Securing ParrotSec. Questions and suggestions?

I want to thank the Parrot-founders and the community for Everything you do!

My main concerns is about Security and Privacy. well, im a “newbie”. But i have learned alot, that i didnt know before…

First of all i want to say, AnonSurf is Great. Thats the best.

BUT then, i wonder: WHY are you using “standard Firefox” ParrotSec? Even the “ParrotSec Firefox”, from the (first installation) ParrotSec 5.0. Had terrible DNS-leaks, (and i guess everything else “insecure” about the standard-firefoxbrowser? OK its installed with the “AnonSurf-proxy”, and that is good. But not enough (because of the “Standard Firefox or ParrotSec Firefox?” is not a “Hardened version”?
right. Else it wouldnt have those terrible DNS-leaks? So, my suggestion? Use LIBREWOLF https://librewolf.net/ as your standard browser in the new version of ParrotSec? Because, Librewolf IS the best / most secure of all the browsers that exists Today Ok.

LibreWolf uses more than 500 privacy/security/performance settings, patches, LibreWolf-Addons (optional) and is designed to minimize data collection and telemetry as much as possible (updater, crashreporter and Firefox’s integrated addons that don’t respect privacy are removed).

My next question is about the Firewall. Why isnt a SECURE FIREWALL installed with ParrotSec?? Why isnt a “ParrotSec-Standard Firewall” not installed for MAXIMUM security? This took me some time (as a “newbie” to figure out) when i discovered / learned, that there are about 80 0000 “unprotected open ports”?? (within an “Standard installation of Firewall”), So? a ParrotSec “standard-installed firewall”, leaves you unprotected against 80 0000 Ports?!:S That CAN and will Track and Hack you?.. As i also learned there are some “supercomputers” from IBM?? (for an example) that are installed just to Track you and monitor you and your internet-traffic. :confused: i just cant explan, what the HELL is going on when ParrotSec leaves you *unprotected against 80 000 ports?.. :s Anyway. THAT took me some time also to “figure out”; I close ALL PORTS (in both directions), and only leave Port 80 and Port 443 Open, that is the only 2 ports Necessary for internet. What happens, ALSO when you close ALL ports (except 80 and 443) IS that you close ALL “DNS-requests” Because? the “DNS-requests”, is within Another “port”. Ok.

Well? You know this already (hopefully), just want to share my experience.

Now, i have some questions? First, Do you follow the suggestions from “Debian Security”? https://www.debian.org/security/ ? (if Yes? Then the “Debian Security-suggestions/updates”, should also be included in ParrotSEC (Standard installation) when you do a “sudo apt-get update && apt-get upgrade”? (because this is ALSO not included within the “standard installation of ParrotSec”? Why is that? :confused:

My last concern Really is about the “IP-adress”. And this has been a long struggle for me to learn,… that “obviously” (for me), it doesnt mattar WHAT i do, to “change my IP adress manually”, (OK “newbie-experience”), for an example, i tried to erase all network settings then manually change them, (when offline), but 2 seconds after i “connect to internet”, Everything i had changed / modifed was erased and changed back to “normal settings”, the IP was changed back to the ISP-adress, (i even tried to change the MULTICAST-settings,… Multicast OFF) etc. but that was Also changed to “multicast ON” (by the ISP)… but, (i Think), this problem is within the Router-settings… BUT i Also think the ParrotSEC, could Figure out a clever script (within the Standard ParrotSec-installation) that also CHANGE the Router-settings (IP-settings), so that the ISP, cannot “modify the IP-settings”?? That would be great? Because all this “question about Privacy” (i think), is Related to simple things? like Learning how to Modify the Router-settings change the IP permanently and setting up a Good FIREWALL with Maximum Security?.. anyway. I guess, this is related to (Proxy), That is something i wish to learn, (but then i wish to know exactly how to modify the Router-settings and the IP), and i also wish to learn everything about SUBNET /Subnet-ports and Subnet proxys (tunneling).As i also discovered you could SET your Router to Tunneling-protocol… (sorry im a “newbie” ok!) xD

Last Question. (perhaps not related to ParrotSec) But what is your suggestions of a “secure email”. If you could give some advice about that? (that has also been a great concern of mine). Because i dont trust most of the email-providers that exist today (that i know of?).

