Fedora Security :: Security Spin Pen Through SMB

Jun 3, 2010

Using SMB to access a windows machine through port 139/445 is great, but how can this be used to exploit the system?I know this is gonna get flamed for the nature of hacking, but i'm trying to pen my own windows box with my sec spin of fedora (tried backtrack but didnt like the feel of it, so got the GNOME-security spin)I'm trying to find a way to open up c$ without sitting at my win box and sharing it.

View 1 Replies


ADVERTISEMENT

Fedora Security :: Script To Add Security Spin Tools To Normal Installation

May 22, 2011

love security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.

View 12 Replies View Related

Fedora Security :: FYI Security Spin ?

Mar 2, 2010

FYI Security Spin.

[url]

"...The Fedora Security Spin provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations. The spin is maintained by a community of security testers and developers. It comes with the clean and fast LXDE Desktop Environment and a customized menu that provides all the instruments needed to follow a proper test path for security testing or to rescue a broken system. The Live image has been crafted to make it possible to install software while running, and if you are running it from a USB stick created with the LiveUSB Creator's overlay feature, you can install and update software and save your test results permanently..."

About Security Spin -

[url]

Available Apps of Security Spin -

[url]

View 9 Replies View Related

Fedora Networking :: Unable To Activate Wireless Card In Security Spin

Jul 27, 2010

I've been trying to get Security Spin up and running (after having tried unsuccessfully with knoppix STD). I need to be able to connect to my home network, or hell any wireless network.I've tried using iwconfig wlan0 as well as the options in the Network Configuration panel as well as other related panels. I'm able to change and set up profiles for the wireless card, but not to activate them. The button just isn't clickable.If it helps, I'm running Security Spin from a unetbootin usb drive. The wireless card is identified by the system as "Intel Corporation PRO/Wireless 4965 AG or AGN [Kedron] Network Connection" .

View 2 Replies View Related

Fedora Security :: Wierd SeLinux Security Alerts \ Got:Code:Summary: System May Be Seriously Compromised?

Apr 13, 2011

this is the allert i got:Code:Summary:Your system may be seriously compromised! /usr/sbin/NetworkManager tried to loada kernel module.Detailed Description:SELinux has prevented NetworkManager from loading a kernel module. All confinedprograms that need to load kernel modules should have already had policy writtenfor them. If a compromised application tries to modify the kernel this AVC willbe generated. This is a serious issue.Your system may very well be compromised.Allowing Access:Contact your security administrator and report this issue.Additional Information:

Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:system_r:NetworkManager_t:s0
Target Objects None [ capability ]

[code]....

View 5 Replies View Related

Fedora Security :: What Security Measure's Should Be Taking To Make Box Little Less Vulnerable?

Apr 7, 2009

I'm just curious as to what security measure's I should be taking to make my box a little less vulnerable? I'm still experimenting/playing with Linux, use the net, IM, download this and that and was wondering how secure fedora 10 was out of the box?

View 12 Replies View Related

Fedora Security :: Security Risk Of An Unencrypted /boot Partition?

Apr 8, 2009

During a recent install I made the leap to encryption,but /boot must remain unencrypted.Is there really any legitimate security risk to having an unencrypted /boot partition? I mean basically someone can just see what kernel you're running which they could see during boot anyways right? Oh I and keep all my financial documents in /boot/finances/ (haha ok not really, but I am serious about the first part).

View 5 Replies View Related

Fedora Security :: Install Security Lab Menu On A Normal 13 Installation?

May 30, 2010

Is it possible to install security lab menu on a normal Fedora 13 installation? I don't want to use security spin.

View 14 Replies View Related

Fedora Security :: Remove Nagging Security Screen?

Oct 10, 2009

If I leave the computer running for a few minutes without doing anything on it, this screen appears demanding that I enter my password, otherwise I can't get back to Fedora. I understand the necessity for this security feature in a work environment, but I'm just a home user and this security screen is just a nagging problem I don't know how to get rid of.

