We recently had a vulnerability scan done on our network and one of the vulnerabilities was that the dns server discloses the remote host name when using hostname.bind.
Is there any way that we can stop this from happening? Our name server is a Fedora 11 machine.
way to redirect the audit daemon message to a remote host I checked the auditd.conf and it's man page and find that the log location is specified by the line log_file = file_path and in the man page
Quote:
"log_file: This keyword specifies the full path name to the log file where audit records will be stored. It must be a regular file."
does this mean that the auditd does not have the function to redirect the logs to a remote hosts.
This is the difference in the output of a port scan using Zenmap on the same system with UFW turned off and then with it turned on. It is obvious that UFW works.
View 6 Replies View RelatedNew machine, need to append my id_rsa.pub to my remote SSH box, cannot use ssh-copy-id because I cannot specify the port I've got the machine running on.
View 1 Replies View RelatedI was able to install and start tftp.I can tftp localhost and get a file, even from a non-administrator login.I can connect from a remote host, but the *get* times out.I suspect there is a security issue. Can you tell me how to lower the security on tftp so that a remote host can do gets?
View 4 Replies View Relatedhost always ask password on 1st remote desktop (VNC) access Desktop version... how can I disable this?
View 2 Replies View RelatedI am using TomCat6 with Ubuntu Server 9.10 x64. I successfully configured to iptables to redirect the port "443" to "8443" (Tomcat SSL), using this command:
[code]...
I have set up SSH and redirected the ssh server to listen on another port other than 22 for a bit of added security.
Now in hosts.deny I have:
ALL : ALL
In hosts.allow I have:
SSH : ip_address_of_client
I can no longer connect. I get the message: ssh_exchange_identification: Connection closed by remote host.
When I change hosts.allow to read:
ALL : ip_address_of_client
I can successfully connect the server.
However, I only want to allow SSH access in hosts.allow. What is the correct syntax?
I have tried and failed with each one of these:
SSH : ip_address:port_number
SSH2 : ipaddress
sshfwd-portnumber : ip_address_of_client
I installed dovecot on my server and now the imap and pop3 ports are open.But when I want to telnet it, it's not possible.Code: Trying 127.0.0.1...telnet: Unable to connect to remote host: Connection timed out.Also I can't any ports else. But I can connect to it from other computers. I tried to connect to this from my PC and it was successful.
View 7 Replies View Relatedi have made a java web server which works on localhost.but now i want to capable it handling many clients at a time.so clients running on different computer need machine name or IP address of server computer.How can i do this in java?
View 1 Replies View RelatedIs this possible that a process running on a remote-host only inform nagios when some thing is wrong. Rather then nagios-monitoring-server checking through NRPE every so often. Reason is I want to add too many alerts in the application. And I don't want a whole list of ok messages.
View 1 Replies View RelatedI've recently been asked to setup our FTP server to accept connections from a remote host. They sent me a file "id_dsa.pub" with instructions to add this key to the xfer user.
Unfortunately I've no idea how to do this!
I'm running vsftpd 2.0.5 on Centos 5.3
I've setup vsftpd correctly and it's running fine with local users (in the same LAN). However, when remote users wanna login to the server, it takes more than 1 minute to get in. Users do can login from remote. It just took too long. (It prompted for the username and password very fast.) Since the server is behind a router, I did configure the port forwarding for TCP 20-21. The centos version is 5.3. The vsftpd is v2.0.5.
View 6 Replies View Relatedhave fedora 10 and am having problems with ssh. For some reason I can't connect via a remote host to my ssh. Local network connections do work just fine. I have been looking for a log of what is going on but have not had luck seeing anything.Things I have tried:
-Modify hosts.allow to allow ssh to all
-generated rsa1 key identity tryed specifying that with the -i option on the guest computer
[code]...
I have a box (boell) running Fedora 10 sitting behind a firewall at school. I am able to freely ssh to and from this box to other computers (minion) within that lan. Outside of this network I cannot directly ssh to boell - I must ssh first to minion, then I can ssh to boell. I've spoken with the sysadmin and he's verified that the firewall permits ssh freely - i haven't had any issues like this with other boxes of mine there, so this isn't any surprise.
