Whonix : Debian GNU/Linux based Security-focused Linux distribution

1.     Even if one is not doing anything wrong, he is being watched and recorded in real time as Edward Snowden revealed few years back. Most Internet users value online anonymity, with majority saying they have taken steps to remove or mask their digital footprints, and  reporting that they have taken steps to avoid being observed by specific people, organizations, or governments.Whonix is a Debian GNU/Linux based security-focused Linux distribution which aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway", running Debian GNU/Linux. All communications are forced through the Tor network.This post gives you screen-shots of installation and execution of the virtual appliances involved.

2.    The Gateway VM is responsible for running Tor, and has two virtual network interfaces. One of these is connected to the outside Internet via NAT on the VM host, and is used to communicate with Tor relays. The other is connected to a virtual LAN that runs entirely inside the host.

3.    The Workstation VM runs user applications and is connected only to the internal virtual LAN, and can directly communicate only with the Gateway, which forces all traffic coming from the Workstation to pass through the Tor network. The Workstation VM can "see" only IP addresses on the Internal LAN, which are the same in every Whonix installation.

4.  Download the two virtual machines ie the Gateway and the workstation from https://www.whonix.org/wiki/VirtualBox

5.   Once you download the two machines as above from the link in reference,the following screen-shots will assist you in installation of the same.The two downloaded files are seen below : 

Instead of typically creating a virtual machine and then mounting a vdi,in this case more simply we have to just import the .ova appliance,rest is in auto mode.

Next

Next

Agree to the T&C

Next

Will take few minutes loading

Next

Import

Agree again

Import appliance of the workstation

So u have two machines in the virtualbox console as seen in the bottom two listing below :

Just click both with the start button...and the machine start

Next

Next

Next

Ok

Updated TOR download

Here we see the IP address relating to Budapest Hungary....and thats surely not the user....:-)

Kali Linux 2 : Installing and Setting up OPENVAS

1.     This post will be useful for users who have just installed Kali Linux 2 and wish to install and setup OPENVAS.OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of GreenBone Networks commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009. 

 2.   The following set of commands vide a Kali terminal will be in the following sequence :

:~ apt-get update

:~ apt-get -y upgrade

:~ apt-get install openvas

:~ openvas-check-setup

after you run the open-check-setup command ,there is a possibility of something going wrong during installation...if there are some errors ...do the following at the terminal

:~ openvasmd --rebuild

next you might be prompted to create a user

:~ openvasmd --create-user= --role=Admin && openvasmd --user= --new-password=yourpassword

:~ greenbone-certdata-sync

Run the check setup again :

:~ openvas-check-setup

 the check setup screen should look like below :

 Final step to the access will need to browse you at the link as below to access Greenbone web interface

https://localhost:9392

 Thats all...start exploring the interface

Privacy Concerns & Server Locations : Hike-Telegram-Whatspp

1.    I have always seen and observed discussions amongst my friends and circle about which Chat Messenger is safe and which is not in terms of safety and privacy aspects.Whether the servers are located inside the country or they are off-shores,how their data is shared and how is their privacy likely to be compromised bu third parties.....So to just do a over view check,here I present an over view of such FAQs in context of Server Locations and data sharing aspects,primarily sourced from the original websites.

Privacy Concerns & Server Locations : HIke-Telegram-Whatspp from anupam50

Nextcloud 10 installation @ Ubuntu 16.04 LTS

1.   Nextcloud is open source file sync and share software for everyone from individuals operating the free Nextcloud Server in the privacy of their own home, to large enterprises and service providers supported by the Nextcloud Enterprise Subscription. Nextcloud provides a safe, secure, and compliant file synchronization and sharing solution on servers that you control.

2.   This post shares screen shots of my installation of the same in UBUNTU 16.04 LTS.The screen-shots are self explanatory along with the command sets available for direct lift if one is interested.

Reference help of this post : https://www.facebook.com/expertresearcher
Video post of this at https://www.youtube.com/watch?v=nXr_muYB6xI

Here's my ip address configuration as set on the virtual machine Ubuntu.

Terminal commands :

> apt-get update

 

 > apt-get install lamp-server^

> apt-get install libapache2-mod-php7.0 php7.0-mbstring php7.0-curl php7.0-zip php7.0-gd php7.0-mysql php7.0-mcrypt

> apt-get install php-xml

Goto the nextcloud site at https://nextcloud.com/install/ and download the zip file for nextcloud installation.This one is version 10

Downloading here as seen completing :

Goto the Downloads folder and unzip it
> unzip nextcloud-10.0.0.zip

> mv nextcloud /var/www/html
> chown -R www-data:www-data /var/www/html/nextcloud

Now we need to Configure MariaDB for this vide these commands as mentioned :
> mysql_secure_installation
Type Yes for all except may be root password which u might want to retain.

CREATE DATABASE nextcloud;
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost' IDENTIFIED BY 'anupam';
FLUSH PRIVILEGES;
exit;

> Gedit /etc/mysql/my.cnf

Add the following three lines at the end:
log-bin = /var/log/mysql/mariadb-bin
log-bin-index = /var/log/mysql/mariadb-bin.index
binlog_format = mixed
 

Now we need to Configure Apache Web Server
> sudo a2enmod rewrite
> touch /etc/apache2/sites-available/nextcloud.conf
> ln -s /etc/apache2/sites-available/nextcloud.conf /etc/apache2/sites-enabled/nextcloud.conf
> nano /etc/apache2/sites-available/nextcloud.conf

Add the following:

ServerAdmin admin@ubuntu
DocumentRoot "/var/www/html/nextcloud/"
ServerName youripaddress
ServerAlias ubuntu

Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
ErrorLog /var/log/apache2/your-domain.com-error_log
CustomLog /var/log/apache2/your-domain.com-access_log common

here you ready to go....just type the ipaddress in the web browser...

Gurugram Police Summer Internship on Cyber Security 2016

A small mention about me made in this video link uploaded to give an overview brief of the Gurugram Police Summer Internship on Cyber Security 2016 conducted under aegis Rakshit Tandon.

Cyber Security Summer Internship 2016 Gurgaon Police : 10 Jun 2016

Today got an opportunity to speak at Cyber Security Summer Internship 2016 Gurgaon Police being conducted under the aegis of Shri Rakshit Tandon.Below is the presentation that I presented before the attending audience on Hardware Trojans.

   Hardware Trojans : Summer Internship Gurgaon Police- 10 Jun 2016 by Anupam Tiwari

Few Pics from the Internship meet are shared below :