View 1 Replies View Related

Fedora Security :: Set Conditions To See Logs Of All Security Intrusions

Jul 19, 2011

I just putup the fedora15 on my PC. there are several msg coming up from selinux saying permission denied, though I am not doing any administrative activity. the PC being a workstation for reaserch. how can I know the denial is for an security intrusion attempt. how can I set conditions to see the logs of all security intrusions. how can I set exclusive msg-ing from selinux that the denial is for a security intrusion attempt.

View 5 Replies View Related

Fedora Security :: Still No Security Patched Firefox 3.5.1 In Yum / Get That?

Jul 18, 2009

Firefox 3.5 has a critical java script vulnerability as noted in the recent news. I had to manually update to 3.5.1 using the mozilla tarball because there's still no Firefox 3.5.1 in Fedora Updates or even Fedora Updates Testing repositories. Is this normal? I didn't want to resort to using the mozilla one because now I can't use flash (my system is 64 bit and mozilla only seems to offer a 32bit tar file of Firefox) and having two Firefoxs means dealing with the ProfileManager, separate bookmarks and so on.

I'm trying to find out if I'm just looking in the wrong place, I tried the normal mirrors for "updates" for Fedora 11 and then updates-testing and also the baseurl for "updates" to get rid of the mirror update delay. None of them seem to have 3.5.1 ?

View 3 Replies View Related

Fedora Security :: Backwards Security - Networking ?

Aug 3, 2009

Problem that may require several tools available on Fedora. I don't know if its possible or not.

Given: Surveillance video box based on Fedora & Zoneminder. Internet connection is via a private 10.x.x.x network connection to the local phone company/ISP. That's the only connection available and they are the only ISP in the area. The ISP uses NAT to ultimately provide a routeable IP address, but that only works on outbound initiated traffic.

Problem: How can someone out on the Internet hit this box? i.e Is there any way to rig a method that will ultimately allow a connection initiated from the Internet to see the surveillance video that this box has stored via an http session?

I thought of one idea but don't have the tools to implement it. User sends an email to a server out on the Net somewhere. Surveillance box retrieves mail ever minute. The mail contains the users IP address. Surveillance box sends an outbound packet to that IP address to get NAT functional. The users box then uses that address to hit the box on the private network. The snag with this is that NAT is specific to ports, and I have no sway over the ISP's NAT capability.

Is there any way to push an http session outbound to the waiting end user? i.e. initiate a push of http traffic from the private box to the end user?

View 5 Replies View Related

Fedora Security :: Personalize Fire Fox Security

Nov 24, 2009

Does any one knows how to set an schedule for fire fox to terminate loading some IP. or restricting people to accessing some websites from your system..?I mean to set some restriction option to Fire Fox for third party..

View 4 Replies View Related

Fedora Security :: Maximize Security On An FC 10 Box?

Aug 26, 2009

I would like to maximise security on an FC 10 box. I had come across some scripts that perform a host of security tests and let me know recommendations on what all needs to be done. Dont seem to remember what they were called. Has any one tried any such stuff on FC10 recently? which scripts or suites you would recommend for this purpose...

View 2 Replies View Related

Fedora Security :: What Is In Security Update?

Jan 5, 2010

I was reading that Arch does not provide security updates, but just provides security by keeping with up-to-date software...So what is in a security update and what does it patch? The kernel?

View 10 Replies View Related

Fedora Security :: Securing Security Lab

Jun 29, 2010

I ran the LiveCD of Fedora SecurityLab and noticed these ports open, 111,631, 34526.How can I close them and what runs behind them. I know 111 is rpcbind, 631 ipp and 34526 is unknown.

