I'm just curious as to what security measure's I should be taking to make my box a little less vulnerable? I'm still experimenting/playing with Linux, use the net, IM, download this and that and was wondering how secure fedora 10 was out of the box?
View 12 RepliesMy laptop is beginning to show its age so it may be time for a new PC soon, and most likely it'll come with Windows 7 preloaded. I currently run a dual boot with Lucid and Windows XP, and although I hardly use XP anymore I would repeat this configuration on the new PC. So now I'm wondering if Windows 7 is any less vulnerable to viruses and malware than its earlier predecessors because I don't plan to renew any virus checking software that may come with it.
View 9 Replies View RelatedIn the wake of all of the stories about the Windows DLL hijacking bug, it appears that certain Linux distributions may be vulnerable to a similar problem related to the way that Linux handles a specific variable in some cases. The bug apparently was introduced via a Debian patch last year.The discussion on the possible bug in Linux began with a blog post by Tim Brown, a UK-based security researcher, who detailed a specific case in which Linux could be vulnerable to an attack similar to those designed to exploit the Windows DLL bug. The post spawned a related discussion on the Full-Disclosure mailing list, in which several others confirmed that they'd seen the problematic behavior in certain Linux distributions, including Fedora, Ubuntu and Debian.
View 1 Replies View RelatedOnce random data is obtained by means other than a pseudo-random number generator, what software is available to measure the entropy or quality/randomness of the data?
View 3 Replies View RelatedI used Avast webfilter (proxied webtraffic through Avast) when running Windows. Sometimes Avast would alert and "protect" me from being infected by a compromised website. NOTE: Avast would alert even absent clicking any links. Just viewing the page could result in infection. Should I be running some kind of proxy webfilter for protection? My understanding is that Firefox can be compromised and this can in turn compromise Ubuntu.Are these kinds of threats specific to Windows running Firefox, or Firefox per se. If Firefox per se it seems like I need some sort of Proxy webfiltering like Avast provides.
View 9 Replies View RelatedWhen I reinstalled ubuntu I chose to encrypt my home folder (something that i've never done before) but now that I know it doesn't really make a difference i'd like to decrypt it because the .encryptfs folder is taking up so much space i'm getting notifications every time I log in.
View 7 Replies View Relatedso, sometimes happen that while I'm on my pc comes my mom and say "can I look a things 10 minutes?", this means that I have to leave my computer in her hands for ten minutes... enough to make something wrong! In ubuntu there is a usefull button "start guest session"..but here in fedora I can't find it...So, I create a new user and I called it "Guest" and I eliminated the password, so they can access also without me... but I have some problem:a) I set the home directory of this guest in /tmp/guest thinking that in this way everytime the home directory will be clean... but this doesn't work...b) is there a way to prevent in all cases this account to autenticate as root? So, if they try to install something it hasn't to show the box "autenticate as root", it has to say only "you can't"
View 14 Replies View RelatedAfter I do a recommended SELinux change from an alert:
'grep blender /var/log/audit/audit.log | audit2allow -M mypol'
the next time I boot, I have to add the rule again. How would I make this permanent? Can this only be done with the SELinux Policy Generation Tool? I've tried making bug reports for some SELinux warnings.
I am interested in making the root file system is read-only. I've moved /var and /tmp file systems to another partitions. There are two files in the /etc directory that need to be writable.
These are:
I've moved this files to /var and linked it. I've added command to the /etc/rc.d/rc.local file:
That's it. Are there other solutions to make the root file system is read-only?
love security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.
View 12 Replies View Relatedthis is the allert i got:Code:Summary:Your system may be seriously compromised! /usr/sbin/NetworkManager tried to loada kernel module.Detailed Description:SELinux has prevented NetworkManager from loading a kernel module. All confinedprograms that need to load kernel modules should have already had policy writtenfor them. If a compromised application tries to modify the kernel this AVC willbe generated. This is a serious issue.Your system may very well be compromised.Allowing Access:Contact your security administrator and report this issue.Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:system_r:NetworkManager_t:s0
Target Objects None [ capability ]
[code]....
