Upload
fox-rebbon
View
221
Download
0
Embed Size (px)
Citation preview
7/26/2019 Security Must
1/24
Staying anonymous and safe online is crucial wither or not your into fraud, hacking, or otherwise. Idid not write this guide, however ill add some amendments that I feel are important and missed.
1.) Where ever any guide ( like this) tells one to use Uuntu !inu".... do not and use Uuntu. #he
reasoning is that with the newest additions of Uuntu, they inde" and record your filesystem and
searching haits for $uicy data they sell a dime a do%en to the man.
Some nice alternatives are&
'eian
'!inu" int
'*rch !inu"
'+S
.) -ncryption. Its not hard. ou have #ruecrypt and your silly /##0S but thats not enough.
When ever I contact my arknet uddies I always use 0 encryption 2345 it 6S* to ensure my
messages, even if my connection got sniffed, never get read y the !-.
Some nice practices are&
'#ruecrypt your partitions, 7/8s, and other important files you need safe, always use a
hidden partition with false files and such ... idk go to hackfourms or torrent ooks aout
acktrack to make it look $uciy yet dry.
' Use 0 for contacts
here8s a nice link www.madoa.com9geek9gpg':uickstart9
'-ncrypt your homefolder when you install the ;S of your choice
7/26/2019 Security Must
2/24
>.)Leave your ego for Call of Duty and your buddies.#he more you talk aout yourself, the
more the other guy or !- can uild a profile on you. If your talking aout how hitler did nothing
wrong on 9pol9 all day while hacking Israel with ?;0Israel ... your gunna get caught real fast.
#opiary got nailed for ragging on @o" !ive.
5.) * word aout AS.... never use your IS08s even with daily activities.
'#orango
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
#hat pretty much cover8s it, when I get more time and resources i8ll post more. Im gunna take
initative and try reuilding the content of this wesite to the est of my aility. !uck for you guys I
copy pasted a lot of the good tidits and from other places. on8t e"pect fraud copy pastes from me
though, the Wiki is alive and well.
#his is a guide with which even a total noo can get high class security for his system and
complete anonymity online. +ut its not only for noos, it contains a lot of tips most people will
find pretty helpfull. It is e"plained so detailed even the iggest noos can do itBB &
CCC #he Ultimate uide for *nonymous and Secure Internet Usage v1.3.1 CCC
#ale of =ontents&
1. ;taining #or +rowser
. Using and #esting #or +rowser for the first time
. #esting #rue=rypt 7olumes
5. Securing your /ard isk
D. #emporarily Securing our isk, Shredding Eree Space
F. Installing 7irtual+o"
4. Installing a Eirewall
13. Eirewall =onfiguration
11. Installing Uuntu
1. Uuntu Initial Setup
1. Installing #orchat (;ptional)
15. =reating #;6';nly Internet -nvironment
1D. eneral aily Usage
+y the time you are finished reading and implementing this guide, you will e ale to securely
and anonymously rowse any wesite and to do so anonymously. Ao one not even your IS0 or a
government agent will e ale to see what you are doing online. If privacy and anonymity is
important to you, then you owe it to yourself to follow the instructions that are presented here.
In order to prepare this guide for you, I have used a computer that is running Windows 7ista.
#his guide will work e:ually well for other versions of Windows. If you use a different operating
system, you may need to have someone fluent in that operating system guide you through thisprocess. /owever, most parts of the process are easily duplicated in other operating systems.
7/26/2019 Security Must
3/24
I have written this guide to e as newie friendly as possile. -very step is fully detailed and
e"plained. I have tried to keep instructions e"plicit as possile. #his way, so long as you
patiently follow each step, you will e $ust fine.
In this guide from time to time you will e instructed to go to certain U6!s to download files.
ou do A;# need #;6 to get these files, and using #;6 (while possile) will make these
downloads very slow.
#his guide may appear overwhelming. -very single step is e"plained thoroughly and it is $ust amatter of following along until you are done. ;nce you are finished, you will have a very secure
setup and it will e well worth the effort. -ven though the guide appears huge, this whole
process should take at the most a few hours. ou can finish it in phases over the course of
several days.
It is highly recommended that you close G*!!G applications running on your computer efore
starting.
