BrightSpace666
Member
In this shorter post you will find the second part of CyberSecurity On Linux. This post won't be as substantial as the previous one, but I hope it will be more useful. What I wrote in the comments of the previous post will of course be included here.
I would start with systems and work our way up.
Encrypting Your Disk - Secure systems are essential to keep your computer safe and to prevent unauthorised access from the outside or the inside.
By selecting Encryption in the installation interface, you can choose a security key to access your system. If, for example, someone takes your computer and tries to break in, there is nothing they can do because of the lack of a security key.
After the security key, you have to enter the user's password, and if you were really wise, you would have chosen a long, bulky and complicated password for both. In Linux Mint, for example, you have the option to encrypt the "Home Folder".
Although Ubuntu also has this option, I'm not sure about this as I've used Ubuntu for very little time and I can honestly say that I didn't like it that much, but it's a matter of taste. You can start the secure use of Linux systems by selecting "Encryption" in the installer.
If you don't take advantage of this, it's not a monumental problem, as Linux systems are secure without it, but if you have the option, take it.
Recommended Systems - I won't go into details as many people are already familiar with them, but I've included a link so you can explore them too.
Qubes OS - https://www.qubes-os.org/ (It is for for expert, because this is not an easy system, and it system requirements is not small. If you have a good system with good stuff, and if you think that Security is important, you can use it.)
Whonix (VirtualBox) - Whonix is a secure system that runs over the Tor network and runs through VirtualBox. You can simply download it from the Whonix site and install it in VirtualBox. There are two systems running between it, Whonix Gateway and Whonix Workstation. The browser on the system is the Tor browser and the whole system runs under the Tor network. Whonix is a very secure choice, and if you turn on a VPN or two on your system, do the things described in this post, start I2P, and then start the Whonix system through VirtualBox, your anonymity is increased monumentally.
https://www.whonix.org/ (VirtualBox)
Tails OS - https://tails.boum.org/ (Tor system, with high Security.)
Fedora Linux - https://getfedora.org/ (High security system.)
PureOS - https://www.pureos.net/ (High security system.)
Kali Linux - https://www.kali.org/ (For Ethical Hackers. It has a lot of expert software.)
Linux Mint - https://linuxmint.com/ (Good for beginners of Linux, and good for Experts of Linux.)
Ubuntu - https://ubuntu.com/ (Same as Linux Mint.)
Arch Linux - https://archlinux.org/ (Not easy system.)
Of course, these are only a small part of the many systems available, but these are the ones I have experience with, which is why I mentioned them. For security reasons, you may want to choose one of these systems.
Browsers - Using the right browsers is essential for anonymity on the internet. For example, you don't want to remain anonymous if you use jewgle Chrome, as this is a very bad way to do it due to terrible scripts, cookies and trackers.
Incognito mode is a basic requirement.
In addition to choosing a constructive browser, it is highly recommended to use add-ons that prioritise anonymity and security. In the previous section, I have provided a number of add-ons that help, but now I will add 1-2 more add-ons.
More Add-ons For The Internet
uMatrix (You can block a lot of things with it, which is very useful.)
UserAgent Switcher - Important if you want them not to know what system you are using. For example, if you are using Ubuntu and you set the addon to show Fedora Linux, then websites will see the system of your choice, Fedora, hiding from the websites the real system you are using.
Browsers For Daily Use
Firefox - Works well with the right security settings.
Brave Browser - Same as above.
Tor Browser - The Tor browser is primarily for anonymity, not security. You can run into a bad website just as easily as with any other browser. Tor focuses primarily on anonymity.
The default browser on Linux systems is Firefox, but that doesn't mean you can't change or replace it.
Search Engines
Once you have chosen the right browser, you should choose search engines that are secure and do not track you. There are several, but there is no perfect search engine, as someone will always have a bad one. But there is nothing wrong with that.
DuckDuckGo - although I mentioned in the previous post for lack of information that it's worth using, although I'll say now that you shouldn't use it. It sets itself up safely, but that's just the surface, and what happens under the surface?
