CYBER SECURITY 101 - STAY SAFE

[Walt The Heavyweight]

Hi, this is CySec101 and I'm Walt. I've worked as a cyber security consultant for various companies and this is the field where I'm most comfortable in. I've noticed that most people are absolutely CLUELESS about staying safe on the internet, so I thought I would make this tutorial on about how to stay safe for FREE.

First of all, free antivirus is BETTER than CRACKED antiviruses. Non-cloud based antiviruses rely on frequent signature databases updates, but nulled and cracked software don't update properly.

We have three levels.

1) GRANDMOTHER LEVEL

You need to "set-up" a primary defense for a relative, who knows nothing about computers and is likely to click on malicious advertisements?

Step 1. Clean install Windows

Step 2. Install FULL FREE Comodo Antivirus.
COMODO antivirus comes with a antivirus, firewall, web filter(for infected sites) and scans automatically. It's an all-in-one solution.

Step 3. Install a non-IE browser such as Chrome, Firefox, Opera or Vivaldi and install the qBlock Origin extension, it will block most malicious ads. (Vivaldi is the browser I use)


2) CASUAL LEVEL
This is a good choice for everyday users who have nothing to hide, but want to stay safe and don't mind Google, Facebook, Apple, ISP and government tracking you.

Step 1. Install Panda FREE Antivirus - now this is a REAL TIME, cloud based antivirus, which means real time detection. Low on resources. This is what I use, despite having free premium software.

Step 2. Install Malware-bytes FREE - best tool against malware. The free version doesn't scan automatically so I would configure it to scan once a week, doesn't take resources. (you can find premium cracked on torrents. i suggest thepiratebay and kickass torrents cause there u can see user feedback)

Step 3. CCleaner. To clean up old files, speed up pc. (again u can find premium on torrent)

Step 4. qBlock Origin to your browsers.

3) TRYHARD LEVEL* (not completely free)
*If you do anything illegal, such as download stolen e-merch, I'd recommend using this.

Step 1. Use a VPN, there are more than 100 out there, I have some gift cards from my ex-company so I use them. (VPN is crucial if you use public-wifi, your pc can be hacked within seconds if you're connected to public wifi). GOOD TIP:

Step 2. Back-up EVERYTHING. If you have everything on your pc, then invest to a cloud server and wise-versa. For example FREE 20GB cloud room at pCloud or 3.99$ for 500GB storage.

Step 3. Install COMODO or WebRoot SecureAnywhere

(optional)Step 4. Install Tor browser.

Step 5. Stop using Gmail and google.com, instead use tutanota.com for encrypted mails and duckduckgo.com for your search engine. This way Google can't track you.

(optional)Step 6. Buy Ruckus ZoneFlex router, to give you complete vision over your internet network, e.g what other users are doing or if somebody's trying to access this.

(optional)Step 7. Stop using your local bank's debet and credit cards, sign up with Payoneer, you get a free VISA card and your government can't tax you.




BONUS ROUND: Which antivirus is better: Symantec, ESET NOD, Kaspersky, McAfee, Avast, Avira, BitDefender etc etc???
BONUS ROUND2: Why don't I talk about firewalls? The Windows firewall combined with good antivirus is good enough for 90% users. For premium hackers I'd recommend Cyberoam, but it's expensive af.

McAfee is trash, the others are all good except they take more resources than Panda + Malwarebytes combo and offer less than Comodo alone.

[tintin]

How did I miss this?

Awesome tips shared!

[Walt The Heavyweight]

(06-03-2016 03:14 PM)tintin Wrote:  How did I miss this?

Awesome tips shared!

Thanks for feedback, glad to be of use. Also happy to answer all security-related questions.

[htdang]

thank for this useful information. I would like to ask if Comodo Antivirus or Comodo Internet sercurity is better?

[Walt The Heavyweight]

(06-03-2016 07:59 PM)htdang Wrote:  thank for this useful information. I would like to ask if Comodo Antivirus or Comodo Internet sercurity is better?

They both get the work done, but I recommed the Comodo Antivirus, it's less web-intrusive. Has all the goods you need.

[Walt The Heavyweight]

Updated with links.

Peerblock is no longer relevant, VPNs do the job.
Comodo has gone cloud based, therefor the only difference with Panda is that it 1) offers more protection 2) takes more resources.

