Fedora Security :: Cannot Use The Sealert Browser On Remote Machine?
Mar 5, 2010
I have a F11 box serving xdmcp. I log into them machine remotely with xming. As far as I can tell, all x clients work fine, EXCEPT for sealert. I get occasional selinux alerts, but I cannot use the sealert browser on my remote machine. When I try to run the browser, I get this: sealert -V -b
2010-03-05 11:27:49,841 [dbus.proxies.ERROR] Introspect error on :1.61:/org/fedoraproject/Setroubleshootd: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Message did not receive a reply (timeout by message bus) 2010-03-05 11:27:49,842 [dbus.proxies.DEBUG] Executing introspect queue due to error 2010-03-05 11:27:49,842 [dbus.ERROR] could not start dbus: org.freedesktop.DBus.Error.ServiceUnknown: The name :1.61 was not provided by any .service files
I see the bug at [URL].. but it does not mention the browser, nor does it say what the fix/workaround is..Im going to stab in the dark and start relabeling things, but anyone know what's really wrong?
View 2 Replies
ADVERTISEMENT
Apr 20, 2009
One of our web servers has logged many of the same "setroubleshoot: SELinux is preventing the httpd from using potentially mislabeled files /boot (boot_t). For complete SELinux messages. run sealert -l e143c369-a72d-453e-84fe-6b62b7f05c5f" recently. This looks suspicious. We'd like to map these sealert to the httpd access log to see if there's any malicious activity. We added a '%P' option to the Apache combined logformat, so the httpd process id could be logged too. Then we grep'ed all the Apache access logs using the pid from the above sealert -l command. There are not many of them, so we can test them one by one.
Shockingly, none of the access served by the specified pid can repeat the same sealert.
The server was installed a Centos 5 (x86_64) and upgraded to the 5.3 version two days ago. The main components are as following:
Is there any other way we can try to find out the real access which triggered these alerts? The sealert -l output is attached.
View 12 Replies
View Related
Jul 8, 2010
I have stuk up in big issue here , I just want to find the remote url in which it listens ?
I know the remote host and remote port number but i just want to which url the web application listen
For example : Host : 1.1.1.1 & port no : 8080
But i remember the url would be http://1.1.1.1/(something):8080
I want to find the complete url in which it listens ?
In nmap whether i can achive this or anyother tool ?
View 5 Replies
View Related
Jul 19, 2011
Every time selaert is triggered, I get this problem. I have looked everywhere for the required report module. Where can I get it from?
Opps, sealert hit an error!
Traceback (most recent call last):
File "/usr/bin/sealert", line 692, in <module>
run_as_dbus_service(username)
[Code]....
View 3 Replies
View Related
Jan 5, 2010
I have an ssh server running at home and I'd like to be able to connect to it from an internet cafe that wont let me run putty or java applets. Is there any way to ssh into my home machine through a browser? The only solutions I could find where java based.
In theory, would it be possible to open an ssh connection that reads and writes to a file, and then make a cgi script that writes commands to the file and formats the output to html?
View 1 Replies
View Related
Feb 28, 2011
I have looked for clues in the sshd.conf etc. But I can't really find anything that give me a hint of why fedora 14 keeps blocking my access.I get all the way into the ssh interface.
login as: xxxxx
xxxxx@xx.xx.85.216's password:
Access denied
xxxxx@xx.xx.85.216's password:
Access denied
xxxxx@xx.xx.85.216's password:
So it's not a firewall problem and the port forwarding is working fine. I am using putty to access the machine remote.Anyone have any ideas of what I need to set in ssh or sshd.conf. I am expecting to login with password not with keys.
View 3 Replies
View Related
May 19, 2010
I just started to run Fedora/Linux on my laptop... I was using XP and using putty to connect to Linux servers at work. I am assuming I can use the terminal editor supplied with Fedora to connect to remote linux server? Can I uses the terminal to connect to remote linux server? How do accomplish this?