Ecosia - You are serving a good purpose if you use this search engine for your everyday searches. No script is needed for it, maybe just images, no cookies. I can't find any bugs with it, the only downside is that it supposedly stores your IP address.
(Whether search engines store IP addresses is only "supposedly" what I'm referring to, since you can't be 100% sure.)
Mojeek - No script or cookie required, and supposedly does not store your IP address. The only drawback, I think, is that the search results are very poor, so you may not find what you're actually looking for while using Mojeek.
MetaGer - Does not require a Script or Cookie, just CSS if I remember correctly. Search results are pretty good and I'm not sure if they store IP addresses, although I think they do.
Peekier - Script required, Cookie included. It does not store IP addresses and has pretty good search results.
StartPage - https://www.startpage.com/
There are certainly other search engines out there, but I'll highlight the ones I have experience with.
I recommend the Ecosia, Peekier and MetaGer search engines, because they have good search results.
Email Providers
Although, speaking of Email, you have to choose well. This is where everyday correspondence can happen, and it doesn't matter whether a message gets to its destination via a secure route or not. I will not leave the description here either, as many people are familiar with it, and those who want to discover it for themselves can understand it better.
We could talk about which Email service provider is the right one. All providers have their flaws, so no Email is perfect, but it is worth choosing one that has encryption and security settings. Below are some of these.
Several Email requires JavaScript and Cookies, but it doesn't mean that they are unsafe. These Emails are safe I think, and they are useful for the daily usage.
ProtonMail - https://proton.me/mail
MailFence - https://mailfence.com/
Tutanota Mail - https://tutanota.com/
RiseupMail (Requires invitation) - https://riseup.net/el/email/webmail
On I2P - I2P Mail (If you start I2P and type "127.0.0.1:7657" into your browser, you will be taken to the I2P interface. You will find the Email on the left and you can register).
On Tor - TorBox or Mail2Tor.
VPNs
In addition to these settings and options, you'll also need a VPN provider to use the internet safely. A VPN hides your IP address and connects to a encrypted IP address. Although it doesn't hide your identity, it does increase your security when you surf the internet.
Not all VPN providers guarantee you an encrypted and secure network. Some only claim that they don't log or monitor your activity, but this is just a distraction. When it comes to the more secure VPNs, here are a few.
ProtonVPN - https://protonvpn.download/ (Free)
RiseupVPN - https://riseup.net/el/vpn (Free, no account required)
Mullvad VPN - https://mullvad.net/en/ (You have to pay for it.)
Hide.me VPN - https://hide.me/en/ (I don't know much about this VPN, but I recommended it in another post. I think it's free and useful when people are talking about security).
Proxies
To set up proxies, you need a running program. To set up a Tor proxy in your browser, you need torservice and Privoxy. I've attached a post here that demonstrates this.
Proxies can also hide your identity and IP address if set up correctly. If you do all of the following and use it properly in your browser, (127.0.0.1 : 8118) they can do this. However, if you want to use Clearnet with an I2P proxy (127.0.0.1 : 4444), this will not work, as the above setting is specific to I2P sites (.i2p).
I found a solution to hide the IP address without using a VPN. For this you need a program called - Privoxy. In the configuration file you can configure how you want to use the program itself. In this short section, I'll show you how to do this, and I'll also show you another encrypted and anonymous network that you can use to hide your IP address and browse the Internet safely.
Select your system and download - https://www.privoxy.org/sf-download-mirror/
You can also download it from terminal - sudo apt install privoxy -y, or if you are root, apt-get install privoxy -y. As you need the Tor network for this, you don't need to download Tor as if you've done the steps in this post it's already on your system, but if not, download the Tor browser from the Tor website, unzip it and type - sudo apt install tor -y in Terminal, or if you're root - apt-get install tor -y.
After downloading Privoxy as root (sudo -i, then password), open the Privoxy configuration file - nano /etc/privoxy/config. Scroll to the bottom and add the following - "forward-socks5t / 127.0.0.1:9050 ."Just copy and paste it, but without the quotes. You have done the first step. Check in Terminal to see if they are running. "service tor status", if it is active, you did it right. Then "systemctl service privoxy", if active, you did it right.
