Posts tagged security
Staying absolutely safe on the Internet is nearly impossible. However, there are certain tools and software to help achieve at least a comfortable amount of anonymity and privacy. Here I will explain how to setup a safe environment using PC-BSD (FreeBSD), Tor, Polipo and xxxterm.
xxxterm – a minimalist secured browser
xxxterm is a minimalist web browser with sophisticated security features built-in rather than through an add-on. In addition to providing a familiar mouse-based interface like other web browsers, it offers a set of vi-like keyboard commands for users who prefer to keep their hands on the home row of their keyboard. The default settings provide a secure environment. With simple keyboard commands, the user can “whitelist” specific sites, allowing cookies and scripts from those sites. It is ISC licensed.
Tor – The Onion router
Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.
Polipo – a caching web proxy
Polipo is a small and fast caching web proxy (a web cache, an HTTP proxy, a proxy server). While Polipo was designed to be used by one person or a small group of people, there is nothing that prevents it from being used by a larger group.
PC-BSD – a FreeBSD based Operating System
PC-BSD is a user friendly desktop Operating System based on FreeBSD. Known widely for its stability and security in server environments, FreeBSD provides an excellent base on which to build a desktop operating system. PC-BSD uses a host of popular open source window managers and uses a custom-tailored application installer that puts popular applications in easy reach of users.
How to install and use them?
This is very easy, like drinking a cup of coffee (a home made good one please!)
Software installation(user is root)
portmaster www/xxxterm www/polipo security/tor
cp /usr/local/etc/tor/torrc.sample /usr/local/etc/tor/torrc
- Add/Modify the following lines in /usr/local/etc/tor/torrc
cp /usr/local/etc/polipo/config.sample /usr/local/etc/polipo/config
- Add/Modify the following lines in /usr/local/etc/polipo/config
socksParentProxy = "localhost:9050" diskCacheRoot = "" daemonise = true logSyslog = true
Start tor and polipo daemons
Configure xxxterm (with your regular user)
echo “http_proxy = http://127.0.0.1:8123/” >> ~/.xxxterm.conf
Start browsing the internet safe.
Careful internet is watching you!!!
Using the software discussed here cannot protect you against bad behavior. For instance, it is not very wise to login using your user name and passwords (especially if you use the same password everywhere) on to websites like GMail or Facebook. Using this software will not protect you from malicious Internet sites that collect your personal information or sites that phish you. Also, software is not perfect. It may contain bugs and security holes. Do not rely completely on this software. Be careful. As pointed out by one reader, this configuration, without hiding clients DNS requests, can be dangerous in the case someone wants to find you. Therefore it’s absolutely important to run xxxterm with a socks proxy, this way the DNS query will be executed inside the tor network, giving you much more protection. To do this you can install torsock and execute xxxterm through usewithtor
portmaster net/torsocks usewithtor xxxterm
Don’t forget to comment the proxy in the xxxterm.conf
I’ve set some different options to securing the history file in comparison with the original document.
control=`who -m |tr -s ‘_’ ‘!’ |tr -s ‘ ‘ ‘_’|tr -s ‘ ‘ ‘_’|tr -s ‘(‘ ‘_’ |tr -s ‘)’ ‘_’ |cut -d ‘_’ -f 1,6 | tr -s ‘!’ ‘_’`
export HISTFILE HISTSIZE HISTFILESIZE
Hope this can help!