Computer Tools and Techniques

From GIS CS4
Jump to: navigation, search

Creating Bootable USB Memory Stick

UBuntu Only USB


Multiboot USB


Dealing With A Dead Computer


VirtualBox - running 'Virtual Computers' on your computer

  • Download VirtualBox Installer
  • Install VirtualBox
  • Once installed, launch VirtualBox - go to Perferences/Settings, select 'Extensions'
  • Download VirtualBox Oracle VM VirtualBox Extension Pack
  • Install Oracle Oracle VM VirtualBox Extension Pack
  • From VirtualBox Manager, select 'New'
  • Provide some meaningful name 'My First VM'
  • Change Type to 'Linux'
  • Change Version to 'Ubuntu (32-bit)' (or UBuntu (64-bit) if appropriate)
  • Follow instructions (default is good).


Install Local WebServer


TOR


Creating A More Secure Public WIFI Access Point

  • Enable WIFI Client Isolation (http://www.wirelessisolation.com/)
  • Force DNS Server to OpenDNS (208.67.222.222, 208.67.220.220 - https://www.opendns.com/)
  • Configure Firewall for all traffic from WIFI as follows:
    • Disable ALL local network access (including router)
    • ONLY allow following outgoing ports:
      • 80 TCP (unencrypted HTTP Web Browsing)
      • 443 TCP (Encrypted HTTP Web Browsing)
      • 995 TCP (Secure POP3 EMail - receiving EMail)
      • 993 TCP (Secure IMAP EMail - receiving EMail)
      • 465 TCP (Secure SMTP EMail - sending EMail)
    • Redirect traffic to itself for following ports:
      • 123 UPD (NTP clock Queries - make sure it is update-to-date! Otherwise vulnerable to reflective attacks)
      • 53 UPD (DNS Queries - required to make the internet access work)
      • 67-68 UDP (DHCP Queries - required for connecting clients/computers/phones to establish a connection to your access point)
    • Disable ALL other TCP ports
    • Disable ALL UDP ports
      • Normal Internet usages (Web Browsing, EMail) only makes use of TCP which is a stateful protocol - it ensures that both ends are real IP addresses. Normal Internet does NOT use UDP which is a state-less protocol - a sender can fake their address, and therefore is often used maliciously. Therefore it is a good idea to completely disable all UDP traffic and to only access TCP.
    • Optional - redirect all allowed traffic via VPN or via TOR
      • If somebody mis-uses your Internet account, the mis-use will be attributed to yourself by your ISP. Redirecting ALL traffic on the Public WIFI access point via a VPN or via TOR protects you from your ISP monitoring this Public WIFI traffic and therefore from blame.