Mac/OSX Security & Hacking Query

[Propietary]

Recently I've been putting a lot of time into researching how to protect my privacy online after really being made aware of the issues surrounding the internet nowadays. After watching a few documentaries & doing some independent research, it really got me paranoid (as it should with everyone) with our ever degrading boundries of online & personal privacy and how our corrupt governments are attempting to censor & control the internet. As such I've taken major steps in attempting to maintain my privacy and in doing so it really got me passionate about security in general & also the hacking culture. The last few days of mine have been really spent researching how to make my systems as secure as possible & what the best environment is for practicing hacking & maintaining a secure system with as much anonymity/privacy as possible, any tips would be handy!

I've got a Macbook 13.3 inch late 2014 model & I want to use this mainly over my desktop for the majority of my programming & "hacking" however I want to know a few things about what to do.

First things first, I want a completely secure environment & I'm not sure I really want to boot linux onto my macbook however this could be an option if it's completely significant. I have seen a few hackers using a macbook pro as their laptop and I'm not sure how they use it as their environment, it would most likely be through a dual boot I assume or what are they using? If so what linux distro would be best for this? I was considering arch-linux allowing me to build my system from the ground up without unneccesary functions. More advice on this would be wonderful!

Quickfire questions:

Best modifications of firewall (or firewalls depending on if it's best to purchase other firewall software with much more control/customisation or can i operate this through the console?) to prevent the box from calling home to the mother-ship?

Best way to route ALL internet traffic on laptop through OpenVPN? (Currently using a VPN service with OpenVPN GUI software)

Best ways of reducing/eliminating OS fingerprint?

Removing OSX, Default app services that make my laptop vunerable?

Best way to setup content scanning capabilities to monitor ex-filtration of unintended data (credit cards, personal info, client info, anonymization, etc)?

Disabling location services/apple ID through the console in anyway? Not sure if this is possible.

Best active exploit detection software such as IDS, AV etc.

Really securing my whole network? I don't know but I was thinking more like setting up a second LAN on my home modem not sure what logic would go into that? Could do with any suggestions if you understand what I'm saying!

Overall, can OSX be a genuinely viable & secure hacking environment and what is your advice?

PS: Specifically I want to be able to use the latop with the WiFi Pineapple etc, write scripts, pentest, do some network snooping and access a few shells. All things hacking!

[digininja]

Recently I've been putting a lot of time into researching how to protect my privacy online after really being made aware of the issues surrounding the internet nowadays. After watching a few documentaries & doing some independent research, it really got me paranoid (as it should with everyone) with our ever degrading boundries of online & personal privacy and how our corrupt governments are attempting to censor & control the internet. As such I've taken major steps in attempting to maintain my privacy and in doing so it really got me passionate about security in general & also the hacking culture. The last few days of mine have been really spent researching how to make my systems as secure as possible & what the best environment is for practicing hacking & maintaining a secure system with as much anonymity/privacy as possible, any tips would be handy!

I've got a Macbook 13.3 inch late 2014 model & I want to use this mainly over my desktop for the majority of my programming & "hacking" however I want to know a few things about what to do.

First things first, I want a completely secure environment & I'm not sure I really want to boot linux onto my macbook however this could be an option if it's completely significant. I have seen a few hackers using a macbook pro as their laptop and I'm not sure how they use it as their environment, it would most likely be through a dual boot I assume or what are they using? If so what linux distro would be best for this? I was considering arch-linux allowing me to build my system from the ground up without unneccesary functions. More advice on this would be wonderful!

Turn off PC, put hammer through the drives and everything else then bury it, you aren't going to get a completely secure environment any other way.

Quickfire questions:

Best modifications of firewall (or firewalls depending on if it's best to purchase other firewall software with much more control/customisation or can i operate this through the console?) to prevent the box from calling home to the mother-ship?

I liked Little Snitch when running OSX.

You can also set up something like pfSense on your route to the internet so it is a dedicated firewall as well.

Best way to route ALL internet traffic on laptop through OpenVPN? (Currently using a VPN service with OpenVPN GUI software)

Install it following the instructions. I don't know about your GUI instructions but the ones on the openVPN site tell you how to do this properly.

Best ways of reducing/eliminating OS fingerprint?

Install something like UA Switcher or use a proxy such as squid to route all your traffic through to throw random UAs on to web traffic

Removing OSX, Default app services that make my laptop vunerable?

Best way to setup content scanning capabilities to monitor ex-filtration of unintended data (credit cards, personal info, client info, anonymization, etc)?

Install Security Onion and then route all traffic through that before the firewall. Learn to read snort and suricata alerts

Disabling location services/apple ID through the console in anyway? Not sure if this is possible.

Best active exploit detection software such as IDS, AV etc.

security onion and OSSEC

Really securing my whole network? I don't know but I was thinking more like setting up a second LAN on my home modem not sure what logic would go into that? Could do with any suggestions if you understand what I'm saying!

Depends what you want to achieve with it

Overall, can OSX be a genuinely viable & secure hacking environment and what is your advice?

anything can be locked down if you put the effort in.

PS: Specifically I want to be able to use the latop with the WiFi Pineapple etc, write scripts, pentest, do some network snooping and access a few shells. All things hacking!

Start small and realise how hard it will all be. You wanted to hide your UA but search for Samy Kamkar and his Evercookie research and all the other stuff on browser fingerprinting.

You want to use IDS but to do that you have to read the logs and I know from running one on my home network there are a lot of logs.

You have to think who your attacker is and defend against them, no point putting effort in to defend against nation state if most of your attacks are going to come from the kid next door.

[cooper]

What I see here is a bit of a smorgasbord. You want the most secure environment and you want to attack. I think you'll find it's going to be very hard to please you...