As far browsers go I don't recommend Comodo browsers, they block every 2nd torrent site. No good for a leecher.

Also added free link to free cloud space.

[Walt The Heavyweight]

Guys, new TRYHARD HACKER WANNABE path, FREE:
For those who want to dox, hack, scam, social engineer. Really easy, too. (absolutely overkill for leechers)

1. Install Tails OS on a computer (you have to either format your computer or get a new/old computer, I suggest using an older computer, as this OS is very light weight)
2. Install Tor Browser, disable cookies (Tails OS comes with it automatically actually)
3. Install VPN
4. Use only encrypted emails such as encryptedmail.com or tuskanote.com use disconnect.me instead of Google (Tor does that automatically anyway)
5. hack, scam, illegal shiz???????
6. Peace of mind. Avoid public wifi.

^ -< this is as close as you can get to unbreachable software wise, you can toughen it up with router and firewall systems with hardware, but that would be literally NATO level of security.

anybody want to know how to hack neighbor's wifi?

[SpacemanX]

Great post Walt. Thank you and yeah it would be interesting to find out about getting into a neighbours Wifi :-)

[Burak01]

Thanks guys, it is valuable information here :)

Walt could you please share more info about neighbors wifi ? Is it working on WPA2 secured networks as well?

[Walt The Heavyweight]

Ok here it is. Especially for WPA2, because this is what 99% of civilized world uses. I started typing a step by system but I realised this is not time effective and realised there must be some working methods out there to hack your neighbor wifi, the software i used to use doesn't work no longer, but the one in this tutorial does. This is copied from another forum, forum which I rather not mention.

Magic Button :

THIS IS NOT CREATED BY ME, BUT I ASSURE THIS WORKS. DO NOT ABUSE.
-------------------------------------------------------------------------------------
Hey Everyone, today i will be showing you how to Crack a WPA2 password, this is for educational purposes only and i'm in no way responsible for how you use this information.

Well to start i'm going to show you how i Crack my own WiFi password and ill show you the soft ware and tools i use i will post links below.

First i would Highly recommend buying a Alfa AWUSO36H Network adapter the reason being most network adapters be it prebuilt into a laptop or some such as netgear network adapters do not work well with the software and will not let you crack any wifi passwords. now some network adapters do work, i do not have a list of which ones do so i would recommend trying yours (if you have one already). but if worst comes to worst Get the Alfa AWUSO36H Network adapter it works great its the one i use and i bought it on eBay for 12 bucks so not to bad.

Next your going to need to download a program called oracle VM virtualbox which you can download at ( http://download.cnet.com/VirtualBox/3000...2624.html)

Next your going to need to download Kali Linux (http://www.kali.org/downloads/) and download according to your operating system (32bit or 64bit)

Now you will have to open up virtual box and install Kali Linux to it.

Once installed if you have the Alfa Network adapter that i was recommending you will have to make 3 easy quick changes in the setting options.

First, click on the settings option in virtual box, go to system, then click on the processor tab, and put a check mark on Enable PAE/NX.

Second, click on settings once again, put a check mark next to "Enable Network Adapter", then for the "attached to" option select "Bridged Adapter" and then select the name of the adapter. and under "advanced" make sure "cable connected" has a check mark.

Third, go to settings once again, go to the "USB Tab" and make sure the 2 boxes have check marks and add the network adapter

NOW were ready to begin!! now that everything is all installed and your settings are in tact go ahead and fire up Kali Linux and log on. Note: if you have trouble logging on the default user name is "root" and then the password that you created.

Next, open up the root box.

TIP: in order to open up the Root box, you will notice something that looks like a laptop screen it is to the right of "applications and places" click it and a window will open.

Now we will have to type in a series of codes ill try to be as detailed as possible.

First Code (do not use my quotation marks at the beginning and end of codes)
"airmon-ng start wlan0"

your computer will now enter monitor mode. you will see a couple of things that pop up with it, one should say "network manager" and a code to the left of it

next code will be
"kill Network manager" (use the code to the left instead of typing network manager)
example, "kill 4356"

Next code
"airodump-ng mon0"



the card will start listen to networks, wait 'till your essid appear which has to be WPA or WPA2 encoded



the one in this tutoral is INFINITUMCBA277 so select yours
now that you have the MAC address and the ch#
Now this is how the next basic code should look just so you get a little understanting
airodump-ng -c CH# --bssid 'YOURMACADDRESS' -w ESSID mon0 <<<<<. not actual code)

Now this is how the same code will look with your proper information in it.

