Open source security setup
-
Claws Mail might not be a total beauty queen, but I'm impressed by the screenshots in the link you posted. There is some elegance there. It's nice to know about this one.
-
i didn't realize claws mail was on windows. i just looked it up on download.com and there it was:) i tried it a while back (and kmail) on linux. it was pretty fast and seemed to be a good program. i eventually yielded to thunderbird … though i can't remember why ... i think it was because it was a little easier to set up the accounts and i was lazy(?): i always hate setting those things up.
it has some good security plugins (pgp, spamassassin, bogofilter, bsfilter, clamav).
seamonkey is also noteworthy.
-
Nice idea for a thread.
The argument that Windows is inherently insecure, does not mean people should not seek to close the holes at every available opportunity.
More effort has to be put in to Windows, so threads of this nature are important.
For XP users, this thread will soon become even more useful.The GRC pasword generator is Opensource
https://www.grc.com/passwords.htmOpenDNS is great for most users, but as it blocks bad domains, it can also end up temporarily blocking sites based on false-negatives (same as the Comodo and Trend DNS).
I favour having my backup DNS from a different service, and personally never use any DNS that block or redirect.
This is because I actively seek out and test bad sites, so they can be reported with useful info.
Regularly dangling my private-parts in the lions mouth, means I have Windows clamped-down or sand-boxed, and use the Linux approach in my browsers.
Opera and Firefox, are totally OCD and ask for permission to do anything.
All Temp data, from Windows and browsers etc. is stored on a dedicated drive/partition (this is also a great way to avoid fragmentation).
I can disconnect or quick format this at a moments notice.Many DNS now block or redirect, but mostly this is being used to block download and streaming sites.
You can use the GRC DNS benchmark program, to see which DNS block or redirect, is fastest for you, and which use DNSSEC authentication.
https://www.grc.com/dns/benchmark.htmI would recommend slipstreaming your own Windows install, so you can avoid installing anything you don't want, include security tweaks, and have the system defaults set to your liking, so any new accounts will already be secure as you can make it.
nLite is very useful for reducing you Windows footprint.
http://www.nliteos.comOK. back to domain blocking.
If you want to block the malware sites, but require the ability to bypass individual blocks, then using a local "HOSTS" file may be better.
I use it to block adverts, but you can include a variety of criteria depending on where you get your HOSTS file.
"HostsMan" is one of the easiest/best I've used http://www.abelhadigital.com/hostsman
NOTE: All good AV software should block the editing of the HOSTS file, so you should temporarily disable, while updating it.
Mac and Linux also use HOSTS files, and I posted more links and info here;
https://vivaldi.net/blogs/entry/how-to-block-sitesThere are a few odd tools that will allow you to conveniently edit various registry settings that effect your security.
X-setup was once a commercial product, but is now totally free.
http://www.x-setup.net
This really is the mother of all tweakers, as it is just a framework for user editable scripts.
e.g. if you know of another tweak you want in it, you can make your own script."jvPowertools" The only registry cleaner/tweakeer worth using, is going open source even though the crowd-funding did not reach it's total.
http://www.macecraft.com
This program can be very useful for tracking registry changes, and removing unwanted items. It also has easy access to various security related Windows options, and can install the Hosts file from http://winhelp2002.mvps.org/hosts.htmNOTE: Nothing suggested here needs to stay installed after being used, so can be part of your portable USB tool-kit.
-
How 'bout that source code, jimc. You can evaluate it with your very own eyes, or if you don't have the expertise, you can depend on the expertise of many others.
-
Yes, jim, it's exactly like that. I didn't think you were looking for an answer.
-
Open Source does not mean loads of people coded it, and 1 expert said it is OK.
As Dave pointed out "many experts" look at the final code, even if only 1 programmer wrote all the code.Getting many experts to examine the code means that there is a much bigger chance of an error being seen.
The point is not to rely on the so-called expertise of 1 person.Having open access to the code-base of anything security or encryption related is more than useful or important. It is now a necessity.
Any security product using closed source can not be trusted.
eg. If Apple had been using a closed source SSL system, nobody could have found the error that has left all Apple users unable to fail corrupt, old or compromised SSL certificates.
I would love to see the statistics on how many Apple users gave away their login details over the last few years (FireFox users on Mac were safe), and any iPhone stuck with iOS 6 still has the error.
This SSL code change was not passed for inspection to any experts, and does not exist in the original repository.
It has also been pointed out by several programmers, that the error would have been flagged by the compiler, so you would have to specifically make it not see the error for it to compile.Open inspection of code, is how flaws and back-doors are found before the public get to use it.
