Monday 12 December 2022

Strong unique passwords

strong unique password


Strategies for creating strong, unique passwords and properly managing them:

As more and more of our daily activities and personal information are being conducted and stored online, it's crucial to have strong, unique passwords for all of your online accounts. Not only do strong passwords protect your personal information from potential hackers, but they can also prevent unauthorized access to your accounts and protect your privacy.

But with so many different online accounts and passwords to remember, it can be tempting to use the same password for multiple accounts or to create passwords that are easy to remember but not very secure. This is a dangerous practice, as it puts all of your accounts at risk if one password is compromised.

Here are some tips for creating strong, unique passwords and properly managing them:

  1. Use a mix of letters, numbers, and special characters in your passwords. Avoid using dictionary words or common phrases, as these can be easily guessed or cracked by hackers using specialized software.

  2. Don't use the same password for multiple accounts. If a hacker gains access to one of your accounts, they will then have the ability to access all of your accounts if you use the same password.

  3. Consider using a password manager to help you generate and store unique, strong passwords for all of your online accounts. This can take the hassle out of remembering multiple complex passwords and help ensure that your passwords are secure.

  4. Regularly update your passwords. It's a good idea to change your passwords every few months to ensure that they remain secure.

  5. Be careful when sharing your password with others. Only share your password with trusted individuals and avoid writing it down or sharing it over unsecured channels.

By following these tips, you can help protect your personal information and online accounts from potential hackers and unauthorized access. Strong, unique passwords are an essential part of good cyber hygiene, and taking the time to create and manage them properly can help keep your online accounts and personal information secure.

How to manage passwords ? With a password manager !

Some examples of popular password managers include LastPass, Dashlane, 1Password, and Keeper. Each of these password managers offers a range of features and pricing options, so it's worth doing some research to find the one that best meets your needs. Additionally, many web browsers, such as Google Chrome and Mozilla Firefox, also offer built-in password manager features.

Friday 9 October 2020

How to secure your Linux

How to secure your linux? (easily)

Now days computer security is on the top trending topics for several reasons, the pandemic confiment also boosted the search for this topic. So you have a linux, is it secure? Most likely yes, is it vulnerable, even if daily updated (also see how to speed up apt-update ) due to default values of some configurations.

An easy way to enhance Linux security or hardening Linux? Using lynis (also works on OSX)
What's hardening?  Basically is just tunning and configuring some features that by default might allow someone to exploit or use that as a vulnerability. (not just one feature per se, but some combined might create something exploitable)

How to install lynis on Linux?

There are two instalation methods, easy and easiest. The main difference is  the version you download from the Lynis site is always the latest one where the apt-get version might take sometime to get to the lastest. 
An example is allowing access to compilers, an intruder can pass a bunch of string and in the end compile them and there you go, someone uploaded some string and created an executable on your machine. Another example is not enforcing secure password, 1234, Joe, and Password aren't exactly secure passwords, but if the system won't allow anything rather than ex: JustATinny123Pass**Again is virtual impossible to guess or crack.
 
In ubuntu/mint lynis installation (easiest):
  • sudo apt install lynis
In ubuntu/mint lynis installation (easy):
  1. Go to Lynis webpage and download the rar
  2. Unrar-It
  3. Done  

How to run Lynis on your Linux machine?

Previous Note: You should always run it as root user 
  • If the installation was done via apt-get the just type "lynis audit system" else, just go to the directory where you extracted Lynis and run "./lynis audit system".
This might take a while depending on our system ( 40sec plus). 

What do you get? Whell for start you get a score! 0-100points... if you use a default ubuntu 20 LTS from scratch you'll get around 65points depending on installed packages.

Lynis score



There's a list of issues to be solved, their solution (if possible in your system), solve one by one and in the end run it again. In the end you improve your score and harden your system.
Examples which I focus a LOT, since some of my machines are only accessible by network: sshd connections hardening.

Lynis recommendations


Thursday 8 October 2020

Remote Desktop Playing @Home

Remote Desktop Gaming

Yes codding rocks, scripts make you smile and git is the new winamp but once in a while it's nice to play a bit.

Most people now days have laptops, company laptops or personal laptops, which in general, aren't suitable for gaming nor you want to risk your working tool by overheating it. Installing games on work computers isn't also the brightest idea in the world. There's also the physical part of it, you don't want to move to your desk or across the living room to play. 

Desktop's aren't exactly portable


Alternatively you can get a gaming laptop, but those are a bit more expensive than usual, also a bit bigger and with less battery life, certainly your company won't get you one and sometimes they're a bit flashy... not ideal for a formal meeting.

Care to take it to a formal meeting?

Solution: get a cheap desktop, put a GPU on it (I did it with my dell T1600 cheap homeserver) and do all the gaming on it remotely How? With a program called Parsec. The principle is very simple: 

  • Install Parsec on Desktop and laptop (or all the computers you want to interact with)
  • Create an account (FREE)
  • Login on all computers
  • Connect to one of your logged In computers
  • You're IN (literally, you're inside a remote desktop on that computer)

    parsec
    Pick one of your computers!
So you get the following: You -> Laptop -> Gaming Desktop nice

So why Parsec? Because it was developed with gaming in mind it's low latency software allows you to run games as if it was on your laptop. 

Remote Desktop

Basically it comes to this, you use a remote desktop client to play games but don't forget it's a remote desktop so it can be used for programing, for server maintenance, remotely viewing videos etc

Requirements for remote desktop gaming @home

Assuming your Desktop has a decent/recent CPU/CPU/SSD you'll pretty much run every game out there, the main requirements are just two:
  • Network speed - The higher the resolution and FPS the higher bandwith you'll need. So if possible network cable attached to the DESKTOP and pick a nice spot for your wifi-router.

Having said this, i can play with almost no lag at 1920*1080 in the same room with a 2.4Ghz 1000Gbit ISP router. 

Parsec will even show you statistics of your network performance and bottlenecks.

parsec