Let's start with the big one: OS choice. It would appear you're at least comfortable with MacOS so instead of learning something new I would suggest you went and got intimate with it. And I mean really intimate (no, not like that). What you should be able to do is to get a listing of every process active on the system, know what each of them does, why you really do need it and what the exposure is. By exposure I mean things like is it listening on sockets? Does it expect files in locations? What can you do to trip that process up and how would you notice if it did? Imagine your laptop like an apartment building, each process is a tenant and you're the landlord. When one of the tenants croaks, you're going to want to be around to hear the death throes or at the very least get notice from the neighbours that something's starting to stink next door.

If you don't know what should be running on the system it's going to be pretty hard to tell something's amiss.

And it goes without saying that if it's running and there's no need for it, prevent it from running.

Firewall. Your OS is bound to have one. Block open ports needed by services which might make sense locally but not remotely. The goal is to reduce attack surface. Less ways in means less chance of getting in at all. Have the firewall alert you in some way when it sees suspicious shit and have it send you a report once a day that says what went down. The trick here is to get it to beep instantly when you really need to know about it but just give you a summary at the end of the day when it's less of a concern.

You could do something with IDS with tools like snort but we're getting into the "there coming to get you, Barbara" territory. If you do the two things I mentioned before and you make of a point of staying up to date with your software you should be golden.

Now, if you want to use this exact same machine for hacking, you're going to get some nasty messages from the various tools you just set up about suspicious traffic. I would HIGHLY recommend you use a different system for this

Regarding anonymity - long story short: forget about it. In spite of people saying so, it does NOT exist for 99.999% of the world because it's FUCKING HARD.

Do you have a gmail account? If so, Google has a damned good idea about who you are, who you talk to, who you listen to, what you do at night and I agree with them, you should be ashamed of yourself.

Do you have a facebook account? If so, Facebook has a damned good idea about who you are, who you talk to, who you listen to, where you like to go and they, too, think you should be ashamed of yourself.

Do you have a twitter account? If so, Twitter has a damned good idea about who you are, who you talk to, who you listen to and even they think you should be ashamed of yourself.

Do you have a linkedin account? If so, LinkedIn has a damned good idea about who you are, who you talk to, who you work with, where you want to work and how much those people like you. They don't think you should be ashamed of yourself. Yet.

The list goes on, but those 4 are what I would call the big ones. The vast, VAST majority of the world is on one of those or similar sites and as a result they already know a *TON* about you even when you don't use them. There was a study about a year ago where a guy was wondering how much google knows about him and what he discovered was that even though he wasn't on gmail, a lot of people he talked to were and as a result google ended up receiving about 75% of all of his email.

You know all those Facebook 'like' images? Guess who hosts those and what they do with that? Same for the twitter tags, the instagram shit... And social pressure is going to push you to these services. Yes, that's what social media is really all about: all your friends are talking amongst themselves and you're not part of it because you know the network is being mined for your private data not unlike how a whore mines her vagina. So what do you do? Stay the 'weirdo' who doesn't play the social game or do you give in? Do you even have a choice?

So anonymity is a pipe dream. It doesn't exist. Never did. Just that you can't trace someone doesn't mean the powers that be, corrupt or not, can't. Your ISP knows damned well what you're doing every day. Solve it using a VPN? Now your VPN host knows damned well what you're doing every day. Aside from having become less wealthy, what's changed for you because of this? And your ISP knows all your traffic is going to the VPN so they know where to send the law men when they come.

How about we just try and be realistic about these things. You're a fish in the ocean. You might get caught in a dragnet sometimes, but you(r data) won't get processed because they want *YOU* but because they're going over things to make sure everything's on the up-and-up. On the whole, your best bet for anonymity is to disappear into the crowd. Don't make (much) waves online, don't go spouting off at every tiny little thing, don't send death threats to Obama. Just be, for the most part, valued citizen 6942365941232556 who pays his taxes, adheres to the speed limit and has exactly 1.7 children. If you do want to rock the boat, have a separate machine for that, have a separate identity for that, use a different network for that (and don't steal your neighbour's wifi for this. It's lame and you'll still get caught) and preferably more than 1 network, wipe the machine regularly and start over with a completely new identity.

If you want a completely secure laptop, get one without network. Now figure out why you wanted it in the first place.

[Propietary]

Thanks for the fast response, appreciate it!

Turn off PC, put hammer through the drives and everything else then bury it, you aren't going to get a completely secure environment any other way.

Aha, poor phrasing on my part. I did say as "secure as possible" somewhere though

You can also set up something like pfSense on your route to the internet so it is a dedicated firewall as well.

Basically if I wanted to invest in a dedicated firewall (which I probaby dont need) I'd be best purchasing a new firewall/router?

You want to use IDS but to do that you have to read the logs and I know from running one on my home network there are a lot of logs.

You have to think who your attacker is and defend against them, no point putting effort in to defend against nation state if most of your attacks are going to come from the kid next door.

They were just questions that dwinder in the back of my mind when I think about network security and securing my own network, don't know too much about it at all hence the amount of questions! Very interesting.

Install Security Onion and then route all traffic through that before the firewall. Learn to read snort and suricata alerts

security onion and OSSEC

These systems would be run on an independent machine that you route all of your traffic through right? For the sake of an example say I would have a spare PC passing all of the traffic from a few personal computers so it can scan the packets/data etc then exit to my main router.

What I meant by the idea of setting up another LAN is so I could run all of my machines connections through a different router configured to connect through a VPN (ensuring all traffic goes through VPN) and other devices that don't require the VPN connection can run through the other router. Not sure how something like that would work with IP's and everything, will have go off and do some research!

Thanks for your help.