Carder Forum - Carding Forum - Carders Forum - Best Carding Forum - Top Carding Forum - Verified carders -Altenen - ATN Card the world- - hacking Forum - c2bit

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Setting up linux

Nexus Carder

Hot Verified Seller-Elite Seller - Consumer Choice
Staff member
Premium Verified Seller
Registered User
Nov 21, 2020
Reaction score
Linux is known to be more secure then Windows. This is true, mostly because of the user hierarchy and it being open source, which makes it easier to find and patch security vulnerabilities. Viruses, rootkits and exploits for Linux exist. This is a guide on how to keep your system secure and under control.

I recommend this for your main host and Whonix to card with. Follow this tutorial if you are interested wiki/index.php/Setting_Up_Whonix

Keep your system updated daily. With every update comes security improvements. In Arch you type "pacman -syu", Ubuntu, *buntu, Debian you type "apt-get update && upgrade", Gentoo with emerge "emerge --update --deep --with-bdeps=y --newuse world" or with yum "yum update"

Encrypt your entire system with LUKS and your /home folder, this is done during installation of the OS, you can use TrueCrypt 7.1a for everything else.

Encrypt swap if it isn't already.

Code: Select all
apt-get install ecryptfs-utils cryptsetup


Code: Select all

check if it's working with blkid

Code: Select all
blkid | grep 'swap'

Wipe files with BleachBit, forensics cannot recover these files.

Code: Select all
apt-get install bleachbit

Use command "who" or "w" to check who is logged in.

Look for open ports with "netstat -punta" if you find anything suspicious you can kill that process or close the port.

Never use telnet or SFTP, always use encrypted connections like SFTP and SSH with SSH-keys.

If you run a server or website, run it in jail, which means it can't read files that it doesn't use. You should use "chattr", then no one can modify the files because they are locked. This is good to put on index files so you won't get defaced. Useful for log files and you can even lock folders. After everything is setup you can test if it works with

Code: Select all
echo "killua" >> /var/www/index.html

if you get permission denied even as root, then it's working correctly.

If your server is going to be open to the internet, create a syslog-server. This logs the activity on the server, especially useful if a hacker is erasing evidence after a successful hack. Syslog also gives you more information about your server, which always comes in handy.

If your web server gets hacked then it's very important to know which files are SUID/SGID. These files can be run like another users rights, root, etc.

Code: Select all
find / -xdev \( -perm -4000 -o -perm -2000 \) -type f -print

You can remove the SUID-flag from suspicious files with chmod -s <file name>

(you can use ufw if you want, then skip this) Download Ipkungfu firewall

Code: Select all
apt-get install ipkungfu

and write which hosts your system should permit.

Code: Select all
nano /etc/ipkungfu/accept_hosts.conf

If you are using a VPN you should allow them here with the following syntax (host[ortrotocol]) if your VPN is using static IP's then for example

Code: Select all

Edit /etc/ipkungfu/ipkungfu.conf

Code: Select all

and run "ipkungfu" check status, if it's running as it should "ipkungfu -c"

If you decided to use ufw (gufw with GUI) remember that firewalls are only useful if you block open ports that you are not going to use

For web servers, allow port 80/443 and port 22 for SSH. Blocking ping's and scans (from nmap for example) is important because it makes it harder for a hacker to see which versions your services are using and ports that are available.

Download fail2ban to prevent bruteforce attacks:

Code: Select all
apt-get install fail2ban


Code: Select all
nano /etc/fail2ban/jail.conf

to modify settings (how many tries to allow, where to save logs, and what services to protect) run fail2ban

Code: Select all
/etc/init.d/fail2ban start

Download chkrootkit

Code: Select all
apt-get install chkrootkit


Code: Select all
apt-get install rkhunter & rkhunter --update & rkhunter -c


Code: Select all
apt-get install lynis & lynis -c

and tiger if you deem it necessary

Code: Select all
apt-get install tiger

these are (Intrusion Detection Systems) IDS, remember to run them.

Download iptraf to get data and statistics of your network

Code: Select all
apt-get install iptraf

Use ulimit if you want to limit your system's resources. This can protect you against different type of bombs.

Code: Select all
ulimit -a or like ulimit -u 10 puts max processes to 10

Isowall is a firewall that isolates the computer in the network, which should protect your network from LAN spread worms.