During a recent install I made the leap to encryption,but /boot must remain unencrypted.Is there really any legitimate security risk to having an unencrypted /boot partition? I mean basically someone can just see what kernel you're running which they could see during boot anyways right? Oh I and keep all my financial documents in /boot/finances/ (haha ok not really, but I am serious about the first part).
View 5 Replies View RelatedIs it possible to install security lab menu on a normal Fedora 13 installation? I don't want to use security spin.
View 14 Replies View RelatedAfter install glibc-2.10.1-4 (x86_64) package, i couldn't run the qemu-kvm anymore.
SELinux is preventing qemu-kvm (svirt_t) "setrlimit" svirt_t.
SELinux prevented pt_chown from using the terminal 0.
If I leave the computer running for a few minutes without doing anything on it, this screen appears demanding that I enter my password, otherwise I can't get back to Fedora. I understand the necessity for this security feature in a work environment, but I'm just a home user and this security screen is just a nagging problem I don't know how to get rid of.
View 1 Replies View RelatedI just putup the fedora15 on my PC. there are several msg coming up from selinux saying permission denied, though I am not doing any administrative activity. the PC being a workstation for reaserch. how can I know the denial is for an security intrusion attempt. how can I set conditions to see the logs of all security intrusions. how can I set exclusive msg-ing from selinux that the denial is for a security intrusion attempt.
View 5 Replies View RelatedObjective: Create a guide to building the now orphaned pam_usb source for Laughlin and summarize the make/install process so that everyone can easily do their own make.
Sources:
http://pamusb.org/
1) Downloaded latest version:
Soundforge pam_usb
2) Resolved Dependencies:
sudo yum install libxml2-devel pam hal pmount python pam-devel hal-devel dbus-devel
3) Tried first make: cd ~/Downloads/pam_usb-0.4.2
[Code]...
Firefox 3.5 has a critical java script vulnerability as noted in the recent news. I had to manually update to 3.5.1 using the mozilla tarball because there's still no Firefox 3.5.1 in Fedora Updates or even Fedora Updates Testing repositories. Is this normal? I didn't want to resort to using the mozilla one because now I can't use flash (my system is 64 bit and mozilla only seems to offer a 32bit tar file of Firefox) and having two Firefoxs means dealing with the ProfileManager, separate bookmarks and so on.
I'm trying to find out if I'm just looking in the wrong place, I tried the normal mirrors for "updates" for Fedora 11 and then updates-testing and also the baseurl for "updates" to get rid of the mirror update delay. None of them seem to have 3.5.1 ?
Problem that may require several tools available on Fedora. I don't know if its possible or not.
Given: Surveillance video box based on Fedora & Zoneminder. Internet connection is via a private 10.x.x.x network connection to the local phone company/ISP. That's the only connection available and they are the only ISP in the area. The ISP uses NAT to ultimately provide a routeable IP address, but that only works on outbound initiated traffic.
Problem: How can someone out on the Internet hit this box? i.e Is there any way to rig a method that will ultimately allow a connection initiated from the Internet to see the surveillance video that this box has stored via an http session?
I thought of one idea but don't have the tools to implement it. User sends an email to a server out on the Net somewhere. Surveillance box retrieves mail ever minute. The mail contains the users IP address. Surveillance box sends an outbound packet to that IP address to get NAT functional. The users box then uses that address to hit the box on the private network. The snag with this is that NAT is specific to ports, and I have no sway over the ISP's NAT capability.
Is there any way to push an http session outbound to the waiting end user? i.e. initiate a push of http traffic from the private box to the end user?
Does any one knows how to set an schedule for fire fox to terminate loading some IP. or restricting people to accessing some websites from your system..?I mean to set some restriction option to Fire Fox for third party..
View 4 Replies View RelatedI would like to maximise security on an FC 10 box. I had come across some scripts that perform a host of security tests and let me know recommendations on what all needs to be done. Dont seem to remember what they were called. Has any one tried any such stuff on FC10 recently? which scripts or suites you would recommend for this purpose...
View 2 Replies View RelatedI was reading that Arch does not provide security updates, but just provides security by keeping with up-to-date software...So what is in a security update and what does it patch? The kernel?
