Système d’exploitation anonyme Whonix version 8


Whonix est un système d’exploitation qui met l’accent sur l’anonymat, la confidentialité et la sécurité. Il est basé sur Tor, Debian GNU/Linux et la sécurité par l’isolement. Les fuites DNS sont impossibles, et même des malwares avec des privilèges root ne peuvent pas trouver l’IP réelle de l’utilisateur. Whonix se compose de 2 machi­nes vir­tuel­les. […]

Using vnc to do remote tech support over high-latency networks

pIf you ever find yourself doing a bit of technical support for relatives
over the phone, there's nothing like actually seeing what they are doing on
their computer. One of the best tools for such remote desktop sharing is
a href=

pHere's the best setup I have come up with so far. If you have any
suggestions, please leave a comment!/p

h1 id=Basic_vnc_configurationBasic vnc configuration/h1

pFirst off, you need two things: a vnc server on your relative's
machine and a vnc client on yours.

Hardening ssh Servers

h1 id=Basic_configurationBasic configuration/h1

pThere are a few basic things that most admins will already know (and that
a href= will warn you about if
you forget):/p

lionly allow a href= 2/a of the protocol/li
lidisable root logins/li
lidisable password authentication/li

pThis is what code/etc/ssh/sshd_config/code should contain:/p

precodeProtocol 2
PasswordAuthentication no
PermitRootLogin no

h1 id=Whitelist_approach_to_giving_users_ssh_accessWhitelist approac

Running your own XMPP server on Debian or Ubuntu

pIn order to get closer to my goal of reducing my dependence on centralized
services, I decided to setup my own XMPP / Jabber server on a
a href= VPS/a
running a href= wheezy/a.

Creating a Linode-based VPN setup using OpenVPN on Debian or Ubuntu

pUsing a
a href= Private Network/a
is a good way to work-around
a href= restrictions but also to
protect your network traffic when travelling with your laptop and connecting
to untrusted networks./p

pWhile you might want to
a href= Tor/a
for the part of your network activity where you prefer to be anonymous, a
VPN is a faster way to connect to sites that already know you./p

pHere are my instructions for setting up a h

Things that work well with Tor

pa href=https://torproject.orgTor/a is a proxy server which allows its users to
hide their IP address from the websites they connect to. In order to provide
this level of anonymity however, it introduces latency into these
connections, an unfortunate performance-privacy trade-off which means that
few users choose to do all of their browsing through Tor./p

pHere are a few things that I have found work quite well through Tor.

The Perils of RAID and Full Disk Encryption on Ubuntu 12.04

pI've been using disk encryption (via
a href= and
a href= on Debian
and Ubuntu for quite some time and it has worked well for me.

Presenting from a separate user account

pWhile I suspect that professional speakers have separate presentation
laptops that they use only to give talks, I don't do this often enough to
justify the hassle and cost of a separate machine. However, I do use a
separate user account to present from./p

pIt allows me to focus on my presentation and not stress out about running
into configuration problems or exposing private information.

Server Migration Plan

pI recently had to migrate the main a href=https://www.libravatar.orgLibravatar/a server to a new virtual

Debugging Gearman configuration

pa href=http://www.gearman.orgGearman/a is a queuing system that a href= been in Debian/a for a long time and is quite reliable./p

pI ran into problems however when upgrading a server from Debian squeeze to wheezy however.

Syndiquer le contenu