LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-26-2008, 12:28 AM   #1
SaraiKhan
LQ Newbie
 
Registered: Nov 2008
Posts: 28

Rep: Reputation: 15
Erasing logs/Clearing Cache


How can I delete my own information from my computer of a day's work.
For example, I reckon, bash stores some "history" of commands, firefox cookies and many other programs other stuff. I want to clean it all, after ending each session, including logs. Is this even possible?
 
Old 11-26-2008, 01:58 AM   #2
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,013

Rep: Reputation: 83
Firefox is easy.

From within Firefox:
  • Select Options from the Tools drop down menu
  • Click the Privacy icon (top of the options page)
  • Set the options you want and click OK

Bash history can be erased with:

Code:
history -c

Last edited by Disillusionist; 11-26-2008 at 02:00 AM.
 
Old 11-26-2008, 02:58 AM   #3
SaraiKhan
LQ Newbie
 
Registered: Nov 2008
Posts: 28

Original Poster
Rep: Reputation: 15
Thanks, what other logs can there be stored on a linux system?
 
Old 11-26-2008, 03:07 AM   #4
wit_273
Member
 
Registered: Mar 2007
Location: Nebraska
Distribution: CentOS
Posts: 82

Rep: Reputation: 15
You can remove logs from /var/log/ or edit /etc/logrotate.conf to rotate your logs daily and not keep any old logs. I would advise against either option though. If you have a problem the logs can be very helpful in resolving the problem.
 
Old 11-26-2008, 12:22 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
There's more logging at the network, system and user level. Like wit_273 already said you should not want to remove logging at the system level: not only can it hamper solving problems but for instance cleaning out wtmp (which certain crackers would do) skews your auditing. (And while you may be able to control LAN logging you certainly won't be able to control WAN logging if any.) As for the user part the Firefox approach only works with some apps. Others may store configuration and previously opened files history in one or more files and they don't necessarily need to be plaintext. Luckily the user part can easily be solved by yourself: just create a new profile then checksum it before using. After you used the account and logged out again, checksum everything again. That'll display all alterations but it's up to you to mark them as (not) suspicious.

Once paranoia sets in you might wonder why you aren't running a distro or at least the account strictly from RAM...
 
Old 11-26-2008, 09:45 PM   #6
SaraiKhan
LQ Newbie
 
Registered: Nov 2008
Posts: 28

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by unSpawn View Post
There's more logging at the network, system and user level. Like wit_273 already said you should not want to remove logging at the system level: not only can it hamper solving problems but for instance cleaning out wtmp (which certain crackers would do) skews your auditing. (And while you may be able to control LAN logging you certainly won't be able to control WAN logging if any.) As for the user part the Firefox approach only works with some apps. Others may store configuration and previously opened files history in one or more files and they don't necessarily need to be plaintext. Luckily the user part can easily be solved by yourself: just create a new profile then checksum it before using. After you used the account and logged out again, checksum everything again. That'll display all alterations but it's up to you to mark them as (not) suspicious.

Once paranoia sets in you might wonder why you aren't running a distro or at least the account strictly from RAM...
Can you be more specific about the "profile" stuff? Pofile for what?
I was also considering removing the writing head of a HDD ...
 
Old 11-27-2008, 01:51 AM   #7
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,013

Rep: Reputation: 83
Why not remove the HDD altogether and run from a Live CD?

That way no information would be modified.
 
Old 11-27-2008, 07:08 AM   #8
SaraiKhan
LQ Newbie
 
Registered: Nov 2008
Posts: 28

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by Disillusionist View Post
Why not remove the HDD altogether and run from a Live CD?

That way no information would be modified.
Well, it's slower ... I could use a HDD as a USB DISK, but it is more slower in day to day work.
 
Old 11-27-2008, 12:13 PM   #9
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
Quote:
Originally Posted by SaraiKhan View Post
Can you be more specific about the "profile" stuff? Pofile for what?
For profile read user account?