I have verified that the hosts.deny file is blank, iptables permits ports 22 (and 80) and I didn't see anything obvious in the sshd_config. I tried a tcp dump on the external host and boell while attempting to ssh from the former to boell. The packets appear to be acknowledged by boell, but this fails to lead to a connection. I've tried this process with external hosts in different locations with the same result. I have made few modifications to the default installation for F10, so perhaps there is some default somewhere I have to change. In any case, below I have attached excerpts of germane files.
======== ssh from boell =======
[root@boell log]# ssh -vvv 71.189.5.67
OpenSSH_5.1p1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
[code]....
Our requirement is not to use the default SSH port, So I have edited /etc/ssh/sshd_config file and changed the default port 22 to 2022, and I have restarted the sshd daemon. Now port 2022 is open in all servers however when I ssh to the remote hosts I cannot login directly. I have to use the below command to connect to the remote server, I don't want to provide SSH port number info while login to remote servers, How to achieve this.
ssh -p 2022 server02
I am doing some R&D on 11g RMAN in oracle at home. i have installed oracle enterprise linux and i have installed oracle software. when i am trying to configure listener, it is error-ed out. i have verified that telnet with the port is not working and i am seeing connection refused error.
View 3 Replies View RelatedWhen I try to connect to my SUSE server from other one this appears: Remote host identification has changed. I deleted entry in know_hosts but it still working wrong, showing me this message. What could be the cause of this problem??
View 1 Replies View RelatedI have Ubuntu 10.04 installed on my laptop which is wirelessly connected to the router. I have a PC which is Windows XP that is connected wired to the router.Now - I understand that Ubuntu is secure out of the box and so there is no need to worry about configurations. However, a past couple of updates in Ubuntu and I am seeing updates for Samba.I understand that Samba is used for file transfer between Windows and Linux.
Is Samba turned off by defult when Ubuntu is installed - despite having a WinXP computer connected to the router? Is there any way to make sure that Samba is turned off on my Ubuntu laptop?I don't want to transfer any files between my laptop and WinXP. If Samba is enabled, then a Firewall is needed to be configured (I assume), and to me that is sort of pointless with Ubuntu.For arguments sake, if Samba was enabled on my Ubuntu laptop - what would happen to my security?
Many of mails sent from my mail server that are in Queue;The main reason is deffered by domains like yahoo,aol,etc.but there is one more error that i keep getting and that is Host Unknown,Below is an example from mail log,The catch is,test mail sent on the same email id sent from my personal mail from the same server i.e. url was deliveredHowever,another mail containing client information sent from customercare@mycompanysdomain ended up in queue.
There are more examples of the same,around 20 domain have the same problem.
Sep 7 14:33:46 server2 sendmail[24591]: n8793jiC024589: to=<abc@xyz.fi>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=163672, relay=xyz.fi., dsn=5.1.2, stat=Host unknown (Name server: xyz.fi.: host not found)
Sep 7 22:09:42 server2 sendmail[6407]: n87Gdffa006403: to=<abc@def-fgh.com>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=152474, relay=def-fgh.com., dsn=5.1.2, stat=Host unknown (Name server: def-fgh.com.: host not found)
The wireless connection works fine. The wireless switch automatically turns itself on every time I start the computer. However, after turning it off, I can't ever turn it on again unless I restart the computer. And because of this, the wireless connection is disabled until the next time I start the computer.I don't think this is a hardware problem because the switch can be turned on and off, although not in the way I expect.
I'm using ubuntu 9.10 on an Acer Aspire 4740G. The command [lspci | grep Network] shows Atheros Communications Inc. AR928X Wireless Network Adapter (PCI-Express) (rev 01). the [rfkill list] command shows (when the switch is on)
0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no
and, as expected, shows (when the switch is turned off)
0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: yes
I just want to be able to turn the switch on or off at any time I want as long as the computer is still on.
Not doubt this sounds alarmist, and perhaps it is... anyway, earlier tonight my mum complained that her home network connection wasn't working. After complaining about Windows and running a virus scan, I returned to my laptop, only to find my Ubuntu 10.04 was having the same problem. Then I noticed the wireless connection light (next to send and receive, which always blinks anyway) was constantly flashing, as if transmitting data, even though neither of us was connected, of course. I turned the router off and on again a few minutes later. Initially the light was still blinking abnormally, but I could now access the internet, as could mum, so I ignored it.
