your box. If you are serious about security we can help you but until then please stop with the nonsense

Last edited by slimm609; 04-19-2009 at 09:55 PM.
 
Old 04-20-2009, 12:37 AM   #34
okos
Member
 
Registered: May 2007
Location: California
Distribution: Slackware/Ubuntu
Posts: 609

Rep: Reputation: 37
Quote:
Originally Posted by Completely Clueless View Post
Nope. Sure I'm paranoid, but if YOU had discovered the full details of 16 of your credit cards with a combined available limit of WELL over $150k, together with dates of birth, billing addresses and other ID details lying about unencrypted on your HDD in a file that WINDOWS XP PRO (name it and shame it why not) claimed didn't even EXIST and you had to buy third-party forensic software to locate it and wipe it, YOU would be more cautious in future, would you not? You might even switch to another OS, in fact? And never trust ANYTHING 100% again?

BTW, "Slackwars 12.2" - is that the gaming version? ;->
Well it is probably not a good idea to store all of your credit card info on your computer. Put it on disk. I suggest to become more acquainted with security rather then a fresh install everyday.

As I stated before, you could harden your system even to the point that it is unusable.

What about using a live cd?

Are you worried about being hacked?

One thing I do for security purposes is if I buy things online, I use a virtual credit card. With it you can set the credit limit and the expiration date.
I also suggest not to have so many credit cards. You are bound to have a problem with 16 cards. Ever get somebody else's mail?

"Slackwars" is just trying to be funny. It is actually Slackware. Search for slackwars on the LQ.

Last edited by okos; 04-20-2009 at 12:48 AM.
 
Old 04-21-2009, 10:46 AM   #35
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 814

Original Poster
Rep: Reputation: 69
Quote:
Originally Posted by okos View Post
Well it is probably not a good idea to store all of your credit card info on your computer..
Sorry for the delay but I keep getting internet outages (just got back on yesterday when it went again this time for 24 hours). :-(
I didn't keep the details of those credit cards on the hard drive! That is the thing that scared me about it most. Either Windows or some rogue application saved those numbers to a hidden system file (ndtlr.sys I think it was) and just left them there unencrypted. Well I say "just left them there" but I don't know what else may have happened to them. I just found them there, but they could have been read by any hacker that got into the system..

Quote:
Put it on disk. I suggest to become more acquainted with security rather then a fresh install everyday.

As I stated before, you could harden your system even to the point that it is unusable.
Agreed. Since everyone seems to think my idea stinks, I'd be a fool (or a nutcase) to persue it.

Quote:
I also suggest not to have so many credit cards. You are bound to have a problem with 16 cards.
Hey, this was like 5 years ago and today I only have ONE card. However, I DO still have very valuable financial information about my investment dealings to worry about. Anyone getting hold of them could wipe me out far more effectively than just stealing a bunch of card numbers. What saves my ass at present is that the data do not LOOK valuable - for someone who's after CC numbers, they'd never realize their significance, fortunately. The earlier experience was a valuable wake up call, though, and I don't intend to forget it - ever.

Last edited by Completely Clueless; 04-21-2009 at 10:51 AM.
 
Old 04-21-2009, 10:34 PM   #36
j1alu
Member
 
Registered: Apr 2009
Distribution: debian gnu/linux
Posts: 798

Rep: Reputation: Disabled
Quote:
What saves my ass at present is that the data do not LOOK valuable - for someone who's after CC numbers, they'd never realize their significance, fortunately. The earlier experience was a valuable wake up call, though, and I don't intend to forget it - ever.
yes sure, i guess you`re the only one ever thought of it and as its such a good idea posting that info on a forum -especially for a paranoid person- i wanted to bump it to make it more public.
security starts with what one is calling horse sense.
 
Old 04-21-2009, 11:01 PM   #37
Quads
Member
 
Registered: Jul 2008
Location: Indiana
Distribution: Fedora, Ubuntu, Slackware
Posts: 203

Rep: Reputation: 34
There is a point of diminishing returns when it comes to security, just like anything else in life.

You can get pretty secure with not much effort, but the more security you desire, the greater the effort for little cumulative gain.

Run puppy off of a usb drive and tell it not to save the configuration on the hard disk of whatever machine you are using. Set it up initially, have it save that setup on the usb drive, then use that.

I think that that the most important issue in security is having your network set up properly.

If someone has the will and physical access to the machine, they will always be able to get at whatever was in ram before. If you need that much security, carry the computer around with you when you are not using it.

Being so worried about data on your machine is a little paranoid. Did you ever consider that the data is vulnerable when you are sending it out over the internet? Or when it gets to the intended destination? There is only so much you can do on your end.
 
Old 04-23-2009, 04:43 PM   #38
okos
Member
 
Registered: May 2007
Location: California
Distribution: Slackware/Ubuntu
Posts: 609

Rep: Reputation: 37
As I stated before, you can make things so secure that it is virtually unusable.

Perhaps in your case it would not be a good idea to trade stocks over the internet. And do not use a wireless telephone or cell phone. I had a wireless phone that would occasionally pick up 1/2 the neighbor's conversation. Do not buy anything online. Do not do banking online.

Perhaps a more reasonable approach, as Quads pointed out, is to harden your computer and network. Put the os to trade stocks on a usb stick. Do not use a wireless connection to your router. Even wpa encryption can be hacked. Set up a virtual credit account for purchases. I think most credit card companies have such a feature. E-Trade at one time had a security feature where you would get a tiny security card in the mail. The card would print out a different six digit code every minute or so. You had to punch in the card number when you logged into E-Trade. After a minute the code would expire.
 
Old 04-23-2009, 05:43 PM   #39
Quads
Member
 
Registered: Jul 2008
Location: Indiana
Distribution: Fedora, Ubuntu, Slackware
Posts: 203

Rep: Reputation: 34
If someone were really that worried about security, do not use wireless networking at all. Security is a joke. A quick google will tell you that.

And since okos mentioned it, cell phones are a joke too. Bluetooth is just a backdoor into your phone, whether you have it enabled or not doesn't even matter.

I had a wireless phone years ago(or cordless as they used to call them) that would pick up the neighbor's conversation. I think the phones today are much better in dealing with interference, but unless you live out in the country, I wouldn't use it for financial dealings if you are worried about your information getting out. A regular old-fashioned phone would be the best bet.
 
Old 04-23-2009, 05:44 PM   #40
Quads
Member
 
Registered: Jul 2008
Location: Indiana
Distribution: Fedora, Ubuntu, Slackware
Posts: 203

Rep: Reputation: 34
Quote:
Originally Posted by dragonslayer48dx View Post
CC~

FWIW, PuppyLinux will install to a USB device.

Just a thought.
So will ubuntu. sudo apt-get install usb-creator Just pop in whatever live cd you want and it makes a usb stick for you.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot boot after fresh installation jpostma Slackware - Installation 11 07-17-2007 07:11 PM
KDE 3.5 - Fresh Installation Toods Slackware 1 12-09-2005 06:45 AM
Fresh Debian Installation quite slow Canaris Debian 10 08-22-2005 03:03 AM
new pc fresh installation prob spooky008 Linux - Newbie 12 01-28-2005 07:09 PM
fresh mandrake 10.1 installation need help cracksternation Linux - Laptop and Netbook 4 12-14-2004 04:23 PM


All times are GMT -5. The time now is 07:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration