Category: Security

Has Your Email/Phone (Personal Information) Been Involved In A Data Breach?

Today’s article isn’t all that Linux specific, but pertains to your personal information and whether or not it has been leaked or hacked. This is good information to know. While there’s not much that you can do after the fact, there are steps you can take when the inevitable happens and those steps will vary depending on the severity of the hack and how much information the bad folks got away with.

Basically, when you visit sites you leave at least some information behind. Depending on the site, you may leave more information behind than other sites. For instance, you may leave behind your email address when you signed up for their newsletter. This is relatively benign (insert plug for the Linux-Tips newsletter), but more concerning when you add more information to it – such as your password, phone number, username, answers to security questions, etc…

Sometimes, those sites aren’t all that well defended and people manage to find exploits that give them access to this data. These are known as data breaches. Your data is then, more often than not, put up somewhere online for sale or even for free. The usual goal is to sell this data, as profit is the ultimate motive these days.

There’s quite a bit that bad actors can do with this hacked and leaked data. This is especially true if you do things like re-use passwords. By the way, that’s something you should never do. Don’t use a password or a ‘password system’. Generate random passwords for every use. 

Enter “have i been pwned?”

This have i been pwned? site has been around for a long time. You can visit the site by clicking the following:

have i been pwned?

Go there and enter your email address or phone number. It will then let you know if your data has been exposed in a data breach. The site’s name is a play on the word ‘pwned’ – which means similar to ‘owned’ or, in this case, your personal information been exposed by way of a data breach.

If your personal information has been included in a data breach that was made public, it’ll be listed in the results. For example, I have one email address that was involved in a very dark time for Linux Mint. See this:

my data has been breached
My personal information was compromised in this attack. Also, yes that happened. It’s very much real.

You can be reasonably comfortable putting your email into that site. They have a long, long history of good behavior and, at the end of the day, you’d just lose your email address. So, feel free to drop your email addresses into the site.

NOTE: I take your personal information seriously. If I ask for it, I secure it. I only ask for as much information as required for the role. Signing up for the newsletter doesn’t even ask for a username! Passwords are salted and hashed (not saved in plain text). There’s a layered approach to prevent compromise, including things like requiring 2FA for administrative roles.

Again, “have i been pwned?” has no motivation to do anything with your email address and their reputation is pretty solid. You can drop your email address into the search box safely.

They Lost Your Personal Information: 

So, what can you do if you found out that your personal information has been compromised? There’s not a whole lot, actually. Once the data is out there, it’s out there. You can’t do anything to take it back.

What you can do is stop doing business with these people. You can change your passwords for the compromised sites. You can also check other accounts for signs of compromise. Depending on the data that was lost, you can lock your credit or use a credit monitoring service.

When (not ‘if’) you find your email and personal information in these lists, it can be a little jarring. It’s not entirely unlike finding out that your house has been broken into. But, you can relax. It’s not the end of the world or anything of that nature.

In many cases, passwords aren’t stored in plain text. They’re hashed and salted before they’re stored. The password you typed in is just checked against the hashed values and, so long as you match, you’re let into your account. That’s a great thing, a great start even, but rainbow table attacks still exist to attack hashed passwords.

If there are extra security steps you can take, take them! If you can enable 2FA (2 Factor Authentication), they by all means do so. A login that requires a second factor, such as a code sent to email or to text message, is much more secure. This is more useful before a hack occurs, of course.

When you give out your personal information, ask yourself if you truly need to give the information and if you trust the company with that information. Different companies may have different trust levels for you. I trust this site with all my information, ’cause I own it. I trust sneakydownload.site enough to have my email address and nothing more. There’s a pretty broad spectrum of trust and a very personal choice to make.

Closure:

This article could easily run thousands of words, as security, privacy, and personal information are broad subjects. Be careful who you trust and be sure to check in once in a while to see if your personal information has been compromised. On Linux-Tips.us, I just avoid collecting data. I find it easier to protect your data if I don’t actually have it. However, even this small site is under attack constantly:

Linux Tips attacks
That’s a week’s worth of attacks. That’s just for a small site.

The two spam comment selections are from people/bots who made it through the first levels of defense. Even the rest of the numbers are people who made it through the basic security checks, now that I think about it in this light. Point being that a site is constantly under attack and your personal information is a commodity, so protect it well.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

 

Monitor TCP/UDP In Real Time

If you’re concerned about network connections to your device, you may want to monitor TCP/UDP in real time. It’s a pretty handy way to get a handle on what connections are being made by your devices. This article could be pretty complicated, but I’ll try to make sense of it all.

By the way, if you ever want to be sure you know something, try explaining it to someone who knows nothing about it. It can be pretty humbling. Leave a comment letting me know how I did.

Anyhow, moving on…

Network connections happen on various ports. Think of them as though your computer is a country and you have various ports that let traffic in and let traffic out.

There are different kinds of traffic, just like there are different kinds of ships. You have leisure, goods, military ships, etc… You have cruise ships, tankers, cargo yachts, kayaks, aircraft carriers, etc. Traffic is often bidirectional, meaning going in and leaving on the same port. In the case of TCP and UDP, traffic is bidirectional so one port will accommodate both.

So…

What Are TCP and UDP Anyhow?

In the case of TCP, you may be familiar with the expression TCP/IP, and it stands for Transmission Control Protocol. TCP requires a server/client relationship and should only be used on certain ports. Those ports are things like FTP, SSH, SMTP, Time, TELNET, etc… So, if you know you don’t have an FTP server running, you really shouldn’t be seeing traffic on ports 20 or 21.

UDP, on the other hand, stands for “User Datagram Protocol”. Unlike UDP, there’s no client/server relationship required. It just spews traffic out as needed/ordered. UDP connections do things like check a DNS server to find the IP address for a domain name. It then waits for the server to respond. There’s less latency and it’s more useful for ‘real time’ processes. Voice and video may be sent using UDP. Again, if you’re seeing unrecognized traffic, there may be a problem.

If you want, you can get a general idea (you don’t really need to memorize this) of what belongs where, with regards of TCP/UDP traffic. Wikipedia has an excellent list of TCP/UDP port numbers.

So, with that information at hand, you can see why you might want to …

Monitor TCP/UDP In Real Time:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Once you have your terminal open, you can use ‘netstat’ and examine this in detail. If you just want to check once,  you can run this command:

To monitor it in real time, you’ll just use the ‘watch’ command. That’d look like this:

You can use the -n flag to change the refresh interval, as it will default to every two seconds. To make it every five seconds, the command would look like this:

You can change that number, but you can go no lower than once ever 0.1 seconds. I’m not sure if there’s an upper threshold, but it might have one. 

Either way, you can monitor your TCP/IP connections in real time. It’s not really all that difficult. You may see some results that alarm you, but odds are you’re just new to checking the output. Before getting alarmed and making drastic changes to your computer, research to see if the connection is actually just normal traffic.

Closure:

And there you have it, you have another article to read. This one is about how you can monitor TCP/UDP in real time, a useful tool if you’re concerned with your network’s traffic. Malicious activities will likely require network ingress and egress, so this can help your security assessments. Strange connections don’t necessarily mean there’s a problem – but they do mean you might want to look to see what’s causing the connections.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Change Your DNS Servers To Google’s In Lubuntu

This article will show you how to change your DNS servers from your default servers to the DNS servers run by Google, specifically while you’re using Lubuntu. If  you’re not using Lubuntu, the process is likely fairly similar. Either way, it should be a nice and fun article, and we’ll even do it in the GUI instead of the terminal.

So, what is DNS? DNS stands for ‘Domain Name System’. As you know by now, machines are identified by their IP address. It’d suck to have to remember numbers instead of names. It’s also possible to route multiple domain names to the same IP address. So, we have domain names and use those domain names to resolve to IP addresses.

If you’re like most people, right now the DNS servers you’re using have come from your ISP – the folks who provide your internet service. This means that they can see which sites you visit, based on the requests you make to the DNS service.

Some folks don’t like this and prefer to find another DNS provider. (There’s also Secure DNS which this article will not be touching on.) One of those companies that provides free DNS servers is Google. Like them or not, their DNS servers are robust and consistently updated, often making domain propagation quicker for you.

This article is for Lubuntu, as stated above, but you may very well be able to follow the same exact steps with your distro of choice. And, now that you have a general idea of what’s going on, let’s learn how to…

Change Your DNS Servers:

To get started with changing your DNS servers, you need to find your networking icon in your system tray. It’ll be down on the right, not far from the clock. Once you have found it, right click on it so that it brings up the menu to let you “Edit Connections”. It will look something like this:

change network settings
Of course, your version won’t have the nifty arrow.

You’ll want to click the gear icon. That’s why I put the arrow there! 

That will open another window. This window will have tabs  you need to worry about – or a tab you need to know about. You probably shouldn’t need both. The tabs you’re interested in will look like this:

changing the network connections
You should need one of those, probably not both of those…

Now,  you should only need to edit one of those. If you’re still using IPv4 then you use that tab. If you’re using IPv6 then you’ll obviously want to use the appropriate tab. For example, the IPv4 would look like this:

screen to edit dns servers
This would be the tab you’re looking for, pretty much…

Now, where that arrow is is where you want to enter the new DNS server information. You separate them with a comma, though you can use a comma and a space – there will need to be a comma.

For Google’s IPv4 addresses, your choices for 8.8.8.8 and 8.8.4.4.

For Google’s IPv6 addresses, your choices are 2001:4860:4860::8888 and 2001:4860:4860::8844.

Note: The ifconfig or ip addr will help you tell if you have IPv4 or IPv6.

When you’re done, be sure to click the save button to ensure your new settings take effect. Remember the screen and changes, should things go pear shaped. You can undo this easily enough.

This will, of course, work with any set of DNS servers out there. You can use it with other servers if you aren’t a fan of Google. This can serve as a general guideline for other servers, should you wish.

Closure:

Yup… There it is. You have another article. This time, it tells you how to change your DNS servers if you use Lubuntu. Again, it’ll work for other distros, but I’m only including pictures/vouching for it with Lubuntu.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

How To: Clear The Terminal Screen

Today, we’re going to learn to clear the terminal screen. This is generally done for privacy’s sake. You don’t want people to be able to scroll up and see what you’ve been reading in the terminal. This probably isn’t as important if you’re the only user and you’re in  your house, but you may still like to keep things clean and tidy.

We’ll go ahead and cover two ways to clear the terminal in this article. They’re both rather easy commands and you’ll find this article is definitely not all that complicated, or even very long. This is pretty much one of the first things folks should have learned when they started using the terminal. We might as well cover it here.

Rather than make this long-winded, we’ll just make this into a short and easy article to read. Let’s all learn how to…

Clear The Terminal:

To be clear, this just erases the text in the terminal. It clears the scrollback content so that folks can’t scroll up and see the previous terminal contents. Again, it’s a good idea to do if you’re in a multi-user environment where people may have access to your screen and you don’t want them to know what has been written to the terminal.

Obviously, you need a terminal for this article. Just press CTRL + ALT + T and your default terminal should open.

I suppose we’ll need some content, so let’s try using this command:

That should fill your terminal up.

Now, to clear it you can use either of the two following commands:

Or you can also use:

(Though reset may leave a little text at the top, it still removes the terminal’s scrollback history.)

Both of those will do the job, with ‘clear’ being the obvious winner = but it’s nice to have options. They’ll clear the scrollback in the terminal, preventing folks from scrolling up to read what has previously been written there. Of course, they could potentially still press the arrow up button and see what commands you’ve written, so you can try to prevent that as well.

Closure:

See? I told you that it’d be a quick and easy article. It’s not all that taxing to learn how to clear your terminal and that’s all that this article is meant to cover. Both of the two commands have a man page, but they’re not very useful commands for anything else but clearing the terminal. Have an easy day, a day where you can (maybe) say you learned something and not have to read a long article. After all, it was a quick and easy day for me!

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

More Ways To Generate Strong Passwords In Linux

In today’s article, we’re going to explore a couple of other ways to generate strong passwords in Linux. It’s going to be a pretty easy task and one most everyone can learn from. It shouldn’t even be a very long article.

Weak passwords are easy to crack. You don’t want that, for obvious reasons. If you want to see how approximately how long it’ll take to brute force passwords, you can check sites like this one. Remember that the time given by that is more or less the maximum time it could take, and your password could be brute-forced (by repeated guessing) much sooner than that.

I’ve previously written an article about generating a sufficiently complex password. That’d be one way to generate strong passwords, but this article will cover a couple of other easy ways to generate strong passwords in the Linux terminal.

Generate Strong Passwords:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

With your password open, we’re first going to use GPG to create a strong password. Everyone should already have GPG installed, so there’s no reason to cover that in this article. So, to do so, you’d use a command something like this:

It’ll have an output similar to this one:

using gpg to generate a strong password
Obviously, you don’t want to use that password specifically! Use your own!

You can change the 16 to any length you want. It’s obviously the number of characters. 

You can also use OpenSSL, which you likely have installed, to generate a complex password. It’s actually pretty easy and the command is:

Again, you can change the 24 to anything  you darned well please. Sometimes sites will have a maximum password length, which might seem kinda silly – as I think I recall there being a hard limit of 256 characters that the kernel will accept. Either way, the output would be similar to this one:

openssl can generate passwords too
That one is 24 characters long. Yay!

Feel free to mess around with changing the length. OpenSSL is likely installed by default and you don’t have to install pwgen. Both of the tools in this article will likely be installed by default.

Closure:

And there you have it! Another article said and done. This one is about teaching folks how to generate strong passwords in Linux. It’s an easy enough task and this article shouldn’t be too complicated for even the most n00b of the n00bs!

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

 

Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.