View 4 Replies View Related

Fedora Security :: Most Used Apps - Security Lab - FSL

Mar 31, 2011

I just preparing some presentations and was wondering what the most interresting Tools on the FSL would be. There are many, many everybody would use, but what would be the lets say "most wanted" Tools on the fedora Security Suite aka FSL?! Without what Tool you could not work?

View 2 Replies View Related

Ubuntu Security :: Login Panel Is Worse From Security View Point

Jan 19, 2010

ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?

View 5 Replies View Related

Ubuntu Security :: Selecting The 'Available To All Users' Option In Network Mgr Mess With Security?

Oct 15, 2010

To avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?

View 3 Replies View Related

Ubuntu Security :: Basics Of Good Security Of Small Commercial Website?

Jan 17, 2011

1. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?

2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?

3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?

View 9 Replies View Related

Ubuntu Security :: Updated Browsers Using Update Manager Have Lost Security Login Pages For Web Mail?

Mar 3, 2011

i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :

!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM

[code]....

View 2 Replies View Related

Security :: Write A Shell Script Setup Security Policies?

Feb 3, 2010

Is there a way to delete files on the commandline that uses the KDE-Wastebin?It appears that I never ever need the KDE4 Wastebin for files that I deleted through Konqueror or Dolphin. It is only when I delete files on the konsole with rm that I wish I could undelete them. It always happens like that, mostly by being in the wrong directory or using a wildcard when I should not have. (I don't have any erroneous deleted file right now, and I do have plenty of backups, but I just wonder whether there is something better than rm to use generally on the commandline.)

View 9 Replies View Related

Ubuntu Security :: Internet Security Status Feeds Via Conky?

Mar 29, 2010

Conky can be used to display a variety of information on the users desktop. I wanted to use Conky instead to display the current status of security as reported by:

SANS Internet Storm Center
IBM Internet Security Systems
Symantec Threatcon
McAfee Threat Center

I therefore created 4 small scripts which download the current status from these sites, and set the colour of those status's depending on the current value.The conky configuration allows for a semi-transparent background - though this is optional.Attached is an example image showing the 4 different colours.Also attached is an archive with the 4.sh files, .conkyrc and draw_bg.lua (from here http:[url].....

View 2 Replies View Related

Ubuntu Security :: Guidance On Installing Basic Security Software?

May 29, 2010

I just installed Ubuntu on a desktop. Can anyone give me some guidance on installing basic security software? In particular, I'm looking for a firewall, antivirus, and anti-spyware/malware utilities.

View 2 Replies View Related

Ubuntu Security :: Changing Password Seem To Be Potential Security Hazard?

Aug 3, 2010

I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...

When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.

So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.

If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.

View 9 Replies View Related

Ubuntu Security :: Router - Port Forwarding And Network Security

Nov 11, 2010

As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.

At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.

As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.

View 5 Replies View Related

Ubuntu Security :: Is Posting The Hardware Address A Security Risk

Feb 28, 2011

When posting results from ifconfig, it shows the hardware address of etho, etc. Would you consider that to be a security risk ?

View 9 Replies View Related

Ubuntu Security :: Installing LAMP Server On Laptop - Security?

May 8, 2011

I'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?

View 3 Replies View Related

Ubuntu Security :: Why Isn't Ufw Enabled By Default For Network Security At Installation

Jun 7, 2011

The default Firewall ufw is not enabled by default at the time of installation and it has to be enabled by the user.Isn't this a security risk or is the user whether ufw is enabled or not secured from external threats?I am not much knowledgeable about network security But I am trying to understand the Ubuntu mentality behind this default setting.

View 4 Replies View Related

Ubuntu Security :: Best Solution To Protect Server From Security Threats?

Jul 22, 2011

I've recently been running a game server from my desktop, as well as a web page to accompany it.I use the ports 80/8123(HTTP)/5900(VNC)/50500(GAME)/5839(ADMINISTRATION).What's the best solution to protect my server from security threats? On a side note, I plan on adding a MySQL server later, but I want to keep it local only.

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved