Category: Security

Computer Security

Create your own Virtual Private Network with NeoRouter

Neorouter is a free application designed to remotely connect to other computers securely with just a couple of clicks and little configuration, it can be used to help a friend or family member troubleshoot computer problems giving you remote access to their machine or you can use it to connect to your home server or computer from work, to save in electrical bills the home computer can be left on standby and Neorouter will instruct it to wake up when you connect for the first time.

This VPN software allows you to bypass corporate firewalls that block P2P traffic, similar applications (e.g. Hamachi) get around firewalls routing traffic through a central server that can be at times slow depending on the number of users, Neorouter improves VPN speed relaying traffic through your router instead of a central server, it can be set up to use an HTTP or socks4/5 proxy server if necessary.

Private VPN network NeoRouter

The application is available for Windows, Mac, Linux, FreeBSD and Android, consisting of a client and a server that will work as a central hub creating a virtual LAN, the server can be set up on any router using open source firmware, like OpenWRT and Tomano. There is no limit to how many computers can be networked with this application creating a P2P friends only network where to share files, play games and communicate with each other in private, the connection will always be encrypted. Capabilities can be expanded with its built-in add-ons including VNC client, Telnet/SSH and SFTP, there is also a built-in firewall.

Travellers will be happy to know that you can download a portable Neorouter VPN client that can be run from within a USB thumbdrive and does not need administrator rights.

Visit Neorouter homepage

3 November, 2012
Securely wipe free space, folders and files with xShredder

xShredder is a free open source tool to securely wipe hard drive free space and files, the program has numerous standard data wiping algorithms available, these include US Air Force 5020, British HMG IS5 Enhanced, Canadian RCMP TSSIT OPS II, US DOD 5220 22MECE, Russian GOST P50739 and others. If a file is found locked, which often happens when in use by Windows, it will be wiped after a computer reboot

You can create automated tasks and schedule data wiping, xShredder includes a tool called xExplorer that lets you see all files in your hard drive, including system files stored in the system32 folder hidden by Windows, selecting a folder you can add it to a shredding job or use the “Tools” menu to start a Wizard guiding you through the data wiping process. The wizard will show a series of tick boxes pointing to locations where Windows stores temporary data, like the Prefetch folder, hybernation file pagefile.sys, recently opened documents and Internet browser history, cookies and cache, it was all pretty basic and it did not include .sol Flash player cookies stored in the /Macromedia/Flash Player/#SharedObjects folder.

xShredder data wiping algorithm options

This software should thwart elemental data recovery tools but there is nothing guaranteeing you that there are copies of the file you are destroying in other Windows temp and backup directories and a computer forensics expert will know where to look for. xShredder includes additional system maintenance tools, like format drive, HDD and MFT boot defragmenter with a complete system information viewer showing hardware details.

I found this data shredder very difficult to use due to its complicated interface and lack of help manual, I also found it easy to erase files by mistake with no confirmation option given before starting the erasing process. I like the features that xShredder offers, specially the ability to write your own addons to erase data left behind by specific software, but in my opinion the developer should get rid of non data wiping utilities, like the defragmenter, and focus on creating a top data wiping tool that any beginner can use without having to go through a dozen of clicks and hidden options.

Visit xShredder homepage

23 October, 2012
MonkeySphere OpenPGP Web of Trust Certificate Authority

MonkeySphere is a set of tools to securely exchange digital OpenPGP certifications, when faced with having to buy digital certificates from a expensive Certificate Authority with its own rules or offering non recognised digital certificates that will trigger a security warning, MonkeySphere allows administrators to create their own OpenPGP certificates, publish them to the web of trust for validation and certify it themselves. It can be used for https websites or SSH server authentication, it comes included with the Tails operating system set up to use Indymedia’s key server .onion hidden service (hkp://2eghzlv2wwcq7u7y.onion) using hkps:// and available through the internet on keys.indymedia.org, users can verify TLS certificates using MonkeySphere Firefox addon, compatible with other Mozilla based browsers like IceWeasel in Linux.

Digital certificate browser warning

Monkeysphere currently supports ssh and https and can be used for certificate revocation, expiration, ease of rekeying, etc.

One problem with traditional Certificate Authorities is that their target is to make money and some companies are willing to cut in security and relax verification rules to achieve this, CAs also run in similar fashion to a cartel with the big Certificate Authorities recognised by major browsers charge exorbitant fees that only corporations can afford. The web of trust P2P model can provide an alternative but it is not extended enough to be reliable, therefore the best choice is a hybrid system and this is how MonkeySphere works, when you visit an https site with the Monkeysphere plugin installed in your browser if the X.509 digital certificate presented to you is not recognised by the browser validation will then be passed to MonkeySphere’s own validation agent avoiding a scary security warning.

Visit MonkeySphere homepage

18 October, 2012
Send anonymous email through tor with TorBirdy

Using Thunderbird, a free open source email and Usenet client made by Mozilla, and the addon TorBirdy you can now send emails through the tor network, the addon will automatically connect to the tor proxy before login in and out of your email account to send SMTP email and retrieve new POP messages, as long as the chosen email provider does not block tor proxies. For extra security you might want to encrypt the email message, Torbirdy won’t do that for you.

The addon uses SSL/TLS by default for both outgoing and incoming servers setting default server ports, IMAP push email, often used by advertisers, is disabled as it could expose your real IP. The email client itself is cross platform and has versions for Windows, Mac and Linux, forked Thunderbird versions like Ice Dove should also work with the Torbirdy addon, the anonymous live CD Tails has added Torbirdy to their list of future additions.

TorBirdy Thunderbird anonymous email

The developers advice that users do not install any other Thunderbird addon that has not been reviewed by them together with Torbirdy as it could endanger anonymity. Since Thunderbird has a portable version that runs from a USB thumbdrive there is no reason why you should not be able to use Torbirdy as a portable email client to send anonymous messages, it might even get around public computer networks that block port 995 (POP) and 25 (SMTP). There are many free email services offering free SMTP but the sign up normally still has to be done using the web interface, needless to say that you should use tor for that.

Note: This addon is still in development and might not be stable.

Visit TorBirdy Thunderbird addon

23 August, 2012
Startup analyzer and hijack protector Runscanner

Runscanner is a free antispyware utility that will scan your computer for all running processes, it can detect system changes made by malware, like startup programs that show advertisements and ransomware, page hijackers, accidental misconfiguration or garbage left behind by uninstalled software.

It only took a couple of minutes to scan my hard drive and all orphan files, registry keys and drivers, where clearly labelled in red making it easy to identify and select them for subsequent erasing. I could not see any evident false positive, only a few files that I did not know what they were for and I decided to keep them. Before deletion, using the “Fix it” button, you are given a clear warning about making sure you know what those files are.

In advanced mode you will also see a tab called “Extra stuff” where you can edit Windows host file (often modified to show adware), check autostart items, kill processes, see installed software, and restore Runscanner history backups. Reports, using its own .run file extension, can be saved an opened, the tabbed interface has other options like “Unrated items“, “Item fixer” and “Loaded modules“.

Free startup and hijack analyzer runscanner

The main window helps you distinguish files showing the item name, path, description, company and digital signer if any. When you find a suspicious item right clicking on it will allow you to submit the file for scanning to online antivirus “Virus Total” or look up the file MD5 at File advisor, Google or Runscanner database. Another button gives you quick access to a malware discussion forum where to ask questions.

The advanced mode is potentially dangerous unless you understand what many of the files showing up in the window are, deleting something by accident could render your computer unbootable or without Internet access, the beginner mode only has the “Scan” an “Update” buttons visible, with no tweaking options, making it very hard to cause damage.

Runscanner has many more features than the popular HiJackThis system analyzer, or Process Hacker, it is a good alternative to them and I would consider this tool for those who have already been infected or just want to make sure that everything is working as it should.

Visit Runscanner homepage

21 August, 2012
Stop malware with Crystal Anti-Exploit Protection

Crystal Anti-Exploit Protection is a free utility to stop malware hijacking your computer, it will not replace your antivirus but act as a complement, the program will apply filters to your incoming and outgoing connections to decide if they should be allowed. Ironically enough my AVG antivirus flagged CrystalAEP as malware and I had to whitelist it.

After launching CrystalAEP you will presented with a quick tutorial and asked to select all programs exposed to the Internet, like your Internet browser or messenger, CrystalAEP will monitor them in real time, you can check what each program is doing in the alerts window, the default is set up at High Protection, programs security level can be individually modified using a level slider.

Crystal Anti-Exploit Protection

CrystalAEP will stop malicious attacks carried out without user interaction, like a website instructing your Internet browser to load a module, but if you choose to willingly execute a process, i.e. download an unknow codec to see a cool video, then you will have to rely on your antivirus to pick that up. This program is targeted at advanced computer users, the expert mode has many configuration options that few people will understand, like DEP monitoring and COM/ActiveX monitoring, I would stick with the basic mode, it is adequate to stop malicious websites from exploiting software vulnerabilities.

This tool consumes minimal resources and can be easily removed, it should help the computer paranoid, people visiting dodgy sites or those in high security environments to stop zero day exploits.

Visit CrystalAEP homepage

21 July, 2012
Best Firefox addons for computer privacy and security

Security Sanitizer: It will securely wipe your Internet browser cache, history, cookies, download&search list and saved passwords using the US DoD 5220 algorithm (3 passes) or a single pass overwriting.

Encrypted Communication: It encrypts text messages password protecting them, the receiver will need to have the same addon installed and know the password. And easy way for low security email communications.

Click&Clean: A one click Firefox browser addon to erase all temporary files, remove download files history, clean cookies, typed URLs, Flash Local Shared Objects and support for external erasers like Wise Cleaner and BleachBit.

Tamper Data: For advanced Internet users wanting to view and modify HTTP/HTTPS headers and post parameters. Very useful to monitor traffic and see what data is being sent and received through Firefox.

TamperData Firefox addon

Ghostery: It reveals the companies that track you around the web when you visit a website and allows you to block the trackers giving the user ultimate control on what company cookies are blocked and which ones are allowed to prevail.

Certificate Patrol: Shows what digital certificates have recently been updated to help the user decide if the change is legitimate. Helpful to stop websites with fake digital certificates, the user should have knowledge on how digital certificates work.

BitDefender QuickScan: Online tool using cloud based antivirus services to quickly determine if a file is infected with malware, useful for a second antivirus opinion without having to install it in your computer.

Browser Protect: Anti-hijacking extension to protect your browser from home page changes and toolbars/search engine additions, protection level can be customized from high to low and URLs can be whitelisted.

Stealthy: Fast proxy finder to hide your computer IP, it can be useful to access services only available in the US (Slacker Radio, CWTV), access banned websites like Facebook or fake your geolocation.

Stealthy Firefox addon

LeetKey: It can encode plain text into L337, ROT13, BASE64, HEX, URL, BIN, DES, AES, Morse or DVORAK keyboard layout, it could be used to maintain private conversations on social networks or forums posting ciphered messages.

KeeFox: A companion addon for KeePass password manager, KeeFox will connect to the password manager database and automatically fill in forms and password fields, automatically adding new entries to KeePass.

20 July, 2012