Then go to Firefox settings, "General", scroll to the very end, "Network Settings", then HTTP Proxy, HTTPS Proxy and SOCKS Host, type - 127.0.0.1 (same for all three).
Then next to each one, type "Port" - 8118. Then save and look up your IP address. If Tor and Privoxy are active on your system, you've done well.
Lokinet
Lokinet is an anonymous network through which browsing, identity, IP address and location are hidden. Your browsing is secret, secure and private.
On Linux you can download it from https://lokinet.org (GUI) and install it. Go to the GUI section and copy and paste the commands it shows into Terminal one by one. Once downloaded, type Terminal - lokinet-gui and the interface will appear for you. In the "Exit Nodes" section type - "exit.loki", without quotes. Then turn it on underneath, and if "exit.loki" turns into a long string of numbers and letters, you've done well.
In the Terminal, you can check if the network is running - "systemctl status lokinet", if it is active, you did it right. In addition to the above, if you want to stop Privoxy, type - "systemctl stop privoxy", and Tor - "service tor stop". Lokinet - "systemctl stop lokinet, or if you want to start it, "systemctl start lokinet", if you want to start Privoxy, "systemctl start privoxy, or if you want to start Tor, "service tor start".
I hope it was helpful. If you set these up, then connect to a VPN (or two, as I mentioned) and use a browser with the right settings to increase security, you're on the right track.
Anon Networks
I2P - https://geti2p.net/en/
Freenet - https://freenetproject.org/
Lokinet - https://lokinet.org
GNUNet - https://www.gnunet.org/en/
RetroShare - https://retroshare.cc/
Files Encryption
VeraCrypt - If you want additional encryption for your files under your already encrypted Linux system, you can use VeraCrypt. In it you can encrypt partitions or even files. You can choose multiple encryption types for a file, and you can perform two Encryptions within a virtual storage. The essence in a nutshell - you create an encrypted virtual space for yourself and encrypt it with a password, then PIM and log in. You store files there, but in this encrypted space there is also a hidden encrypted space where you store more important files.
When you unlock the first encrypted space, the second one doesn't show up, you have to unlock it manually, then once unlocked, you enter the password and PIM if you chose that too, and log in. This is your file encrypted in several ways, if you chose this at the beginning it is also hidden, plus you have to enter two passwords (I recommend you choose the PIM too, it's like a PIN, it's made up of numbers).
You can also generate a "key file" yourself, this is an even bigger security detail, because without these you cannot enter your files. You can store anything here, be it Project works, or passwords, or text documents, anything, and it's your own encrypted part under an encrypted Linux system.
The Tutorial video - https://incogtube.com/watch?v=4SBWc_cQm-Y
Jewtube Alternatives
IncogTube - incogtube.com / tube.i2p (I2P Site)
DNS
NextDNS - nextdns.io
You can configure it to your browser, system or your router. On the site of NextDNS you can found the instruction.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
As I said, this post is not about phenomena like the previous ones (e.g. MAC, SSH, iptables), but about their further development. In the previous post, I stated the benefits of Encryption the system and covered a lot of things in it.
In this post I have continued that, but here the focus is much more on Internet anonymity. We covered a lot of it in the previous post, and this post is a continuation of that. I'm not a CyberSecurity expert, so bear that in mind.
I have only experience with this and I think it is worth sharing with SS. It's important to me that all aspects of SS are secure. If it were up to me, every single letter and acronym would be encrypted, in monumental amounts.
It makes me feel good to think that SS is safe on the internet.
We are one big family and I feel that everything we have done and are doing is moving us forward as individuals and as a family. We are taking steps to eradicate ignorance and internet safety is part of those steps.
Useful Site - https://digdeeper.club/
This page contradicts this post in several ways, but as there is no fully encrypted or secure email, browser or VPN, the choice is by no means plentiful. The ones I have listed here, and choosing one of them, is sufficient to allow one to communicate and search securely or secretly.