Hope you find my ramblings of some value :slight_smile: And, i thank the ParrotSec-founders and the community again, for all the great work!

Should we add "hardened firefox’ so it sounds amazing?

Define a secure firewall. I really doubt you know actual meaning of firewall.
p/s: I would like to know what is Unsecure firewall as well.

Do you? Or you want Parrot devs to go to your home and upgrade your system for you?

What the fuck does that even mean?

Can you show me your all 80k unprotected ports? A screenshot will be nice. POC is even better.

1 Like

This is not a security issue.

127.0.0.1 is your loopback address (aka localhost). It’s the address your machine uses to reference itself

0.0.0.0 is all address on the machine. Both network local IP address (10.0.1.0/24/192.168.1.0/24) as well as localhost. Again, it just means “your machine”.

The listening ports are if I had to guess, the process running your browser. I’m assuming you had your browser open and connected to the internet while you wrote your last comment. This is just how TCP works.

Another thing you need to keep in mind is that none of the ports on your computer are visible to the open internet. Only your router/gateway is. The only way to make a connection to a bad actor is for you to establish the connection. This is almost always accomplished by social engineering where the target is tricked into clicking a link (which establishes the connection). No amount of port gaurding will prevent this. Unless you have port forwarding enabled on your router (you shouldn’t), all those open ports are inaccessible to any machine not on your local network.

Your computer needs those ports open to function.

2 Likes

Because if you block this port, your computer won’t work

1 Like

I just love how user that has -1 knowledge about basic networking / TCP knowledge cries about how Parrot is insecure
p/s: not the most stupid shit i’ve seen in my entire life.

1 Like

There is other pre-installed browsers. Only one being TOR if you feel like FireFox isn’t your thing. Then uninstall it and install a different one. No issue with it. It’s the same with how IE was installed on every windows 10 PC but people installed chrome on it anyway and went about their day. Microsoft didn’t change it because there wasn’t a need. Mainly, yes it was their own Software they owned. But still, It’s not one of the top top priorities of Security issues in my opinion. Main security issues are within Parrot OS itself. Things that could make the whole SYSTEM insecure and private files. A DNS leak is bad don’t get me wrong. You could always change your DNS as well. I am new to this too. But, I see internal code being more stable a lot more important than a Browser.

He created new account and created new topic about that DNS leak and it ended up by some bullshit that i didn’t bother to read. And then he created an other account and commented like the other are interested in this topic. I removed 2 new accounts

Didn’t know I’d be speaking to a DEV. Normally never happens anywhere else haha. Well, that is fair enough. I won’t reply anymore to just let this post slowly die out. But thank you so much for informing me :slight_smile:

Yeah especially Microsoft forum where you pay for the product that could spy on you.

Too many question marks riddled into poor run-on grammar for me to digest the original post. :grin:

1 Like

Another thing you need to keep in mind is that none of the ports on your computer are visible to the open internet. Only your router/gateway is. The only way to make a connection to a bad actor is for you to establish the connection. This is almost always accomplished by social engineering where the target is tricked into clicking a link (which establishes the connection). No amount of port *guarding will prevent this. Unless you have port forwarding enabled on your router (you shouldn’t), all those open ports are inaccessible to any machine not on your local network.Your computer needs those ports open to function.

“None of the ports on your computer are visible to the open internet”

mokeefemok

Hello Mokeefe, What you’re saying with respect to the visibility of open/closed ports literally makes no sense. Open and closed ports can easily be identified with NMap or any other similar script.

Hey man cool tip. Instead of me launching into how NATs work, I’m gonna let you do it. Can you elaborate on how easy it is to identify open and closed ports on hosts behind a NAT? Thanks that would be awesome.

Just use netstat. Or well, create a custom script to parse network connection under procfs will be cool.