-
jimc
i'm not exactly sure what you mean, i think you are reading too much into this thread. open source has a lot of excellent software. this thread is focusing on security related open source software. perhaps myself, or someone else, will learn about some that they are unfamiliar with and would wish to try? feed back from those with experience is also helpful, as some might be buggy or useless or have conflicts. many others are using open source software and don't even realize it - threads like this may help elucidate.
the topic's thrust hoped to evaluate if open source security products had reached a level of adequate competence to safeguard your system (or to be used on it). i would point out that their antivirus products have not necessarily preformed to the standards of many proprietory products. testing is difficult however, when you are incapable of paying for it. because of this, it is rarely evaluated. recognizing this, products such as immunet are designed to be used complimentary to your preferred antivirus. notwithstanding, you can pay for a propietory engine in immunet (bitdefender). this product is far more capable and can be used by itself: but the paid upgrade muddles the purpose of the thread.
clamav's demand scanner has a lot of false positives and doesn't quarantine by default (you can turn it on but its not recommended). yet it does add some value to many setups as it might identify malware missed (and its easy to check the suspected file on virus total to see if it's a false positive). in my experience, clamav does a better job at identifying old malware (ex. xp malware on my win 7 machine). because of this, it might be better than malwarebytes on an xp machine (seeing as how malwarebytes focus is on newly emerging malware).
many people will continue using xp, despite the fact that its not supported anymore. like an old laptop that is reborn by a linux os, open source software might be the only means of protecting that old os (microsoft is not supporting mse on xp anymore, either).
lastly, stopping the infection is paramount. so, the software doesn't have to be specifically `security software': hence the inclusion of things like email and browsers (no ones mentioned the chromium open source browser yet, it does have a built in sandbox. their site says its good up to vista. does the sandbox work on win 7 or 8? anyone?). infections can come through attachments for office programs. which open source office program is the most secure? which has more security features? which ones use java addons? these are relevant questions. and not everyone wishes to pay for office programs, and a security conscious word processor might save your system from a nasty infection.
-
thanks for the input Dr.Flay.
is hostsman open source? i've used it in the past and can verify it is an excellent product. i searched for open source host management and found: Host File Editor. it says:
"Check and correct host name syntax, add, change or delete entries, open an external file and backup". its good for 32 and 64 bit
http://download.cnet.com/Hosts-File-Manager/3000-18506_4-75788611.htmli've never tried it so i can't comment on it.
-
yes,i love free quality software also. though, most freeware is only intended to be freeware for a limited time. a multitude of factors keeps the game afloat and freeware around (and God bless those factors). but those companies no doubt have long term goals to make money off it. i've noticed how the antivirus market is narrowing (ex. many products use the bitdefender engine). and i've noticed how the big boys of av are including chrome or searchbars or something in their installers, or pushing ads (more aggressively then they used to), have fewer features in their free products (remember when avast's sandbox was still in the freeware version?). but that's ok, i understand it and the reasons why.
"What I want is all software. I can't afford much and don't spend anything on software anymore, but I don't care about is whether it is open source or closed source. I don't even consider that."
-yes, i'm sure myself or others will topic the freeware world. this is a sampling of it.
-perhaps you should consider an element of it. there are many newer emerging antivirus products that come from potentially untrustworthy sources. some companies have been implicated in criminal activity, but lay outside of the western judicial system, and so are untouchable. and their software isn't relegated to merely antimalware products, but span the range of software from office to utilities. products such as these maybe productive shells for trojans. should nasa, or the military use a cloud based antivirus that sends the information to another country for analysis? heaven forbid. some of these companies have been implicated in reverse engineering some of our beloved and respectable freeware. they then use this counterfeit software, which they did not develop, to compete with the true developers. eventually, the true developer will succumb to the added competition and fold. leaving only the counterfeits. oil company employees, government employees, business' with proprietary inventions or secrets, business strategies, etc, can be spied giving an advantage to competing unscrupulous companies outside of western law. so even in the freeware world, only use software (no matter how awesome it is) from reputable and trustworthy companies. this is one reason why some like open source. i like it for good software. -
Hi guys (and girls?).
I tried Ubunu 10 years ago on a dual boot, but needed M$ at work. These days I have started to look at LibreOffice under windows 7, and I like it better than the newest MS Office. Am I right if I assume that it is easier to work with files back and forth between Windows and Linux now than it was 10 years ago?
I’m reading your post with greater and greater interest, but cannot make any contribution (yet). Could the thread’s title be Open Source instead of Open Source Security Setup?
Should I take the leap from Windows to Ubuntu? Note that I already am a purist when I chose LibreOffice over OpenOffice. -
Am I right if I assume that it is easier to work with files back and forth between Windows and Linux now than it was 10 years ago?
I think very much so. My employer is totally MS Office. With LibreOffice, I can stay completely in the game from home with my Linux box.
-
jimc>repositories have stringent criteria for inclusion. they have checked the implications of the software they carry.
open source code can be requested and viewed. we don't read c++, but many do.
-
leirom
since your computer can be infected with an office attachment, i think a functional and secure office suite is relevant to this topic.
libreoffice and openoffice are both proficient at reading/writing doc files. i don't think they can handle docx, but most still use doc, i think that's the standard. although, i've never done much in terms of advanced formatting - i'm unsure if everything would render perfectly. personally, i've never noticed anything bad (i use libreoffice).
abiword is also very popular.
-
leirom
since your computer can be infected with an office attachment, i think a functional and secure office suite is relevant to this topic.
ex. http://arstechnica.com/security/2014/03/zero-day-vulnerability-in-microsoft-word-under-active-attack/.Thank you for the link biggerabalone.
