Installing applications

Stealth install of applications

• Launch Synaptic on the off-line computer you wish to install software packages on.
• Mark the packages you wish to install.
• Choose File-> Generate package download script.
• Save the script to your USB stick.
• Take the USB stick to an online linux computer and run the script on the USB stick. It will download only the packages required by the offline computer to the USB stick.
• Insert the USB stick into the offline computer.
• Launch Synaptic and click on File-> Add downloaded packages
• Select the directory on your USB stick containing the downloaded *.deb files and click Open. The packages will be installed.

Security applications

Anti-Malware

• rkhunter - Scans for known rootkits, backdoors and possible local exploits
• chrootkit - Check for signs of a rootkit

Encryption

• GnuPG (GNU GPL v3+) stands for GNU Privacy Guard and is a tool for secure communication and data storage. The software has two main uses. The first is to encrypt data to ensure its privacy. The second is to "sign" data so that others can determine it is authentic and unmodified. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC 2440. GnuPG is a command line tool with features for easy integration with other applications. The default public key algorithms are DSA and Elgamal, but RSA is also supported. Symmetric algorithms available are AES (with 128, 192, and 256 bit keys), 3DES, Blowfish, CAST5 and Twofish. Digest algorithms available are MD5, RIPEMD/160, SHA-1, SHA-256, SHA-384, and SHA-512. Compression algorithms available are ZIP, ZLIB, and BZIP2 (with libbz2 installed). https://www.gnupg.org/
• mcrypt (GNU GPL) is a replacement for the old crypt package and crypt command, with extensions. It allows developers to use a wide range of encryption functions, without making drastic changes to their code. It allows users to encrypt files or data streams without having to be cryptographers. The companion to mCrypt is libmcrypt, which contains the actual encryption functions themselves, and provides a standardized mechanism for accessing them. http://mcrypt.sourceforge.net/
• Steghide (GNU GPL) is a steganography program that is able to hide data in various kinds of image- and audio-files. Steghide employs an algorithm which is undetectable by color-frequency based statistical tests. Steghide uses a graph-theoretic approach to steganography. The default encryption algorithm is Rijndael with a key size of 128 bits (which is AES - the advanced encryption standard) in the cipher block chaining mode. http://steghide.sourceforge.net/
• Stunnel (GNU GPL v2) is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer). It allows for securing non-SSL aware daemons and protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code. Stunnel does not contain any crytographic code itself -- instead it relies on external SSL libraries. https://www.stunnel.org/index.html
• VeraCrypt
• CipherShed

Firewalls / Network Gateways

• Firestarter (GNU General Public License) is an Open Source visual firewall program. The software aims to combine ease of use with powerful features, therefore serving both Linux desktop users and system administrators. You can use the firewall creation wizard to create a basic firewall, then streamline it further using the powerful dynamic rules modifiers. Open and close ports with a few clicks, or stealth your services giving access only to a select few. Watch the real-time hit monitor as attackers probe your machine for open ports, in vain. Firestarter makes full advantage of GNOME but also works in most environments. While it protects both the firewall host itself as well as any client hosts connected to a local network from intrusion attempts, it does not impose restrictions on the services that the protected hosts themselves can access. http://www.fs-security.com/
• Gufw (GNU GPL v3) is for users bamboozled by firewalls. It has an easy to use interface for setting up inbound and outbound traffic rules for apps/services and ports. It is designed for beginners. http://gufw.org/
• Netfilter (GNU GPL v2) is a framework that provides a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack. Software inside this framework enables packet filtering, network address [and port] translation (NA[P]T) and other packet mangling. iptables is a generic table structure for the definition of rulesets. Each rule within an IP table consists of a number of classifiers (iptables matches) and one connected action (iptables target). http://www.netfilter.org/