"Corrected some English BUGS "

-y option corrected for the newer version of arpon

LOL

Sorry for the english

 

Hello Today im going to teach you how to Secure your Mint Box on public and non public wifi spots.

Lets go then

The first thing u need is a new gmail account ill explain laiter why .

This are the Apps u need to install in order to start your protection

sendmail, arpon and arpwatch .

Make sure u have the above installed and lets start configurating them

first thing we going to configurate is arpon

Open a Terminal and type in

sudo gedit /etc/default/arpon

u will see a config file with some entries , im not going to post how they look like cuz we going to change those settings, aint that hard . Below is Wath we need to change :]

now pay Attention by default our AP's Access points have a dynamic "DHCP" server for that we will use the Darpi mode. as a daemon.

But make Sure where the eth1 is,, change it by the interface u using over ther ok mate :]

i changed the color of the interface to be more easy to find it eh!

 

# For DARPI uncomment the following line
DAEMON_OPTS="-d -f /var/log/arpon/arpon.log -g -i eth1 -y 500"

# Modify to RUN="yes" when you are ready
RUN="yes"

Ok settings changed save the file and close the editor .

Next step is to configure arpwatch

At the begining i said to get a new gmail account now ill explain why "in small words "

Most of the email providers tend to block emails sent tru a small machine with a host name like this

my-computer.. But GMAIL dont do that,,  instead it sents them to the spam folder but you can edit a filter to avoid that, , and you will get your arp alerts on your inbox folder easy :]

ok now the deal open a termnal and type in

sudo gedit /etc/default/arpwatch

and edit the file to be like this this is just a small conf :]

# Debian: don't report bogons, don't use PROMISC.
ARGS="-N -p"

# Debian: run as `arpwatch' user.  Empty this to run as root.
RUNAS="root"

no big deal either

ok now save the file and and close the editor now lets edit the arpwatch.conf 

type in,, on the terminal

sudo gedit /etc/arpwatch.conf

and this is the setings u have to put make sure you edit the options thar are on red to match your needs ok :]

make sure u add the setings at the end f the file eh!

eth1 -a -n   192.168.7.1/24 -m myemail@gmail.com

ok now save the file and close the editor

theres no need to edit sendmail by the default it works just grate

now here is the last part and only if you want to test your new ARP protection

first we need to start the services

like this

sudo service sendmail start

sudo service arpwatch start

sudo service arpon start

ok now this is the test. To Test the new tools you need to install

libnet-arp-perl

type in

sudo apt-get install libnet-arp-perl

and get this testing tool from pastebin

http://pastebin.com/FzAiqfs1

"Note: dont bother with line 16, this was an ARP whoiser" ,,

 

save it as arptest.pl at your home folder.

now open a terminal at your home folder and type in

sudo perl arptest.pl 

note : you need to run it as root

ok now test it against your router AP and against your protected machine

below are some screen shots of how the tool works and looks like

------------------------------------------------------------------------------------------------------------

Unprotected Machine my Router :]

 

This is my Machine a protected one

 

 

This is an Example of how things looks like on thunderbird

NOTE the Emails might take some time to reach your inbox ok

 

 

And thats it

if for any reason you dont receive a email make sure the services are inicated

or check the mail.info logs to trouble shoot anything you need

for anything else just PM me :]

have fun