-
adding a couple more:
-process hacker - see whats running and investigate. (i've used this and like it. it has a portable)
-Moon Secure Antivirus - not sure what's going on with these guys, anyone try them? i thought it was long dead, but i appear to be wrong. download.com says they're good for win 7 and it's last update wasn't too long ago. here's their spiel:
"Moon Secure Antivirus aims to be the best Free Antivirus for Windows under GPL license. It offers multiple scan engines, Net shield, Firewall, On access, on Exec scanner and rootkits preventions plus features from Commercial Antivirus applications".
-
i tried out moon secure antivirus - i was curious. and i was not overly impressed with it. the engine had a date on it, 2008, and the defn's were 2009. it was very light on resources and ok-ish looking. it said it has a memory shield. i saw no evidence of a firewall. and it was buggy on my system. i recieved an application error exception. i was running it with webroot, so maybe they didn't like each other???
overall, i can't recommend it.
-
Amiti Antivirus
found this newer open sourcer and liked it. very light on system (only added 4 seconds to my boot), has real time memory shield, uses clamav. looks pretty good and ran smoothly. easy install and clean uninstall. wish i knew what the real time shield did though (is it an heuristic thing or does it scan file access etc). my system ran flawlessly with it (with immunet, i had some problems with webroot … they didn't play nice together).
http://download.cnet.com/AMITI-Antivirus/3000-2239_4-75915922.html
-
Amiti Antivirus - continued
Memory shield - i've figured out how it works: it scans objects that are opened. I must admit, it is very light in doing so, I don't even notice any system impact … ever. and I'm evaluating it on an atom n450 processor (slowest of the slow). under their status tab it has a objects scanned counter (that's how I found out how it works). as I open something and check counter, it counts upwards.
Heuristic - it has heuristic detection technology (options-engine-can enable or disable). under the news tab, it gave some info on some of the latest threats it can pick up, and referenced them through its heuristic detection.
I did a scan with hitman pro. It said Amiti has a valid authenticode certificate (always good news). It also said that "this files reboot survivability is vigorously protected". This is good to know also, seeing as many malwares will try to turn off your antivirus or remove it from the startup. I presumed it was unprotected, and was pleasantly surprised by hitman's comment. this indicates the program has a little more depth to it then I suspected.
Updates - there were no flags or bells with the updating ... which made me wonder it it worked. I found a setting to un-hide the update window (hidden by default) - found under options, and database tab. 60 minutes later (which is the set update check ... but you can change it or turn it off) it updated with a popup box (using freshclam, looked similar to a Linux clam update). later, I checked in Amiti's folder and found the freshclam updater exe. So, yes it updates fine, and apparently straight from clamav.
other features - clean temp files directory button and clean temp ie files button (under options, and miscellaneous tab).
Scheduled scan - can set it to scan any or all of these: memory, registry, cookies, and/or storage.
-has damage repair technology
-can set to make restore point b/f actions/removals.
-analyse alternate data streams and compressed files.
-has a support tab - which appears to be free - and a donate button that says "buy us beer first". its a cute touch:)-only problem - custom scan doesn't seem to work for me (can't change settings for it). but that's not a big deal.
-I would like to see a right-click scan feature added for the future.
Last note: this company (netgate) also makes Spy Emergency (a paid product). The two have many similarities ... so Amiti likely uses some of Spy Emergencies tech (and not exclusively clamavs(?).
-
Some to keep an eye on for the future:
-TecknoGuard AntiVirus 2014 -beta- (Creative Commons Attribution License) -still in the experimental stage, the graphics are very nice Windows 8 style with utility and a good detection with an extensive database of virus.
-J.L Antivirus - (Affero GNU Public License) a free antivirus with Real-Time protection, powerful scanner and big database. This is in development and not ready to protect systems yet.
- Vital Antivirus 2014 - (not sure license - listed as recommended project on sourceforge) Prozek Vital Antivirus 2014 is a smart and powerful security tool available for free. It is completely developed in vb .net and it's updated frequently.
Main features:
• Detect and delete millions of dangerous viruses.
• Detect if your internet connection is working fine.
• Auto scan USB devices .
• Voice warnings.
• It's totally free!
- Vital Antivirus 2014 - (not sure license - listed as recommended project on sourceforge) Prozek Vital Antivirus 2014 is a smart and powerful security tool available for free. It is completely developed in vb .net and it's updated frequently.
-
Peerblock
From PeerBlock:
"PeerBlock lets you control who your computer "talks to" on the Internet. By selecting appropriate lists of "known bad" computers, you can block communication with advertising or spyware oriented servers, computers monitoring your p2p activities, computers which have been "hacked", even entire countries. They can't get in to your computer, and your computer won't try to send them anything either".
been using 1.1 on my 32 bit laptop and i'm impressed (1.2 came out and seems to have a bug, i'll keep using 1.1 for now). only works with ipv4 and not ipv6 yet (coming soon i'm hearing). so, not bulletproof, but helpful (i turned off ipv6 and haven't noticed any sites i can't access yet). this program really educates you on how many ips your system will try to contact, even if your not browsing. it's a good addition to the windows firewall.