Compared to what the average person uses to surf the internet every day, the ones listed here provide monumental security. No program allows you to be completely secret and anonymous.
BrightSpace666
I would start with systems and work our way up.
Encrypting Your Disk - Secure systems are essential to keep your computer safe and to prevent unauthorised access from the outside or the inside.
By selecting Encryption in the installation interface, you can choose a security key to access your system. If, for example, someone takes your computer and tries to break in, there is nothing they can do because of the lack of a security key.
After the security key, you have to enter the user's password, and if you were really wise, you would have chosen a long, bulky and complicated password for both. In Linux Mint, for example, you have the option to encrypt the "Home Folder".
Although Ubuntu also has this option, I'm not sure about this as I've used Ubuntu for very little time and I can honestly say that I didn't like it that much, but it's a matter of taste. You can start the secure use of Linux systems by selecting "Encryption" in the installer.
If you don't take advantage of this, it's not a monumental problem, as Linux systems are secure without it, but if you have the option, take it.
Recommended Systems - I won't go into details as many people are already familiar with them, but I've included a link so you can explore them too.
Qubes OS - https://www.qubes-os.org/ (It is for for expert, because this is not an easy system, and it system requirements is not small. If you have a good system with good stuff, and if you think that Security is important, you can use it.)
Whonix (VirtualBox) - Whonix is a secure system that runs over the Tor network and runs through VirtualBox. You can simply download it from the Whonix site and install it in VirtualBox. There are two systems running between it, Whonix Gateway and Whonix Workstation. The browser on the system is the Tor browser and the whole system runs under the Tor network. Whonix is a very secure choice, and if you turn on a VPN or two on your system, do the things described in this post, start I2P, and then start the Whonix system through VirtualBox, your anonymity is increased monumentally.
https://www.whonix.org/ (VirtualBox)
Tails OS - https://tails.boum.org/ (Tor system, with high Security.)
Fedora Linux - https://getfedora.org/ (High security system.)
PureOS - https://www.pureos.net/ (High security system.)
Kali Linux - https://www.kali.org/ (For Ethical Hackers. It has a lot of expert software.)
Linux Mint - https://linuxmint.com/ (Good for beginners of Linux, and good for Experts of Linux.)
Ubuntu - https://ubuntu.com/ (Same as Linux Mint.)
Arch Linux - https://archlinux.org/ (Not easy system.)
Of course, these are only a small part of the many systems available, but these are the ones I have experience with, which is why I mentioned them. For security reasons, you may want to choose one of these systems.
Browsers - Using the right browsers is essential for anonymity on the internet. For example, you don't want to remain anonymous if you use jewgle Chrome, as this is a very bad way to do it due to terrible scripts, cookies and trackers.
Incognito mode is a basic requirement.
In addition to choosing a constructive browser, it is highly recommended to use add-ons that prioritise anonymity and security. In the previous section, I have provided a number of add-ons that help, but now I will add 1-2 more add-ons.
More Add-ons For The Internet
uMatrix (You can block a lot of things with it, which is very useful.)
UserAgent Switcher - Important if you want them not to know what system you are using. For example, if you are using Ubuntu and you set the addon to show Fedora Linux, then websites will see the system of your choice, Fedora, hiding from the websites the real system you are using.
Browsers For Daily Use
Firefox - Works well with the right security settings.
Brave Browser - Same as above.
Tor Browser - The Tor browser is primarily for anonymity, not security. You can run into a bad website just as easily as with any other browser. Tor focuses primarily on anonymity.
The default browser on Linux systems is Firefox, but that doesn't mean you can't change or replace it.
Search Engines
Once you have chosen the right browser, you should choose search engines that are secure and do not track you. There are several, but there is no perfect search engine, as someone will always have a bad one. But there is nothing wrong with that.
DuckDuckGo - although I mentioned in the previous post for lack of information that it's worth using, although I'll say now that you shouldn't use it. It sets itself up safely, but that's just the surface, and what happens under the surface?
Ecosia - You are serving a good purpose if you use this search engine for your everyday searches. No script is needed for it, maybe just images, no cookies. I can't find any bugs with it, the only downside is that it supposedly stores your IP address.
