Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
10-09-2006, 02:44 AM
|
#16
|
Member
Registered: Jul 2003
Location: Pennsylvainia
Distribution: Slackware / Debian / *Ubuntu / Opensuse / Solaris uname: Brian Cooney
Posts: 503
Rep:
|
you gave me a good idea
set up a dydns.org account updater on your laptop. if its stolen and booted where there is an internet connection, it will update its dns to the IP where it was last booted, which would give you a starting point to tracking it down.
sadly, for this to work best, you would need to leave your system otherwise open, so the end user can use it without formatting it.... and you can continue to track them by IP (rather than them connecting once, realising its locked out, and wiping it out along with your tracking meathod)
|
|
|
02-18-2007, 12:58 AM
|
#17
|
LQ Newbie
Registered: Nov 2006
Posts: 2
Rep:
|
Impossible to track Laptops or any computer
Impossible to trace Laptops or any computer, Unless You Know What You Are Doing, IP Addresses can be very well hidden on Windows with Hide Ip platinum, but if it was me that stole a Laptop, the first thing for me to do would be, format the Hard-Drive, get rid of Windows and Slap on Mandriva Powerpack 10.0 Linux!! but the hard-drive needs to be formatted 7 times first and the last time, Low Level Format which takes everything on the very first sector and after Linux is installed on there, I would find the linux software that would change the serial number on the hard-drive and that would be before even thinking about connecting to the Internet, once that serial number is changed it can never be traced, now don't get me wrong., I'm not a theif, I'm actually a Christian who is here to help you, the best thing you can do is make sure that you download a GPS Tracker Software for Windows Or linux, It's Hard To Find but it's out there for what Ever You Are using On Your Home Computer, the second thing you should do is, get some software that will show you the serial number on the hard-drive and write it down, then take the laptop to a wireless server and make sure the wireless starts working on it because the wireless can always be tracked by a GPS Internet server That Provides Satelite Connections Automatically, now it's not connecting to the satellite, but you threw the intrnet is connecting to the satellite then connecting to the wireless Laptop and make sure you leave the Laptop open so you can get into it fast before it's formatted, as long as that Laptop is turned on and setup right, you will get the Ip Address, the name of the system, the serial number and the name and address of the internet provider it connected too, So I sujest if you still have the Laptop, learn as much technologie as you can while you have it, if you don't and you do have it stolen, you won't find it unless you do as much as I said, better to be safe than sorry, if you have any Questions, my enail is pegasuss@vianet.ca or wilsona58@hotmail.com and I will do anything to help you because, God hates theives and so do I... God Bless You And I hope This Helps You....
Pegasuss
|
|
|
02-18-2007, 05:48 AM
|
#18
|
Moderator
Registered: May 2001
Posts: 29,415
|
Hello and welcome to LQ, hope you like it here.
Since you're new here there's some remarks I'd like to make.
IP Addresses can be very well hidden on Windows with Hide Ip platinum
You are posting in the Linux - Security forum. Unless specifically asked for by the OP we're not interested in Windows nor commercial software. Threads about Windows software aren't in the Linux -Security forum but in ?General. Next to that I doubt the software you mentioned will "hide" your IP, or have you tested it yourself?
but the hard-drive needs to be formatted 7 times first and the last time, Low Level Format
Why seven times?
I would find the linux software that would change the serial number on the hard-drive
Isn't the serial a factory-stamped readonly string? Did you ever manage to change the serial?
once that serial number is changed it can never be traced
Do you seriously mean that is the only serial?
take the laptop to a wireless server and make sure the wireless starts working on it because the wireless can always be tracked by a GPS Internet server That Provides Satelite Connections Automatically, now it's not connecting to the satellite, but you threw the intrnet is connecting to the satellite then connecting to the wireless Laptop and make sure you leave the Laptop open so you can get into it fast before it's formatted, as long as that Laptop is turned on and setup right, you will get the Ip Address, the name of the system, the serial number and the name and address of the internet provider it connected too
With all due respect bu I think here you're plain confused about how things work. If not, please explain in easy to follow steps what should be done here to get things to work like you said?
if you have any Questions, my enail
I'm sure it's appreciated, but LQ is a forum: questions get asked and (hopefully) answered here, not by email. Email only serves one, while fora serve many.
I will do anything to help you because, God hates theives
While I do not contest your right to flaunt whatever you want to flaunt please be aware most things computing are about facts. Cutting out the white noise and keeping things factual helps avoid irritation, animosity and flamewars.
|
|
|
02-18-2007, 07:31 AM
|
#19
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
my Dell laptop has this thing in the BIOS for using Computrace in order to track it if it's stolen... not sure how it works but it (and other similar services) might be something to look into for anyone interested in laptop theft recovery, etc...
regarding theft-recovery software on the hard drive: i can imagine some really neat things you could do if your laptop has a built-in mic/camera (and the thief doesn't format the drive for some reason)... in any case, i'm not sure trojanizing your software-on-the-harddisk is the best way to go... you'd need some kind of "lure" to get the thief to leave the disk untouched... right??
