I was reading that Arch does not provide security updates, but just provides security by keeping with up-to-date software...So what is in a security update and what does it patch? The kernel?
View 10 Repliesi updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
Just got a message about critical security holes for phpmyadmin (see e.g. [URL]) and wondering, when I'd get an update for my ubuntu server Lucid Lynx 10.04.3?
Currently installed version is 4:3.3.2-1, published on 2010-04-16.
Yesterday, I updated my system with the latest security update and other software updates. Following the update, I am not able to log into the system after restart.As usual, I was prompted with the login page which looks as per normal. I chose my login id and entered my password. It brings me briefly to my desktop showing only my wallpaper (without any upper and bottom taskbars/panels). Then the screen went blank and the login page appeared again.I entered the login id and password, was shown the desktop wallpaper, screen went blank and the login page appeared. This continues over and over and over. After multiple tries and with some luck, I am able to log in as per normal.What seems to be the problem?
1. How do I check the system for errors?
2. How do I check which update has been updated?
3. Is there any way for me to restore to its original state (I migrated from FC10 to FC11 via yum update)?
The only other change apart from the security update is that I installed wine - which has been uninstalled the moment I was able to re-logged in.I attach the details of my grub.conf file below which I hope could be of some useful info.
I just installed FC12 and was trying to do the security update, but it encountered an "internal error" and asked me to "report this bug to the distribution's bugtracker" with the details. However, I am not sure exactly what to do. Could someone be kind enough to let me know?
View 1 Replies View RelatedToday (25 of March) Fedora 10 asked to install latest security updates. I allowed it to install them and everything seemed ok. But after the next boot I understood that some applications won't launch. Skype, last.fm player, VirtualBox - all the qt ones. I've reinstalled those apps, and reinstalled qt. They still don't launch.When I execute one of them from terminal - it just waits and nothing happens.The process really starts, I can see it from ps -A and gnome's System Monitor.Here's the /var/log/yum.log for March 25th:
Mar 25 00:20:37 Updated: libX11-1.1.5-1.fc10.i386
Mar 25 00:20:39 Updated: lcms-libs-1.18-1.fc10.i386
Mar 25 00:20:44 Updated: gtk2-2.14.7-7.fc10.i386
[code]....
There are lots of updates in it. This is just a newly install fedora 12. I don't know which is necessary to update in SE.
View 5 Replies View Relatedlove security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.
View 12 Replies View Relatedthis is the allert i got:Code:Summary:Your system may be seriously compromised! /usr/sbin/NetworkManager tried to loada kernel module.Detailed Description:SELinux has prevented NetworkManager from loading a kernel module. All confinedprograms that need to load kernel modules should have already had policy writtenfor them. If a compromised application tries to modify the kernel this AVC willbe generated. This is a serious issue.Your system may very well be compromised.Allowing Access:Contact your security administrator and report this issue.Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:system_r:NetworkManager_t:s0
Target Objects None [ capability ]
[code]....
I'm just curious as to what security measure's I should be taking to make my box a little less vulnerable? I'm still experimenting/playing with Linux, use the net, IM, download this and that and was wondering how secure fedora 10 was out of the box?
View 12 Replies View RelatedDuring a recent install I made the leap to encryption,but /boot must remain unencrypted.Is there really any legitimate security risk to having an unencrypted /boot partition? I mean basically someone can just see what kernel you're running which they could see during boot anyways right? Oh I and keep all my financial documents in /boot/finances/ (haha ok not really, but I am serious about the first part).
View 5 Replies View RelatedIs it possible to install security lab menu on a normal Fedora 13 installation? I don't want to use security spin.
View 14 Replies View RelatedI know very little about SE Linux and I've heard that in some situations it's better to disable it. For a home user, is it important? Does it improve your life ? or does it get in the way ?
Last week some update stopped my printing and I had to install the new hplip from HP because it wasn't in the Fedora repos to correct the problem. I don't know if SELinux had anything to do with it, but today when I disabled SELinux a few minutes later I get a star up on the toolbar and when I clicked on it it mentioned something about hplip. It wouldn't make any sense to me but maybe this has happened to others.
Just finished a security update, (Fedora 12) and it said I had to restart the computer to have it take effect. When I restarted, all I got was the "Compaq" logo....forever. No Grub2 (it's a three system set up), no bios, just the brand name of the box. Even worse, when I tried going at it with a live cd, the same thing; the bios never loads, so no live cd fix.
View 6 Replies View RelatedThe problem is that yum is refusing to install gcc on a new SL6 install. As far as I can make out, a security update that I applied prior to my attempt to install gcc has caused problems. I did a new SL6 install (x86_86) a couple of weeks ago. This was a minimal installation, and I didn't install any dev tools, as I intended to install them later from yum. Since then, I've done very little; I installed a few packages (samba, xemacs, etc), and I let the system update itself. The update installed 'kernel', and updated 'kernel-firmware' [URL]. I now need to install the dev tools (g++, and so on), but I can't. I've tried this from gpk-application, and directly from yum. The complete yum output is below, but the basic error is:
> Error: Package: glibc-2.12-1.7.el6.i686 (sl)
> Requires: glibc-common = 2.12-1.7.el6
> Installed: glibc-common-2.12-1.7.el6_0.5.x86_64 (@sl-security)
[code]....
If I leave the computer running for a few minutes without doing anything on it, this screen appears demanding that I enter my password, otherwise I can't get back to Fedora. I understand the necessity for this security feature in a work environment, but I'm just a home user and this security screen is just a nagging problem I don't know how to get rid of.
View 1 Replies View RelatedI just putup the fedora15 on my PC. there are several msg coming up from selinux saying permission denied, though I am not doing any administrative activity. the PC being a workstation for reaserch. how can I know the denial is for an security intrusion attempt. how can I set conditions to see the logs of all security intrusions. how can I set exclusive msg-ing from selinux that the denial is for a security intrusion attempt.