Quote:
Originally Posted by SaraiKhan View Post
I was also considering removing the writing head of a HDD ...
You gotta be kidding me...
 
Old 11-27-2008, 02:51 PM   #10
s0ldat
LQ Newbie
 
Registered: May 2008
Posts: 2

Rep: Reputation: 0
Modify this script by adding to OBJECT variable any files or directories you want to remove. Run any time you want to clean private data.

Code:
# Remove files/directories

cd  ${HOME}
for OBJECT in .bash_history .lesshst .viminfo .cache
do
if [ -e ${OBJECT} ]
then rm -rf ${OBJECT}
fi
done
 
Old 11-27-2008, 04:01 PM   #11
tredegar
Guru
 
Registered: May 2003
Location: London, UK
Distribution: Ubuntu 10.04, mostly
Posts: 6,007

Rep: Reputation: 366Reputation: 366Reputation: 366Reputation: 366
@SaraiKhan
Why are you so paranoid?
You can delete cookies and histories and logs from your computer, but your ISP will be logging everything you read, post or email, and there is nothing you can do about that.
 
Old 11-27-2008, 04:40 PM   #12
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by tredegar View Post
your ISP will be logging everything you read, post or email, and there is nothing you can do about that.
You could use Tor for that.

But yeah, I'm with unSpawn's comment in post #5. At this level of paranoia, you shouldn't be using the HDD at all. If you don't like live CDs cuz the speed sucks, then use a ramdisk-based distro. Or like unSpawn hinted at, at least use a ramdisk for the account you are paranoid about. I'd suggest running the whole thing from RAM without swap. But if you need swap, you should definitely encrypt it with a random key each time.

Last edited by win32sux; 11-27-2008 at 04:42 PM.
 
Old 11-27-2008, 05:18 PM   #13
tredegar
Guru
 
Registered: May 2003
Location: London, UK
Distribution: Ubuntu 10.04, mostly
Posts: 6,007

Rep: Reputation: 366Reputation: 366Reputation: 366Reputation: 366
Quote:
You could use Tor for that.
I expect you could.
I am all for freedom, privacy and non-intrusion from governments.

But SaraiKhan has a linux login & password that gives him / her some reasonable security.
Why isn't that sufficient?
 
Old 11-27-2008, 06:08 PM   #14
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by tredegar View Post
I expect you could.
I am all for freedom, privacy and non-intrusion from governments.
Well, your "there is nothing you can do about that" made it sound like you weren't aware of the options available to prevent ISP snooping.

Quote:
But SaraiKhan has a linux login & password that gives him / her some reasonable security.
Why isn't that sufficient?
Only SaraiKhan could say what's sufficient for him. I would imagine that he's concerned that someone who gets their hands on the hard drive might also gain access to personal information stored on it. This is something which encryption and/or working from RAM (ie, not writing personal information to disk in the first place) can help with. The GNU/Linux username/password scheme wouldn't provide any protection at all in such a case.

Last edited by win32sux; 11-27-2008 at 06:13 PM.
 
Old 11-28-2008, 10:03 AM   #15
SaraiKhan
LQ Newbie
 
Registered: Nov 2008
Posts: 28

Original Poster
Rep: Reputation: 15
win32sux is right. I do not want people gaining access to my hdd. The user/password scheme might not be sufficient for that. I considered encrypting my entire hdd, or at least the partition that root runs on. Also ... how safe is TOR?

P.S. How do I checksum the entire user profile as unSpawn mentioned?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
clearing cache on squid proxy shadowsurfer Linux - Newbie 9 04-15-2008 11:33 PM
clearing CD cache grayFalcon Programming 1 09-21-2006 04:55 PM
clearing cache, web cache on linux varunbihani Linux - General 2 12-08-2005 12:02 PM
DNS cache clearing n.antonio Linux - Software 0 05-11-2003 08:44 PM
clearing cache waxiem Linux - General 1 03-02-2003 09:42 AM


All times are GMT -5. The time now is 06:03 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration