Blog Archives

How to install Privoxy and combine it with Tor

In this post I’ll show you how you can improve your privacy and anonymity while you are browsing on some websites. For this purpose I’ll use Privoxy and Tor. Privoxy is a non-caching web-proxy with filtering capabilities for enhancing privacy. Tor uses an overlay network of volunteers and relays your traffic through the Tor network to it’s destination. It also encrypts your data, so no Tor node (except the exit node) can read your data.

This is not a high-security setup, but it should improve your privacy and anonymity.

1. Privoxy
2. Tor
3. Combine Privoxy and Tor
4. Appendix
Read the rest of this entry

How to set up a stateful firewall with iptables

My old post to set up a small rules set for iptables is deprecated so I decided to update this post and improve some rules.
This time I tested this iptables setup on my Raspberry Pi. I connected to my Pi via SSH and the first time I tested the rules order I locked myself out and I had to connect the monitor and keyboard to fix this. The rule order in this post worked for me to set everything up via SSH.

I also tried this setup on a virtual machine and made a screencast of it. You can find the video at the end of this post.

1. Kernel modules
2. Important Rules
3. Chain Policies
4. Port Rules
5. Logging
6. Saving Rules
7. Appendix (Script and video)
Read the rest of this entry

How to set up a small rule set for iptables

In this how-to I will give you an introduction to iptables and show you how to set up a small rule set for iptables. If you want more detailed information I recommend the man page of iptables (its great).

This post is deprecated

I wrote an updated version: click here

1. Basic informations
2. Chain policies
3. Setting port rules
4. Saving rules
Read the rest of this entry

How to set up a honeypot with artillery

If you want to make your system more secrue you can use a honeypot. A honeypot is a program to detect, mislead and trap an attacker. In this article I will show you an example of a honeypot called artillery. Artillery is a very simple honeypot, easy to use and (in my opinion) very effective. It opens a few ports and if someone tries to connect to one of these ports, he/she will be banned immediately. But artillery can also monitor folders for changes or monitor the ssh-server for brute force attacks and ban the attackers.
Read the rest of this entry