(Whether search engines store IP addresses is only "supposedly" what I'm referring to, since you can't be 100% sure.)
Mojeek - No script or cookie required, and supposedly does not store your IP address. The only drawback, I think, is that the search results are very poor, so you may not find what you're actually looking for while using Mojeek.
MetaGer - Does not require a Script or Cookie, just CSS if I remember correctly. Search results are pretty good and I'm not sure if they store IP addresses, although I think they do.
Peekier - Script required, Cookie included. It does not store IP addresses and has pretty good search results.
StartPage - https://www.startpage.com/
There are certainly other search engines out there, but I'll highlight the ones I have experience with.
I recommend the Ecosia, Peekier and MetaGer search engines, because they have good search results.
Email Providers
Although, speaking of Email, you have to choose well. This is where everyday correspondence can happen, and it doesn't matter whether a message gets to its destination via a secure route or not. I will not leave the description here either, as many people are familiar with it, and those who want to discover it for themselves can understand it better.
We could talk about which Email service provider is the right one. All providers have their flaws, so no Email is perfect, but it is worth choosing one that has encryption and security settings. Below are some of these.
Several Email requires JavaScript and Cookies, but it doesn't mean that they are unsafe. These Emails are safe I think, and they are useful for the daily usage.
ProtonMail - https://proton.me/mail
MailFence - https://mailfence.com/
Tutanota Mail - https://tutanota.com/
RiseupMail (Requires invitation) - https://riseup.net/el/email/webmail
On I2P - I2P Mail (If you start I2P and type "127.0.0.1:7657" into your browser, you will be taken to the I2P interface. You will find the Email on the left and you can register).
On Tor - TorBox or Mail2Tor.
VPNs
In addition to these settings and options, you'll also need a VPN provider to use the internet safely. A VPN hides your IP address and connects to a encrypted IP address. Although it doesn't hide your identity, it does increase your security when you surf the internet.
Not all VPN providers guarantee you an encrypted and secure network. Some only claim that they don't log or monitor your activity, but this is just a distraction. When it comes to the more secure VPNs, here are a few.
ProtonVPN - https://protonvpn.download/ (Free)
RiseupVPN - https://riseup.net/el/vpn (Free, no account required)
Mullvad VPN - https://mullvad.net/en/ (You have to pay for it.)
Hide.me VPN - https://hide.me/en/ (I don't know much about this VPN, but I recommended it in another post. I think it's free and useful when people are talking about security).
Proxies
To set up proxies, you need a running program. To set up a Tor proxy in your browser, you need torservice and Privoxy. I've attached a post here that demonstrates this.
Proxies can also hide your identity and IP address if set up correctly. If you do all of the following and use it properly in your browser, (127.0.0.1 : 8118) they can do this. However, if you want to use Clearnet with an I2P proxy (127.0.0.1 : 4444), this will not work, as the above setting is specific to I2P sites (.i2p).
I found a solution to hide the IP address without using a VPN. For this you need a program called - Privoxy. In the configuration file you can configure how you want to use the program itself. In this short section, I'll show you how to do this, and I'll also show you another encrypted and anonymous network that you can use to hide your IP address and browse the Internet safely.
Select your system and download - https://www.privoxy.org/sf-download-mirror/
You can also download it from terminal - sudo apt install privoxy -y, or if you are root, apt-get install privoxy -y. As you need the Tor network for this, you don't need to download Tor as if you've done the steps in this post it's already on your system, but if not, download the Tor browser from the Tor website, unzip it and type - sudo apt install tor -y in Terminal, or if you're root - apt-get install tor -y.
After downloading Privoxy as root (sudo -i, then password), open the Privoxy configuration file - nano /etc/privoxy/config. Scroll to the bottom and add the following - "forward-socks5t / 127.0.0.1:9050 ."Just copy and paste it, but without the quotes. You have done the first step. Check in Terminal to see if they are running. "service tor status", if it is active, you did it right. Then "systemctl service privoxy", if active, you did it right.