OTOH, adding another level of security is never a bad idea if done properly... you might get super lucky and end-up with some very revealing MP3s and JPEGs in your email inbox the day after your laptop was stolen...
Last edited by win32sux; 02-18-2007 at 07:40 AM.
|
|
|
02-18-2007, 10:14 AM
|
#20
|
Moderator
Registered: May 2001
Posts: 29,415
|
my Dell laptop has this thing in the BIOS (..) not sure how it works
Are you sure it's in the BIOS and not a piece of SW? How can you tell? Post a screenshot?
From their site:
Quote:
How it Works (..) tracks the location of your computer using a small and undetectable software agent
|
Sounds like simple egress filtering kicks this SW's butt.
|
|
|
02-18-2007, 10:31 AM
|
#21
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by unSpawn
Are you sure it's in the BIOS and not a piece of SW? How can you tell? Post a screenshot?
|
yeah, i'm sure it's an option in the BIOS... in the bios configuration it gives you the choice of enabling it and it makes it clear that it will only work if you have paid for the service from Absolute... not sure how to get a screenshot from the BIOS... but i can provide a quote from a Dell press release to back-up my claim that it's bios-resident:
Quote:
Starting immediately, most new Dell notebook computers will include support embedded in the system BIOS firmware, making the optional Computrace tracking and recovery application harder to defeat. To activate Computrace, customers need to purchase the service component from Dell or Absolute. Current Dell notebook users can download a new system BIOS that includes stronger Computrace support from http://support.dell.com.
|
http://www.dell.com/content/topics/g...us&l=en&s=corp
Last edited by win32sux; 02-18-2007 at 10:39 AM.
|
|
|
02-18-2007, 10:34 AM
|
#22
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
I think that the best bet would be to record information such as MAC address, and the unique identifier of the harddrive and CPU. Give the information to the police when you make your report. They can probably supply the MAC address of the NIC device to the ISP in the area. If the MAC address isn't spoofed, the ISP may have that MAC address on record. ( Assuming the thief isn't behind a NAT router )
|
|
|
02-18-2007, 10:36 AM
|
#23
|
Member
Registered: Jun 2003
Location: UK
Distribution: Devuan Beowulf
Posts: 514
Rep:
|
Things i've done to mine.
I engraved my name, house number and post code onto several areas on the laptop. Used a uv pen to do the same in a few other areas inside the case. Its a dell as well, so i enabled the serial number thing. Enabled the boot password, and security password (and config password so you need two passwords to change bios settings). WIth that config, they cant boot it easily, unless they have access to some hardware to deactivate laptop security measures.
The laptop is an antiquated P3 850, but more than adequate to run FC5 on, and is mostly used for programming. The /home directory is encrypted via dmcrypt.
RFID chips are a good bet if you could get someone to cut you some with a UID. Alternatively maybe some sort of tracker unit that transmits a signal could be embedded and designed to run off the laptop battery, or when it is powered up. With 3 friends in cars, and some home DIY electronics you could setup a way of triangulating the signal to give you a rough area to search for it in, thats assuming the thief is local.
Although not P.C. the idea of a self destruct feature comes to mind for those of us struck with extreme paranoia. Could be activated by radio signal or some other means.
If you are that paranoid though, your entire filesystem is going to be majorly encrypted, so why bother blowing the laptop up (unless its due to wanting to get a little revenge on the asshat who stole it).
Finally, but not really reality, if you could lay your hands on the bios src code for whatever laptop you have. Rewrite it so a couple of failed password attempts changes vcore settings to whatever the maximum vcore is regardless of cpuid. Melted cpu generally equals new laptop.
Please view this post as a mixture of serious thought and some comedy, and don't go blowing people up, its not required, nor altogether legal.
|
|
|
02-18-2007, 01:36 PM
|
#24
|
Member
Registered: Oct 2006
Location: As far away from my username as possible
Distribution: Gentoo
Posts: 259
Rep:
|
Quote:
Originally Posted by v00d00101
and don't go blowing people up, its not required, nor altogether legal.
|
No, it may not be legal, but it sure as hell would stop them from stealing things. Although, that kind of security is a little OTT.
But, if you have sensitive data then the best kind of security is to have said data on a disc in your pocket or in a hidden safe at home, not on your laptop. Incidentally, someone forgot to tell the employees of a certain bank here in the UK that.
Quote:
The theft of a laptop containing Nationwide Building Society customer information...
laptop was stolen from an employee's house in a burglary in August. Both the FSA and Nationwide have refused to say exactly what data was stolen...
The building society would not say how many customers' details were contained on the stolen laptop. It is in the process of writing to all of its 11 million UK customers to outline the security measures they need to take as a result of the theft.
|
Remember your physical security. If it isn't on the laptop.
|
|
|
All times are GMT -5. The time now is 12:19 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|