CCC 1 & ;taining #or +rowser CCC
#he first step to ecoming secure and anonymous online is to setup and install something called
H#;6H. H#;6H is short forH#he ;nion 6outerH. #he concepts ehind #;6 were first
implemented y the United States ilitary, and these principles have een used to create an
e"tremely secure mechanism for eing anonymous online. In fact, millions of people world'wideuse #;6 to rowse the internet and communicate anonymously.
#;6 works y heavily encrypting your communications so that no oserver can see what
wesite you are really going to, and what information is really eing sent. It all appears as a
unch of random characters to any oserver. ou simply use the #;6 we rowser $ust as you
use any other we rowser. #;6 takes care of the rest.
/owever, #;6 y itself is not enough. -ven when using #;6, a user can e compromised in a
numer of ways. Eirst, some wesites can e set up to attempt to reveal someone8s true I0
address (their true identity) y tricking their we rowser or other software to transmitting that
information. Eor this reason, anyone who uses #;6 will recommend that no one have $avascript
or flash turned on while rowsing #;6. In this guide however, I will show you a much etter
solution.
#he second issue is that of human error. -ven if you have #;6 installed, you may accidentally
forget which rowser to put in a link. ou may also accidentally click on a link from another
program, such as a chat program. #hat program might then load the link you clicked on into a
non'#;6 rowser. When you are using #;6, you must e careful GconstantlyG that every link
goes into the right rowser, and that you do not accidentally click the wrong link.
So then, let8s egin. ;taining the #;6 +rowser is easy. Simply go to the following wesite&
http&99www.torpro$ect.org
;nce here, you may feel free to read more aout what #;6 is and how it works, or you may
proceed to immediately download #;6./ere is how to do so&
1. =lick on Hownload #;6H, or HownloadH.
. ou will see te"t that says, H#he #or +rowser +undle contains everything you ned ... ust
e"tract it and run. !earn more JJ
. #he file eing saved will e named& tor'rowser'1.
7/26/2019 Security Must
4/24
D. ou will e prompted to e"tract this to a directory. +y default, it will e set to
=&LUsersLouLownloadsL #his is perfectly
ok. ou can also choose a different directory if you wish.
F. =lick H-"tractH
#hat8s it. #;6 +rowser is A;W installed. #ime to test it outM
CCC & Using and #esting #or +rowser for the first time CCC
Aow you have successfully downloaded and installed the #or We +rowser +undle. ou are nodout an"ious to egin using it. Eirst, click on the HstartH menu icon, the icon in the lower left of
your screen with the windows logo. ;n the top right will e a listing that says HouH,
HocumentsH, H0icturesH, HusicH... HouH of course will e replaced y your user name. =lick
on HouH, the top most link. #his will open up your main user folder.
Aow, locate the folder called HownloadsH and doule click on it.
Aow, inside the HownloadsH folder, doule click on the folder called H#or +rowserH.
!astly, doule click on the application& HStart #or +rowserH
When you do, you will see the 7idalia =ontrol 0anel appear, and you will oserve as you
connect to the #;6 network. When this is complete, your we rowser will open up and will
automatically connect to the we address& check.torpro$ect.org#his is to confirm that you are in fact using #;6. If you have followed this guide correctly, then
you will see the following green te"t, or something similar&
H=ongratulations. our rowser is configured to use #or.H
Aow you can use this we rowser the same as any other. ou can go to any wesite you wish,
and neither your IS0 or anyone else will e ale to see where you are going, or what you are
doing. /owever, there are still issues that need to e resolved, so don8t egin rowsing $ust yet.
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
GGGGGGG I0;6#*A# S*E-# A;#- GGGGGGG
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
If you fill out a form containing your email address, your name, or any other sensitive
information while using the #;6 rowser, e aware that sometimes it is possile for an oserver
to see that information. When using #;6, use it to access wesites and content that you are
GnotG connected to via your real identity or any username or nick name which links to your real
identity. !et #;6 e for anonymous rowsing solely. o your online anking, or any other
activities involving your real identity using your normal we rowser.
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
CCC < & Securing our /ard rive CCC
+eing ale to rowse anonymously is one thing. /owever, you may choose to download and
save sensitive content or material to your computer which you wish to keep private. #his may
include reading sensitive documents, viewing pictures, or storing any kind of sensitive data.