Then go to Firefox settings, "General", scroll to the very end, "Network Settings", then HTTP Proxy, HTTPS Proxy and SOCKS Host, type - 127.0.0.1 (same for all three).
Then next to each one, type "Port" - 8118. Then save and look up your IP address. If Tor and Privoxy are active on your system, you've done well.
Lokinet
Lokinet is an anonymous network through which browsing, identity, IP address and location are hidden. Your browsing is secret, secure and private.
On Linux you can download it from https://lokinet.org (GUI) and install it. Go to the GUI section and copy and paste the commands it shows into Terminal one by one. Once downloaded, type Terminal - lokinet-gui and the interface will appear for you. In the "Exit Nodes" section type - "exit.loki", without quotes. Then turn it on underneath, and if "exit.loki" turns into a long string of numbers and letters, you've done well.
In the Terminal, you can check if the network is running - "systemctl status lokinet", if it is active, you did it right. In addition to the above, if you want to stop Privoxy, type - "systemctl stop privoxy", and Tor - "service tor stop". Lokinet - "systemctl stop lokinet, or if you want to start it, "systemctl start lokinet", if you want to start Privoxy, "systemctl start privoxy, or if you want to start Tor, "service tor start".
I hope it was helpful. If you set these up, then connect to a VPN (or two, as I mentioned) and use a browser with the right settings to increase security, you're on the right track.
Anon Networks
I2P - https://geti2p.net/en/
Freenet - https://freenetproject.org/
Lokinet - https://lokinet.org
GNUNet - https://www.gnunet.org/en/
RetroShare - https://retroshare.cc/
Files Encryption
VeraCrypt - If you want additional encryption for your files under your already encrypted Linux system, you can use VeraCrypt. In it you can encrypt partitions or even files. You can choose multiple encryption types for a file, and you can perform two Encryptions within a virtual storage. The essence in a nutshell - you create an encrypted virtual space for yourself and encrypt it with a password, then PIM and log in. You store files there, but in this encrypted space there is also a hidden encrypted space where you store more important files.
When you unlock the first encrypted space, the second one doesn't show up, you have to unlock it manually, then once unlocked, you enter the password and PIM if you chose that too, and log in. This is your file encrypted in several ways, if you chose this at the beginning it is also hidden, plus you have to enter two passwords (I recommend you choose the PIM too, it's like a PIN, it's made up of numbers).
You can also generate a "key file" yourself, this is an even bigger security detail, because without these you cannot enter your files. You can store anything here, be it Project works, or passwords, or text documents, anything, and it's your own encrypted part under an encrypted Linux system.
The Tutorial video - https://incogtube.com/watch?v=4SBWc_cQm-Y
Jewtube Alternatives
IncogTube - incogtube.com / tube.i2p (I2P Site)
DNS
NextDNS - nextdns.io
You can configure it to your browser, system or your router. On the site of NextDNS you can found the instruction.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
As I said, this post is not about phenomena like the previous ones (e.g. MAC, SSH, iptables), but about their further development. In the previous post, I stated the benefits of Encryption the system and covered a lot of things in it.
In this post I have continued that, but here the focus is much more on Internet anonymity. We covered a lot of it in the previous post, and this post is a continuation of that. I'm not a CyberSecurity expert, so bear that in mind.
I have only experience with this and I think it is worth sharing with SS. It's important to me that all aspects of SS are secure. If it were up to me, every single letter and acronym would be encrypted, in monumental amounts.
It makes me feel good to think that SS is safe on the internet.
We are one big family and I feel that everything we have done and are doing is moving us forward as individuals and as a family. We are taking steps to eradicate ignorance and internet safety is part of those steps.
Useful Site - https://digdeeper.club/
This page contradicts this post in several ways, but as there is no fully encrypted or secure email, browser or VPN, the choice is by no means plentiful. The ones I have listed here, and choosing one of them, is sufficient to allow one to communicate and search securely or secretly.
Compared to what the average person uses to surf the internet every day, the ones listed here provide monumental security. No program allows you to be completely secret and anonymous.
BrightSpace666