"airodump-ng -c 6 --bssid 58:98:35:CB:A2:77 -w INFINITUMCBA277 mon0"



Note! the -c stands for channel, your channel may be different so change accordingly. and obviously your bssid will be different from this one as well, Essid is the name of your internet connection "Netgear, century link etc...".

so now we wait forever for a handshake or we can deauthenticate a client to obtain a handshake
in order to do that we must have the MAC of the client:
For your understanding this is the basics of the code
"aireplay-ng -0 20 -a 'YOURMACADDRESS' -c 'CLIENTSMACADDRESS' mon0"

How it should actually look

"aireplay-ng -0 20 -a 58:98:35:CB:A2:77 -c 70: D4:F2:91:AE:67 mon0"



Note! The mac of the client i circled in red will always be to the right of your BSSID (again yours will look different)

once the user is deauthenticated and reconnect we'll obtain the handshake
if the command didn't work, well... try again (if after u did the deauthenticate command noting seems to happend... maybe you are too far from the client 'cause this command goes directly to the client's connection.) :frown:
you will see something like: WPA handshake 58:98:35:CB:A2:77



so now we use crunch
we wil use the *.cap file were the handshake was saved
In order to get to the .cap file you will have to click the computer icon in kali Linux and click on the home tab, there you should see a .cap file in some cases it may say .cap1 .cap2 etc.. drag and drop it to the kali linux desktop.



For your understanding this is how your next code is broken down
"crunch 8 8 0123456789 | aircrack-ng -a 2 'HOME-TC-FILE-CAP' -e 'ESSID' -b 'HANDSHAKE' -w -"

this will be the actual code

"crunch 8 8 0123456789 | aircrack-ng -a 2 /home/tc/INFINITUMCBA277-02.cap -e INFINITUMCBA277 -b 58:98:35:CB:A2:77 -w -"

Note! after typing "-a 2 " just drag and drop the . cap file in there and then continue with the rest of the code.



Then you just have to wait for crunch and aircrack-ng to verify each combination.
Now depending on how long and complicated the password is, it can take anywhere from 1 minute to 3 days. (i know, kind of a long time to wait) but thats only if the password is 64 characters long. but if for some reason your locked out of your internet or other reasons it may very well be worth the wait..

Now im going to go over the last code so you can adjust it to your needs this part is important.

Code: "crunch 8 8 0123456789 | aircrack-ng -a 2 /home/tc/INFINITUMCBA277-02.cap -e INFINITUMCBA277 -b 58:98:35:CB:A2:77 -w -"

So we start with the first instruction: crunch is the wordlist generator :tongue:crunch 8 8
crunch 8 8
Second: the '8 8' is for the length of the word in characters, the first '8' indicates starting length and the second '8' the ending length. So if you want to test your security with 16 characters password you can change to '16 16,' or '8 16.'
crunch 8 8 0123456789
Third: '0123456789' this is the list of characters to include in the wordlist for a numeric password. note: 75 % of users use numeric passwords. but you can also try something like: '01234567890abcdefghijklf' by using an alphanumeric wordlist the time will increase as this is a brute force method.
Note: some passwords have Capital letters so your code could look like this as well 012345abcdefgHIJKLMN!@#$%^and*(). pretty much anything you can use in a password you would want to add to the list. BUT the longer the list, the longer it takes to complete.
0123456789 | aircrack-ng
Fourth: this symbol is very important --> | <-- as it indicates the end of instructions for crunch and the new instructions for aircrack-ng.
Last but not least: the place were the .cap file is has to be accurate :idea
Well there's a lot of program that do things like this, i just like it better to do it by myself . Well this is it, let me know if you find this post useful.

Thanks again everyone for sticking with me this far haha this will be my first official tutorial so i know the post doesn't look that great, ill try to come back and edit it to pretty it up a bit. Credit too mrmanuelmtz for practicality teaching me how to do this and helping with this tut.