Damn Small Linux (DSL) Forums
Welcome, Guest. Please login or register.
Did you miss your activation email?
October 31, 2014, 07:50:23 AM

Login with username, password and session length
News
The new DSL forums are now open.
Stats
297766 Posts in 294157 Topics by 212 Members
Latest Member: bull5mask
Search:     Advanced search
* Home Help Search Login Register
Get The Official Damn Small Linux Book. Great VPS hosting provided by Tektonic

+  Damn Small Linux (DSL) Forums
|-+  Recent Posts
Pages: [1] 2 3 ... 10
 1 
 on: October 27, 2014, 03:19:36 PM 
Started by Veeshush - Last post by Veeshush
Edit > Preferences > Advanced > Encryption > and deselect "Use SSL 3.0" in the protocols area. I'm not too concerned about this sort of thing (if I was, I probably wouldn't be using Firefox 2 anyway), though I have just disabled SSL 3.0 because it looks like nothing uses it nowadays anyway.

Sure enough, that test website now says my browser isn't vulnerable to any stray POODLEs lurking in the interwebs (though I think the work involved in that attack would be far less than worthwhile for anyone looking at my internet data.

More so than that too, most web servers will hopefully disable SSL3 on their end. But also obviously as you mention,

Quote
Finally, that first web page you linked to doesn't work in Forefox 2 (it uses a later encryption method (probably TLS 1.2 or 1.1) that Firefox 2 doesn't support and for sume silly reason they haven't enabled TLS 1.0 as a fallback)

So if there's not a way to enable 1.1 or 1.2 then most sites are going to end up not working anyway. This is more an issue after the Snowden leaks because now more than ever are sites using HTTPS where as 3 year ago they wouldn't had unless they were a shopping/banking site. https://www.eff.org/https-everywhere/deploying-https (To be fair also, this is somewhat an issue with Dillo until it gets better HTTPS support http://www.dillo.org/FAQ.html#q12 )

Quote
As for those plugins. I'm not going to go through that web page, but the NoScript Download Page (https://noscript.net/getit) says under "Direct Download":

"Users of Firefox 2.0 and below are urged to upgrade their very unsafe browser. For those few who can't, latest legacy-compatible NoScript version is 1.10."

With a link to V. 1.10. So that's easy.

Yeah, at the very least having some version of Noscript would be a ton better than nothing. (thanks for that btw, I'll give it a try later)

Quote
AdBlock Edge is too new for Firefox 2.0 support, but AdBlock Plus which it's based on will work if you use the old V. 1.0.2 (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/versions/?page=2#version-1.0.2). Though funnilly enough, the Firefox website is now so broken with Firefox 2.0 that the download link doesn't seem to work.

Actually, the more I got thinking about it the more I'd try to avoid any version of Adblock for DSL. Adblock can be pretty cpu/ram heavy on modern machines at times. I think just Noscript would be the way to go.


All in all, there's probably also a ton of unpatched browser exploits that Bon Echo is vulnerable to as well. That, along with it being pretty draining on older system with little ram compared to Dillo. Like, I can easily run the latest Firefox on another system I have, and it's just a 500mhz AMD K6 III rig with 512mb ram- yet if you have a 83mhz Pentium (which is my DSL rig) then Bon Echo chugs until you close it. I mean, I get Bon Echo was never meant to be more than what it is, but I'm just wondering if it's worth the hassle these days. (but don't confuse me in saying it should be straight out scrapped altogether, I'm just thinking outloud of all the difficulties).

 2 
 on: October 27, 2014, 02:26:33 AM 
Started by Veeshush - Last post by AE7XQ
I bought the book. It was a great investment. I am going to get into shell scripting soon so that I can write my own script for controlling the repeater. Yes, I have plans to put a video on youtube once the station is setup. I will post when the video is up, but that is still a couple of months down the road.

 3 
 on: October 26, 2014, 09:41:37 PM 
Started by Veeshush - Last post by CNK
Disabling it is easy:

Edit > Preferences > Advanced > Encryption > and deselect "Use SSL 3.0" in the protocols area. I'm not too concerned about this sort of thing (if I was, I probably wouldn't be using Firefox 2 anyway), though I have just disabled SSL 3.0 because it looks like nothing uses it nowadays anyway.

Sure enough, that test website now says my browser isn't vulnerable to any stray POODLEs lurking in the interwebs (though I think the work involved in that attack would be far less than worthwhile for anyone looking at my internet data.

Actually I would rather my Email was secure than my Web browsing, though my Slypheed logs don't make it clear what encryption method is used with my IMAP accounts. I might look into that some time, but I'm still not that fussed.


As for those plugins. I'm not going to go through that web page, but the NoScript Download Page (https://noscript.net/getit) says under "Direct Download":

"Users of Firefox 2.0 and below are urged to upgrade their very unsafe browser. For those few who can't, latest legacy-compatible NoScript version is 1.10."

With a link to V. 1.10. So that's easy.