Later on, while the virus scan on mum's computer was running, Windows notified her she was running out of hard drive space - normally about 30GB of the 51GB HD is used on her laptop, but suddenly 50GB had been used. I also noticed my 275GB Ubuntu partition had 235GB free (although total size of files on disk was 128TB - a bug perhaps?), i.e. 40GB used, which seems pretty large for a rather fresh install and a handful of documents!Currently, everything's normal where my router's concerned (no blinking lights except for my browsing), and my Lucid partition is still showing 235GB free (strangely, mum's laptop now shows 46GB used instead of 50GB). So, what do we make of all this? Were our computers hacked for storage space?
My server is connected to the Internet for ssh on port 22 with root logon disabled, a single non-dictionary word user name allowed, and pki authentication only (about as secure as I can make it). I've previously run fc5 and 9 servers using the same sshd config since 2006 and had no security troubles, so I'm happy, but.. After the fc13 install and configuration, logins from a host on a remote network are taking about 1m 30s to complete! A (partial) console output for ssh -vv appears below. The lines marked with "**" were the lines after which significant pauses happen. This is fully repeatable.
Code:
debug1: Next authentication method: publickey
debug1: Offering public key:
debug2: we sent a publickey packet, wait for reply
[code]....
Remote root login is enabled. How do I disable this
View 14 Replies View RelatedI have currently a file server that runs on Fedora 9, and all other PCs (mostly running Windows XP) access the file server via SAMBA. Everything works perfectly! However, lately a home invasion in my neighborhood got me thinking. If they take my file server, my data is not protected. So, I would like to implement the LUKS partition encryption (/home) which sits on a separate disk. However, I don't quite like the decryption process at boot time. In other words, I would like to wake up the file server (WOL) remotely, and when it's done booting, I would like to log-in using the other PCs and enter the passphrase remotely to decrypt /home. Is this possible using LUKS encryption (i.e., cryptsetup)? If not, what would be another alternative to what I am trying to do using a secure encryption (so that the data is safe from thieves)?
View 4 Replies View RelatedI have a F11 box serving xdmcp. I log into them machine remotely with xming. As far as I can tell, all x clients work fine, EXCEPT for sealert. I get occasional selinux alerts, but I cannot use the sealert browser on my remote machine. When I try to run the browser, I get this: sealert -V -b
2010-03-05 11:27:49,841 [dbus.proxies.ERROR] Introspect error on :1.61:/org/fedoraproject/Setroubleshootd: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Message did not receive a reply (timeout by message bus) 2010-03-05 11:27:49,842 [dbus.proxies.DEBUG] Executing introspect queue due to error 2010-03-05 11:27:49,842 [dbus.ERROR] could not start dbus: org.freedesktop.DBus.Error.ServiceUnknown: The name :1.61 was not provided by any .service files
I see the bug at [URL].. but it does not mention the browser, nor does it say what the fix/workaround is..Im going to stab in the dark and start relabeling things, but anyone know what's really wrong?
I want a log or live data that discloses the system calls an application makes. I have used strace but can't find a guide for it that is decent. I'm interested in knowing the calls made after user intervention like opening a menu and so on. If you run (strace application_name) it is static. What good is this? When does strace make this file? When is this log produced?
View 4 Replies View RelatedWe have ubuntu server and bind9 installed and setup.When I issue rndc reload or /etc/init.d/bind9 reload I got this:rndc: connection to remote host closedThis may indicate that* the remote server is using an older version of the command protocol,* this host is not authorized to connect,* the clocks are not syncronized, or* the key is invalid.If I issue named-checkconf /etc/bind/named.conf I got this:/etc/bind/named.conf.local:165: unknown key 'rndc-key'I got the key files in the right location but I'm not sure if we even need to use them.
View 2 Replies View Relatedwhen I am run:
ssh -v "login"@"server"
I get:
OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to server ["address"] port 22.
debug1: connect to address "address" port 22: Connection timed out
ssh: connect to host "server" port 22: Connection timed out
I suppose this is because I am connecting from a public institute where there is a firewall that is blocking an outbound connection on port 22.Is there anyway I can bypass the firewall using the internet ?
Is there anyway for one Virtual Server to access the main host, or another Virtual Server? Or would they be totally 100% independent?
View 5 Replies View Related