If you save GanythingG to your computer8s harddrive, then it is possile for someone who hasconfiscated your computer to determine what it was you saved. #his is often true even if you
delete the content. Eor e"ample, suppose I use the #or +rowser and I navigate to a wesite
containing a sensitive document that I wish to read. If I saved that document somewhere on my
harddrive, then it is possile for someone else to find it. If I GdeleteG that document, it may still
e possile for someone to undelete it.
Eurther, even if I never save it to my harddrive ut I simply look at it using my word processing
software, it may still e saved in a numer of ways including&
1. ;ften programs keep records of filenames. #he filename alone is often enough to incriminate
someone.
. ;ften programs keep parts of the content viewed saved for various reasons, such as for
searching. #his can include random e"cerpts of te"t, thumnails of images, and more. ;ften thisHpartialH data is more than enough to prove what the original data was. ;ften the HpartialH data is
itself incriminating.
7/26/2019 Security Must
5/24
steps to confirm that HAo paging fileH is still selected.
#his
means that you have successfully disaled your swap. #his means that GnothingG from 6* will e
inadvertently saved to your harddrive.
#o resume using SW*0 again, simply click H*utomatically manage paging file si%e for all drives.H
ou can
switch etween these two modes as you desire.enerally speaking, your computer will run fine without a swap file, provided you have enough
6*.
7/26/2019 Security Must
6/24
GGG -A ;E *7*A=- IAS#6U=#I;AS GGG
#he ne"t issue we need to address is how to prevent applications and9or your operating system from
saving content inadvertently that you do not want saved. Eor this, we are going to set up a H7irtual
achineH.
* H7irtual achineH is like a computer inside of your computer. -verything you do inside the
7irtualachine (vm for short) will e fully contained within itself and no one will e ale to see what the
vm
has een doing. Ideally, you want G*!!G of your sensitive computer usage of any kind, #;6 or
A;A #;6,
to take place within a vm. In this way, you can keep everything private that you wish while still
using
your computer fully and getting the most out of it.
on8t e afraid of this sounds complicated. #his guide will take you through every step slowly and
methodically. +efore we can set up a vm however, we need to take another step.
CCC 2 & Setting up #rue=rypt, -ncrypted /idden 7olumes CCC
If you save anything on your computer, it is likely that you do not want $ust anyone to e ale to seewhat you have saved. ou want a way to protect that information so that you can access it, and
asolutely no one else e"cept those you trust. #herefore, it makes sense to set up a system which
protects your information and safeguards it against prying eyes.
#he est such system for this is called H#rue =ryptH. H#rue =ryptH is an encryption software
program
which allows you to store many files and directories inside of a single file on your harddrive.
Eurther, this
file is encrypted and no one can actually see what you have saved there unless they know your
password.
#his sounds e"tremely high tech, ut it is actually very easy to set up. We are going to do so, right
now&
1. o to http&99www.truecrypt.org9downloads (or go to www.truecrypt.org, and click on
HownloadsH)
. Under H!atest Stale 7ersionH, under HWindows D97ista9@09333H, click HownloadH
7/26/2019 Security Must
7/24
. =lick on HSelect EileH
Aote which directory you are in on your computer. !ook at the top of the dialog that has opened and
you will see the path you are in, most likely the home directory for your username. *n input o" is
provided with a flashing cursor asking you to type in a file name. /ere, you will type in the
followingfilename&
random.t"t
ou may of course replace random.t"t with anything you like. #his file is going to e created and
will e
used to store many other files inside.
o A;# use a filename for a file that already e"ists. #he idea here is that you are creating an
entirely
new file.
It is also recommended though not re:uired that you HhideH this file somewhere less ovious. If it is
in
your home directory, then someone who has access to your computer may find it easier. ou canalso
choose to put this file on any other media, it doesn8t have to e your hard disk. ou could
for e"ample save your truecrypt file to a us flash drive, an sd card, or some other media. It is up to
you.
5. ;nce you have typed in the file name, click HSaveH
D. ake sure HAever save historyH is checked.
F. =lick HAe"tH
4. ;n the H;uter 7olumeH screen, click HAe"tH again.
13. #he default -ncryption *lgorithm and /ash *lgorithm are fine. =lick HAe"tH
11. =hoose a file si%e.
In order to enefit the most from this guide, you should have at least 13 gigaytes of free disk
space. If
not, then it is worth it for you to purchase some form of media (such as a removale harddrive, a
large
sd card, etc.) in order to proceed. #rue=rypt can e used on all forms of digital media not $ust your
hard
disk. If you choose to proceed without otaining at least ten gigaytes of disk space, then select a
si%e
that you are comfortale with (such as 133 +).
Ideally, you want to choose enough space to work with. I recommend 3 + at least. 6ememerthat if
you do need more space later, you can always create additional #rue=rypt volumes using e"actly
these
same steps.
1. Aow you are prompted for a password. #/IS IS 7-6 I0;6#*A#. 6-* #/IS
=*6-EU!!
GGG 6-* #/IS S-=#I;A =*6-EU!! GGG
GGG #he password you choose here is a decoy password. #hat means, this is the password you
would
give to someone under duress. Suppose that someone suspects
GGG that you were accessing sensitive information and they threaten to eat you or worse if you donot
reveal the password. #/IS is the password that you
7/26/2019 Security Must
8/24
GGG give to them. When you give someone this password, it will e nearly impossile for them to
prove
that it is not the 6I/# password. Eurther, they cannot
GGG even know that there is a second password.
/ere are some tips for your password&
*. =hoose a password you will A-7-6 forget. It may e ten years from now that you need it.
ake itsimple, like your irthday repeated three times.
+. ake sure it seems reasonale, that it appears to e a real password. If the password is
something
stupid like H1
7/26/2019 Security Must
9/24
photographs.
=. ood choices for what to put here include& ackups of documents, emails, financial documents,
etc.
. ;nce you have placed files into this folder, GA-7-6G place any more files in the future. oing
so may
damage your hidden content.
enerally, you want to store innocent data where some individual looking at it would find no causeagainst you, and yet at the same time they would understand why you used #rue=rypt to secure that
data.
Aow, go ahead and find files and store them in this folder. +e sure that you leave at least ten
gigaytes
free. #he more the etter.
When you are all done copying files into this folder, close the folder y clicking the H"H in the top
right
corner.
1D. click HAe"tH
1F. If prompted that H* program needs your permission to continueH, click H=ontinueH
14. H/idden 7olumeH, click HAe"tH3. #he default encryption and hash algorithms are fine, click HAe"tH
1. H/idden 7olume Si%eH, the ma"imum availale space is indicated in old elow the te"t o".
6ound
down to the nearest full unit. Eor e"ample, if 14.4D +
is availale, select 14 +. If 1.3 + are availale, select 11 +.
. If a warning dialog comes up, asking H*re you sure you wish to continueH, select HesH
. H!arge EilesH, select HesH and click HAe"tH.
5. H/idden 7olume EormatH, as efore move your mouse around for aout ten seconds randomly,
and
tehn click HEormatH.
D. If prompted H* program needs your permission to continueH, select H=ontinueH
F. * dialog will come up telling you that the hidden #rue=rypt volume has een successfully
created.
=lick H;kH
4. =lick H-"itH
=ongratulationsM ou have $ust set up an encrypted file container on your hard drive. *nything you
storehere will e inaccessile to anyone e"cept you. Eurther, you have protected this content with #W;
passwords. ;ne that you will give to someone under threat, and one that only you will know. Neep
7/26/2019 Security Must
10/24
your
real password well protected and never write it down or give it to anyone else for any reason.
Aow, we should test +;#/ passwords.
CCC >. #esting #rue=rypt 7olumes CCC
;nce you have completed the aove section, you will e ack at #rue=rypt. o ahead and follow
thesesteps to test the volumes you have made.
1. =lick HSelect Eile...H
. !ocate the file you created in the last section, most likely called Hrandom.t"tH or something
similar.
6ememer that even though there is oth an outer and
a hidden volume, oth volumes are contained in a single file. #here are not two files, only one.
7/26/2019 Security Must
11/24
flash drive. ou can copy files to it, directories, and use it $ust as you would use a us flash drive.
When you are done, simply close all open windows9folders9applications that are using your
truecrypt
drive letter, and then click HismountH from within #rue=rypt while you have the drive letter
highlighted. #his will once again hide all of this data, accessile only y re'mounting it with the
correct
password.
GGG 7-6 I0;6#*A# S*E-# IAE;6*#I;A GGG
When a true crypt hidden volume is mounted, someone who has access to your computer can access
anything that is inside that hidden volume. If for e"ample you left your computer running while a
truecrypt volume was mounted, then if someone gained access to your computer they would e ale
to
see everything you have in that volume. #herefore&
GGG *!W*S 6--+-6 #; IS;UA# *A #6U-=60# 7;!U- =;A#*IAIA
*A S-ASI#I7-
IAE;6*#I;A W/-A ;U *6- A;# USIA ;U6 =;0U#-6 GGG
ou can tell that it is dismounted ecause the drive letter inside of H#rue=ryptH8s control panel willappear the same as all of the other drive letters, with no information to the right of the drive letter.
ou should practice ounting and ismounting a few times with oth passwords to make sure you
understand this process.
;nce you have copied files9folders into the hidden volume, do GA;#G touch the files or folders in
the
outer volume anymore. 6ememer that oth volumes occupy the same single file, and therefore
changing the outer volume can damage the hidden volume. ;nce you have copied files9folders into
the
outer volume during the installation process, that is the last time you should do so. Erom that point
forward, use ;A! the hidden volume. #he outer volume e"ists only as a decoy if you need it.
CCC 5. Securing your isk CCC
#his is an involved step which many people may not e ale to do right away. If you cannot do this
step
immediately, then see section D.
*t this point you should understand how to create and use #rue=rypt hidden volumes in order to
safeguard any sensitive information. #herefore, you should GA;#G keep any such sensitive
information
on your hard disk. *t this stage, there are two possiilities&
1. ou have never had any sensitive information on your hard disk. In this case, read this section ut
youcan certainly skip it.
. Up until now, you have stored sensitive information on your hard disk. If so, then you US#
read this
section.
If you have ever used this computer to access sensitive information, then all of the security and
precautions in the world are totally useless and futile ecause all someone has to do is access what
is
left of that sensitive information. I cannot stress this enough.
ou can have the most secure #rue=rypt volumes, use #;6, and e the safest most secure user in
the
world. If you have not made sure that G*!!G remnants of any sensitive information are U##-6!6-;7- from your hard disk, then all of that effort is totally pointless. ou US# take these
actions to
7/26/2019 Security Must
12/24
safeguard your hard disk, or otherwise you might as well throw away this guide and follow none of
the
advice herein.
Eirst, I understand that it is troulesome to have to re'format a computer, to ack everything up, and
reinstall everything. /owever, if you have ever had sensitive information on your machine, that is
what
you have to do. #ake the following steps&1. ;tain a removale harddrive or us flash drive large enough to store anything you need to save.
. Set up a truecrypt hidden volume on that harddrive ig enough to hold all of that information.
. =opy *!! data you need to ack up9save into that hidden volume.
GGG I0;6#*A#, 6-* #/IS GGG
If you have ever used this system to access sensitive information, then you must assume that the
sensitive information or remnants of it can e GanywhereG on your hard disk. #herefore, you need
tomove G-7-6#/IAG you intend to save into the hidden truecrypt container. ou do not know
where
sensitive data might e, so you are assuming it can e anywhere. #his way you still have *!! of
your data
and you have lost nothing.
* good analogy is to"ic waste. ou don8t know which arrel might contain the to"ic waste, so you
treat
G*!!G the arrels as potentially to"ic. #his is the surest way you can protect yourself.
ou might e saying, HI have family photos, music, movies that I would have to move to the hidden
volume.H #hat is perfectly fine. 6ememer that you can access that hidden volume $ust as if it was a
drive letter. In fact, ideally, G*!!G of the content on your computer (assuming you value your
privacy)
should e protected anyways. ou lose nothing y securing all of that data.
5. ;nce you have copied everything you intend to copy. dismount your hidden volume, reoot your
computer, and re'mount your hidden volume to make sure everything is there.
D. Aow it is time to re'format your entire hard drive. 6e'install your operating system of choice
(such as
Windows D), and start with a clean slate.