View 10 Replies View RelatedFYI Security Spin.
[url]
"...The Fedora Security Spin provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations. The spin is maintained by a community of security testers and developers. It comes with the clean and fast LXDE Desktop Environment and a customized menu that provides all the instruments needed to follow a proper test path for security testing or to rescue a broken system. The Live image has been crafted to make it possible to install software while running, and if you are running it from a USB stick created with the LiveUSB Creator's overlay feature, you can install and update software and save your test results permanently..."
About Security Spin -
[url]
Available Apps of Security Spin -
[url]
Using SMB to access a windows machine through port 139/445 is great, but how can this be used to exploit the system?I know this is gonna get flamed for the nature of hacking, but i'm trying to pen my own windows box with my sec spin of fedora (tried backtrack but didnt like the feel of it, so got the GNOME-security spin)I'm trying to find a way to open up c$ without sitting at my win box and sharing it.
View 1 Replies View RelatedI ran the LiveCD of Fedora SecurityLab and noticed these ports open, 111,631, 34526.How can I close them and what runs behind them. I know 111 is rpcbind, 631 ipp and 34526 is unknown.
View 4 Replies View RelatedI just preparing some presentations and was wondering what the most interresting Tools on the FSL would be. There are many, many everybody would use, but what would be the lets say "most wanted" Tools on the fedora Security Suite aka FSL?! Without what Tool you could not work?
View 2 Replies View RelatedI'd like to set up a fileserver for myself and a few trusted individuals. I'm computer savvy and I use various linux servers frequently for work, but this is my first time trying to setup my own. Is it possible to have a Samba server setup so it is both secure and facing the Internet? Two questions:
Will opening Samba ports make my default Ubuntu server particularly vulnerable to penetration? More than having an SSH server running? Does Samba/ can Samba be configured to encrypt traffic or is it sent plainly? If so, does Windows and Mac support this secure communication?
If not, what would you suggest? I'd like to achieve something like a network drive and at a difficulty level that my parents could use this if they really wanted to. I will be storing things like financial information and tax returns, but no weapons-grade secrets.
how to make tor run without the gui i would like to run it on a seperate machine that doesnt have GUI but it doesnt want to start with out a X
View 9 Replies View RelatedRunning this software:
Linux 2.6 on a hacked LaCie NetworkSpace
installed SSHd 5.4
installed Samba 3.4
installed lighttpd 1.4
installed ProFTPD 1.3
I want:
Login with my account and same password on all of those. When i use passwd, the change should be reflected on all of them.
I have:
Samba uses encrypted passwords, and i must change passwords for samba with smbpasswd.
lighttpd uses separate password file, must change by hand.
ProFTPD and SSH use system login (/etc/shadow).
So far i found two possible solutions, but can't tell if i understood them right or how to achieve them: use LDAP as auth backend If i could make LDAP my auth backend, provided this is possible at all, lighttpd would use this directly, and PAM would use it for system login. Nevertheless, actually this can't work as Samba uses encrypted passwords. Correct? use Samba password backend, then make LDAP use that If passwd, login, etc would use Samba, i would work everywhere with MD4 hashed stuff. Lighttpd would send plain passwords (HTTP basic auth), and query LDAP, which in turn makes an MD4 hash, and tests for Sambas passwd. Will this work?
I'm involved in a project to students set up a network security training lab using vmware. I want to simulate (in a very rough way) scanning through a poorly configured router or firewall. The easiest way I can think of to simulate this is to use a linux vmware image with two virtual nic cards to act as a firewall with the attacker on the outside network and a domain controller, web server, and database server on the inside network.
I would like to start students off with a firewall script that exposes everything on their internal network to the attacker. Is there an easy way to (mis)configure iptables to do this?. The model I'm trying to replicate is something like this. Attackers were on a 10.10.x.x network, defenders were on a 192.168.x.x network. As an attacker I could nmap 192.168.x.x and see every machine and every service on the defenders side even if they moved a service to an unexpected location. how I can implement a similar configuration using a linux image as firewalls/routers in vmware?