View 5 Replies View RelatedI run lastb every now and again to see who is trying to p0wn my box and it dates back to november 08. how do i clear these entries to i can get a more update view? or if you know a way i can do a 'more' or something so the IP's are not flying by that would be cool too!
View 2 Replies View RelatedAll of these audit messages is from one su - and root password at a gnome-terminal.This started happening from some update from koji in the last 18 hrs or so.It take 20-25 sec from su - to get the password prompt.
[Code]...
After install glibc-2.10.1-4 (x86_64) package, i couldn't run the qemu-kvm anymore.
SELinux is preventing qemu-kvm (svirt_t) "setrlimit" svirt_t.
SELinux prevented pt_chown from using the terminal 0.
When I am installing texlive package power gone suddenly. From that time onwards yum update command is not working. It is giving error as follows:
Loaded plugins: presto, refresh-packagekit, security [URL]: [Errno 14] HTTP Error 404 : [URL]
Trying other mirror.
Skipping security plugin, no data
Setting up Update Process
Resolving Dependencies
Skipping security plugin, no data
--> Running transaction check
--> Processing Dependency: libkpathsea.so.4 for package: evince-dvi-2.30.3-1.fc13.i686
---> Package texlive-kpathsea-doc.noarch 0:2010-8.svn19287.fc13 set to be updated
--> Finished Dependency Resolution
Error: Package: evince-dvi-2.30.3-1.fc13.i686 (@updates)
Requires: libkpathsea.so.4
Removing: kpathsea-2007-51.fc13.i686 (@updates)
Available: kpathsea-2007-49.fc13.i686 (fedora)
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
I already tried this commands but again I have problem:
yum-complete-transaction first
rpm -e texlive
yum install libkpathsea.so.4
Firefox 3.5 has a critical java script vulnerability as noted in the recent news. I had to manually update to 3.5.1 using the mozilla tarball because there's still no Firefox 3.5.1 in Fedora Updates or even Fedora Updates Testing repositories. Is this normal? I didn't want to resort to using the mozilla one because now I can't use flash (my system is 64 bit and mozilla only seems to offer a 32bit tar file of Firefox) and having two Firefoxs means dealing with the ProfileManager, separate bookmarks and so on.
I'm trying to find out if I'm just looking in the wrong place, I tried the normal mirrors for "updates" for Fedora 11 and then updates-testing and also the baseurl for "updates" to get rid of the mirror update delay. None of them seem to have 3.5.1 ?
Problem that may require several tools available on Fedora. I don't know if its possible or not.
Given: Surveillance video box based on Fedora & Zoneminder. Internet connection is via a private 10.x.x.x network connection to the local phone company/ISP. That's the only connection available and they are the only ISP in the area. The ISP uses NAT to ultimately provide a routeable IP address, but that only works on outbound initiated traffic.
Problem: How can someone out on the Internet hit this box? i.e Is there any way to rig a method that will ultimately allow a connection initiated from the Internet to see the surveillance video that this box has stored via an http session?
I thought of one idea but don't have the tools to implement it. User sends an email to a server out on the Net somewhere. Surveillance box retrieves mail ever minute. The mail contains the users IP address. Surveillance box sends an outbound packet to that IP address to get NAT functional. The users box then uses that address to hit the box on the private network. The snag with this is that NAT is specific to ports, and I have no sway over the ISP's NAT capability.
Is there any way to push an http session outbound to the waiting end user? i.e. initiate a push of http traffic from the private box to the end user?
Does any one knows how to set an schedule for fire fox to terminate loading some IP. or restricting people to accessing some websites from your system..?I mean to set some restriction option to Fire Fox for third party..
View 4 Replies View RelatedI would like to maximise security on an FC 10 box. I had come across some scripts that perform a host of security tests and let me know recommendations on what all needs to be done. Dont seem to remember what they were called. Has any one tried any such stuff on FC10 recently? which scripts or suites you would recommend for this purpose...
View 2 Replies View RelatedFYI Security Spin.
[url]
"...The Fedora Security Spin provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations. The spin is maintained by a community of security testers and developers. It comes with the clean and fast LXDE Desktop Environment and a customized menu that provides all the instruments needed to follow a proper test path for security testing or to rescue a broken system. The Live image has been crafted to make it possible to install software while running, and if you are running it from a USB stick created with the LiveUSB Creator's overlay feature, you can install and update software and save your test results permanently..."
About Security Spin -
[url]
Available Apps of Security Spin -
[url]
Using SMB to access a windows machine through port 139/445 is great, but how can this be used to exploit the system?I know this is gonna get flamed for the nature of hacking, but i'm trying to pen my own windows box with my sec spin of fedora (tried backtrack but didnt like the feel of it, so got the GNOME-security spin)I'm trying to find a way to open up c$ without sitting at my win box and sharing it.
View 1 Replies View RelatedI ran the LiveCD of Fedora SecurityLab and noticed these ports open, 111,631, 34526.How can I close them and what runs behind them. I know 111 is rpcbind, 631 ipp and 34526 is unknown.
View 4 Replies View RelatedI just preparing some presentations and was wondering what the most interresting Tools on the FSL would be. There are many, many everybody would use, but what would be the lets say "most wanted" Tools on the fedora Security Suite aka FSL?! Without what Tool you could not work?
View 2 Replies View RelatedHow can I make the security applet stop showing an update for firefox 3.5.9? I have a more recent version installed from mozilla repo: firefox 3.6. The mozilla repo already has a higher priority (95 instead of 99), so I don't know what to do.
View 5 Replies View Related