F. ;nce you have reinstalled your operating system from scratch, follow sections one through five
of this
guide to reach this point, and then proceed.CCC D. #emporarily Securing our isk, Shredding Eree Space CCC
!ike the previous section, this section applies ;A! IE there is some risk that sensitive data has
ever
een stored or accessed on this computer. If you are 133P sure that sensitive information has never
een accessed using this computer, then you can safely skip this and the previous step.
If you are not prepared to take the actions in the previous step yet, then you should follow the steps
in
this section until you can. /owever, you US# eventually take the actions in step si" aove. o
not
assume you can find9delete all sensitive content. !ists of filenames, image thumnails, random
data, and more G*6-G sitting on your hard disk. Someone who knows how to find it, WI!!. #hatwill
render all of your other precautions totally futile.
7/26/2019 Security Must
13/24
*s soon as you can, follow the instructions in step si".
eanwhile, here is how you can temporarily safeguard yourself until you are ale to follow those
instructions.
1. o through your hard disk folder y folder, deleting (or moving to a truecrypt hidden volume)
any
files that you elieve are sensitive9risky.
. When you are totally sure that you have deleted all such files, go to the following U6!&http&99www.fileshredder.org
. 6un the file, most likely titled& fileKshredderKsetup.e"e
5. HWelcome to the Eile Shredder Setup Wi%ardH, =lick HAe"tH
D. Select HI accept the agreementH and click HAe"tH
F. It will choose where to install it, click HAe"tH
4. =lick HAe"tH again when prompted for the Start enu folder.
13. HSelect *dditional #asksH, =lick HAe"tH again11. =lick HInstallH
1. -nsuring that H!aunch Eile ShredderH is checked, click HEinishH
1. =hoose the drive letter for your hard disk, typically =&L, as well as any other drives you wish to
shred
the free space.
15. under HSelect Secure *lgorithmH, select HSecure -rasing *lgorithm with D passesH and click
HAe"tH
1D. =lick HStartH
#his will take some time to finish. ;nce you have finished shredding your free disk space, it will e
impossile or nearly impossile for someone to find one of your deleted files and piece it ack
together
to see what it once was. /owever, this is A;# enough.
Neep in mind that there may still e records of the filenames that were deleted, partial data from
those
files, image thumnails, and more that may e enough to incriminate you. #his is only a temporary
step
you have taken, and you asolutely must take the actions in step 5 aove in order to e truly safe.CCC F. Installing 7irtual+o"
*nd now we get to the fun part. We are going to create a secure environment for you to rowse the
internet and communicate in a way that is totally anonymous and untraceale. ou will have a setup
that is so secure as to e virtually impossile to reak.
1. Eirst, go to the following U6!& http&99www.virtualo".org
. Select HownloadsH in the menu on the left
. 6un the file.
5. HWelcome to the ;racle 7... Setup Wi%ardH, =lick HAe"tHD. click HAe"tH
F. =lick HAe"tH
7/26/2019 Security Must
14/24
4. HWarning& Aetwork InterfacesH, click HesH ut e aware that your internet connection will e
temporarily reset for a few seconds.
13. =lick HInstallH
11. * dialog saying H* program needs your permission to continueH may appear, click H=ontinueH.
1. ;ne or more dialogs asking if you want to install Hdevice softwareH may come up, select
HInstallH
each time.1
7/26/2019 Security Must
15/24
who
may not have a great deal of 6*.
Eirst, we are going to set up two different virtual machines. ;ne of them will e"ist for the sole
purpose
of making sure that the other one does not accidentally connect to the internet e"cept through #;6.
#his virtual machine re:uires very little. ou will not e using it for anything. It will simply act as a
gatekeeper to ensure that the other 7irtual achine is safe.#he second virtual machine will e what you use for internet rowsing, chatting, etc. #his virtual
machine will e configured in such a way that it can only use #;6 and nothing else. #he way we
will
achieve this is to force this second virtual machine to go through the first virtual machine for all
internet
connections.
o not worry if this seems complicated. *s with the rest of this guide, I am going to walk you
through
step y step e"actly what to do.
Eirst, we have to otain the operating systems we will need. In this case, we are going to use Hamn
Small !inu"H (yes that is it8s real name) for the firewall and we are going to use HUuntuH for themain
system. #he advantage to using Hamn Small !inu"H is that we only need . o to the HcurrentH directory if not already in it.
5. =lick on the file called& dsl'2.2.13.iso '' If you cannot find this file, choose the file closet to it. *
higher
version numer is fine. #he file will proaly e aout >3 +
D. #he file should take aout >'13 minutes to download ased on your connection.
( IE #/- *+;7- S#-0S W;6N- E;6 ;U, SNI0 #/IS IAI'S-=#I;A
(( If you had troule with the aove steps, read this mini'section
(
( With mirrors, it is often the case that a particular mirror site doesn8t work. *t the time of this
writing,
several mirrors worked. I am providing
( detailed instructions for each mirror.
(
( *ove I have already provided instructions for the mirror ftp&99ftp.is.co.%a
(
( I66;6& http&99gd.tuwien.ac.at9opsys9linu"9damnsmall
(( o to this U6!, and under HSudirectoriesH click on HcurrentH
( if availale, select the file called Hcurrent.isoH (provided the file is at least 24 + in si%e)
7/26/2019 Security Must
16/24
( If not, then choose the closest file to dsl'2.2.13.iso, a higher version ? is fine.
(
( I66;6& http&99ftp.elnet.e9packages9damnsmalllinu"9
(
( go to HcurrentH directory, otain either Hcurrent.isoH (if 24 + or higher) or find file closest to
Hdsl'
2.2.13.isoH)(
( I66;6& http&99ftp.heanet.ie9mirrors9damnsmalllinu".org9
(
( go to HcurrentH directory, otain either Hcurrent.isoH (if 24 + or higher) or find file closest to
Hdsl'
2.2.13.isoH)
( I66;6& http&99ftp.heanet.ie9mirrors9damnsmalllinu".org9
(
( go to HcurrentH directory, otain either Hcurrent.isoH (if 24 + or higher) or find file closest to
Hdsl'
2.2.13.isoH)*t this point, you should have the file either Hcurrent.isoH or Hdsl'2.2.13.isoH (or something similar)
fully
downloaded and saved into your ownloads directory.
Aow, go ahead and open up 7irtual+o" again, most likely y clicking it on the task ar.
F. =lick HAewH at the top left, an icon that resemles a many'pointed round star.
4. HWelcome to the Aew 7irtual achine Wi%ardH, click HAe"tH
13. H7 Aame and ;S #ypeH& Under HAameH type in& Eirewall
11. Eor ;perating System, choose H!inu"H
1. Eor H7ersionH, choose& H;ther !inu"H
1. H7irtual /ard iskH, Uncheck H+oot /ard iskH and click HAe"tH
15. If a Warning dialog appears, click H=ontinueH
1D. =lick HEinishH
1F. Aow you will notice HEirewall, 0owered ;ffH visile in your 7irtual+o" control panel. ake
sure it is
highlighted (it should e) and then right click it, and select HSettingsH.
14. Select HAetworkH in the menu to the left.
3. =lick on the H*dapter H ta.
1. =heck H-nale Aetwork *dapterH and ne"t to where it says H*ttached toH, select HInternal
AetworkHfrom the pulldown menu.
. =lick H;kH at the ottom.
. HWelcome to the Eirst 6un Wi%ardH, click HAe"tH
5. HSelect Installation ediaH, under Hedia SourceH is a pull down menu. #o the immediate right
of
that pull down menu is an icon with a folder. =lick that folder icon.
D. !ocate Hcurrent.isoH or Hdsl'2.2.13.isoH (or the similar file name) that you downloaded. Whenlocated, click H;penH. It is likely in the HownloadsH directory of your home folder.
F. =lick HAe"tH
7/26/2019 Security Must
17/24
4. =lick HEinishH
Aow the virtual machine will start to oot up. Simply wait... (#his may take up to > minutes.)
7/26/2019 Security Must
18/24
( If you cannot see the full virtual machine window, for e"ample ecause your screen resolution is
set so
that some of the window goes too low, read this mini'section.