AdBlock Edge is too new for Firefox 2.0 support, but AdBlock Plus which it's based on will work if you use the old V. 1.0.2 (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/versions/?page=2#version-1.0.2). Though funnilly enough, the Firefox website is now so broken with Firefox 2.0 that the download link doesn't seem to work.

After looking at the page's source code (one gets used to this technique after using Firefox 2 for a while these days), here's the download URL (https://addons.mozilla.org/firefox/downloads/file/51047/adblock_plus-1.0.2-fx+sm+tb.xpi).

Finally, that first web page you linked to doesn't work in Forefox 2 (it uses a later encryption method (probably TLS 1.2 or 1.1) that Firefox 2 doesn't support and for sume silly reason they haven't enabled TLS 1.0 as a fallback), so here's a link to the Google cache of the page (http://webcache.googleusercontent.com/search?hl=en-AU&q=cache:RmrAAP0cnwwJ:https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack%2Bhttps://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack&gbv=2&&ct=clnk). Though of course that means revealing to Google that you are worried about angry POODLEs, and archive.org doesn't have it archived! Ahh!!! Oh, wait, there's a link to add it to the archive... The power of collective web users triumphs again! (https://web.archive.org/web/20141026212757/https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack)

 4 
 on: October 26, 2014, 10:11:16 AM 
Started by Veeshush - Last post by fatmac
Don't forget that you can make up for difficient ram by using a swap partition.Smiley

 5 
 on: October 26, 2014, 01:01:12 AM 
Started by Veeshush - Last post by Veeshush
See: https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack

Here's a test: https://www.ssllabs.com/ssltest/viewMyClient.html


Also here's some search engines to possibly add (particularly StartPage): https://prism-break.org/en/subcategories/gnu-linux-web-search/

And some addons: https://prism-break.org/en/subcategories/gnu-linux-web-browser-addons/ But I don't know if any of them would even work on Bon Echo. My thinking is that with Adblock Edge and Noscript especially, browsing would be a lot quicker on older machines that get hung up on scripts and ads. Not as fast as Dillo, but better than nothing. Just a thought, if it's even possible.

But the main thing is that SSL 3 should be disabled.

 6 
 on: October 25, 2014, 11:24:46 PM 
Started by Veeshush - Last post by Veeshush
My plan is to use it for some of my amateur radio stuff. In particular, I am going to use it for 2 meter packet and running a 440 MHz repeater (though I've considered looking into modifying the transmit and receive boards and setting it up for the 222 MHz band).

Ah neat. You should stick some videos on Youtube of it.

What are your plans for your system? I'd like to know. DSL is really an awesome OS.

Pretty much just to keep it running. I want to pick up that DSL book on Amazon give that a look over. Personally, I just started really swapping over all my systems (except for my main, I need to get some SSDs to duel boot) with Linux cause of the post Snowden stuff. That, I'm just so tired of babysitting Windows installs, tracking down all the updates, etc. Scrubbed XP off an old box and threw Debian on once XP went End of Life. Then I got thinking about this system, I was just "why am I keeping a Win98 install?" so I threw DSL on it.

I used to like Puppy, but it has gotten to bloated for me in terms of a mini-distro.

Yeah, I could never get into Puppy.

 7 
 on: October 25, 2014, 11:07:02 PM 
Started by Veeshush - Last post by Veeshush
There's test here: https://shellshocker.net/ (I tested DSL 4.11.rc2)

Not really a surprise as every Linux distro was pretty much affected by this. If it can be patched though, it should.

Here's a Wilders thread covering Shellshock: https://www.wilderssecurity.com/threads/major-bash-vulnerability-affects-linux-unix-mac-os-x-shell-shock.368559/

 8 
 on: October 25, 2014, 10:15:28 AM 
Started by betatest3 - Last post by fatmac
What about a DSL-NG - New Generation - even if it tops out around the 100Mb mark, for the newer machines, with up to date kernels - could this be practical?
(Or even as a 64bit DSL)

 9 
 on: October 25, 2014, 09:32:40 AM 
Started by mkarcz - Last post by fatmac
The OP only has one post recorded, so I wouldn't hold your breath. :lol:

Regarding the 'up time' of Linux, you can count it in years, but it would be advisable to check it occasionally.

 10 
 on: October 24, 2014, 04:31:33 AM 
Started by mkarcz - Last post by AE7XQ
mkarcz,

You started this topic over a year ago. I don't feel comfortable bumping an old thread like this, but I would like to ask how this project worked out. Were you able to keep your system running non-stop for a year without having to shutdown? I am curious as I am setting up a system for use in controlling a 440 MHz repeater. I would like to know how long I can run my system unattended before I have to log in and do anything administrative. I thank you for your time and consideration.

To other members, I would like to say "I'm sorry" for bumping this. However, my question was in regards to the original post and thus most appropriate here.

Pages: [1] 2 3 ... 10
Powered by SMF 1.1.19 | SMF © 2013, Simple Machines
Mercury design by Bloc