(
( Eirst, press 6I/# =#6!QI until you have your main windows white mouse cursor ack. Aow,
click on
HachineH in the menu at the top of the window.( Select HSwitch to Scale odeH
(
( =lick HSwitchH
( Aow you will have converted your firewall window to a smaller si%e, and you will e ale to
resi%e it.
ou may need to press Hright ctrlH to get a windows mouse cursor
( which you will need in order to resi%e this window. Aow simply resi%e it to the si%e that works for
you,
and then click into the window to e ale to use the lack mouse
( cursor inside the virtual machine. I recommend you ma"imi%e this window to make sure you can
readeverything clearly.
. 6ight click anywhere on the desktop, go to System (a red folder), go to aemons, ssh, and start.
7/26/2019 Security Must
19/24
1 minutes)
2. #he filename is going to e similar to& uuntu'13.13'desktop'i. 6eturn to your H7irtual+o" anagerH. It doesn8t matter if the firewall is running or not.
5. =lick HAewH (the lue round star'icon in the top left) again.
D. HWelcome to the Aew 7irtual achine Wi%ardH, click HAe"tH
F. H7 Aame and ;S #ypeH, under HAameH, type H0rimaryH
4. Ae"t to H;perating SystemH, select H!inu"H
13. Ae"t to H7ersionH, select HUuntuH and =lick HAe"tH
11. HemoryH, y default it selects >1 +. #his is fine. >5 + is the IAIU. #he more
memory
you allocate, the etter the virtual machine will function. =lick HAe"tH
1. H7irtual /ard iskH, ake sure H+oot /ard iskH is checked. ake sure H=reate new hard
diskH is
selected. =lick HAe"tH
1
7/26/2019 Security Must
20/24
Aow we wait for 7irtual+o" to create the hard drive we asked for. #his may take a few minutes.
Neep in mind this entire virtual machine as well as any of its contents are going to reside within the
hidden truecrypt container. #his ensures e"tra security.
7/26/2019 Security Must
21/24
stall at some points. *s long as the uuntu mouse cursor shows an animation that is turning around
in
circles, the installation GisG working. Simply wait until it is done. If after an hour or two the
progress ar
hasn8t moved at all, then go ahead and re'start the installation starting from step 2 (after closing the
window and powering down the virtual machine).
epending on your computer, it could take '2 hours. ost likely, it will take aout an hour. ;ncefinished, you will see a dialog that says HInstallation =ompleteH with a utton that says H6eoot
AowH.
o A;# press the H6eoot AowH utton. =lose the 8@8 on this window, and 0ower own.
21. Aow, right click H0rimaryH and go to HSettingsH.
2. =lick on HStorageH in the left menu. #hen click on the Huuntu'13.13... .isoH under where it says
HI-
=ontrollerH
2. =lick H;kH
25. Aow, making sure that H0rimaryH is highlighted, click the HStartH utton at the top with the large
green arrow.
Aow we wait for your newly installed Uuntu machine to oot up.
2D. *fter a few minutes, you will see a dialog appear that says Hmainuser'7irtual+o"H. o ahead
and click
on HmainuserH which has the Hperson iconH to the left of it.
2F. Aow it will prompt you for your password. -nter the password you used in the installation
process.
24. *fter a minute or so, you should hear a nice login sound, and you should e fully logged into
your
virtual machine.
>3. Neep waiting, and a dialog will appear that says HInformation avialaleH and H6ecord your
encryption
passphraseH =lick on& H6un this action nowH
>1. #ype in the same password you used to log in. *fter that window closes, click H=loseH in the
dialog
o".
=ongratulationsM ou have now set up a virtual machine as well as a firewall to protect it. Aow we
need
to finish configuring the primary virtual machine.
CCC 1. Uuntu Initial Setup CCC
;k, now that we have installed Uuntu, we need to set it up so that we can use it fully. #his also
means making sure we can see flash on wesites such as youtue.
1. Eirst, we have to install any updates that are pending. *t the ottom of your screen, you should
notice where it says HUpdate anagerH. =lick on that.
. Aow, click on HInstall UpdatesH. If you did not see HUpdate anagerH, then skip these two
steps.
7/26/2019 Security Must
22/24
proceed to the ne"t step. While you wait, Uuntu may go into screensaver mode. If so, $ust move
the mouse and it will ask you for your password. #hat will leave screensaver mode.
If the updates are more than a hundred megaytes, it will take :uite a while. It may take up to '