View 6 Replies
View Related
Jan 21, 2010
I am trying to compile some thing on a remote machine, need to know following infomation:
1. machine:
2. CPU type:
3. Operation system:
4. Fortran compiler:
5. C compiler:
Where do I look?
View 3 Replies
View Related
Apr 14, 2009
I am using VNC to login to remote machine (vncserver). My question is; How can I login to remote machine (vncserver) through VNC client, without having to login to vncserver first physical. For better explanation here is an example: If john wnat to login to vncserver remotely first he has to login the vncserver physically then he can login remotely.
View 5 Replies
View Related
Jan 5, 2010
I want to use a headless (no monitor) and armless (no keyboard/mouse) PC as a Linux box that I can remotely access from my other machines. That is I want to make it look like I'm sitting at the console on the Linux box with a monitor/keyboard/mouse.
I've tried that via the instructions at [URL]
but, the moment I disconnect the monitor and reboot, the remote desktop connection fails as apparently X fails to start for lack of a "screen". Removing the keyboard/mouse does not seem to be a problem.
Is there a workaround?
I guess what I'm looking for is the remote desktop behavior from Windows XP/Vista:
1. Connect -> Get logon screen
2. Disconnect -> Session remains active on remote machine and can be reconnected to
View 9 Replies
View Related
Nov 30, 2010
How do you transfer files on a Linux machine with ftp,sftp and scp disabled onto a remote machine
View 2 Replies
View Related
Jul 18, 2011
Whenever I put ssh into remote machine am getting the following messages. Write Failed: Broken Pipe (After logged into that machine ) Read Socket Failed: Connection reset by peer (While trying to log in ) Also known_hosts file is changed frequently.
View 1 Replies
View Related
Dec 26, 2009
Is there any way to redirect a remote Linux machine mplayer output audio to local one?
View 2 Replies
View Related
Nov 7, 2010
I have recently installed fedora 14 and configured vpn to access my work network. I need to access some windows machines which although I can ping I cannot remote desktop into. When I go to Applications>Internet> Remote Desktop Viewer and put in the machine name (either just the machine name or the FQDN including the domain name) I get an error "Connection to <machinename> was closed".
View 4 Replies
View Related
Jul 29, 2010
I am trying to automate yum update of specific package on a remote machine.
So far I have this:
#!/bin/bash
# Update my system
if ! yum update w3m
then
failure=1
fi
if [ $failure ]
[Code]...
View 1 Replies
View Related
Jan 10, 2010
Browser can't find server at att.yahoo.com so no internet. My folding at home client with Stanford can't download {an upload went ok}. I have 2 other fedora boxes & 3 windows boxes thru the same router and they are all fine.
I can manually ping Stanford ok,
Add/remove software within fed. works ok.
I can type in 192.168.0.1 & get the page for my router
The only thing I did between working & not working was to install
Nvidia Cuda driver for my GTX275
My guess is something in the firewall got tweaked. but I've compared it to 2 working boxes & nothing jumps out at me.
View 5 Replies
View Related
Aug 17, 2010
My server is connected to the Internet for ssh on port 22 with root logon disabled, a single non-dictionary word user name allowed, and pki authentication only (about as secure as I can make it). I've previously run fc5 and 9 servers using the same sshd config since 2006 and had no security troubles, so I'm happy, but.. After the fc13 install and configuration, logins from a host on a remote network are taking about 1m 30s to complete! A (partial) console output for ssh -vv appears below. The lines marked with "**" were the lines after which significant pauses happen. This is fully repeatable.
Code:
debug1: Next authentication method: publickey
debug1: Offering public key:
debug2: we sent a publickey packet, wait for reply
[code]....
View 3 Replies
View Related
Apr 4, 2009
Remote root login is enabled. How do I disable this
View 14 Replies
View Related
Jul 28, 2009
I have currently a file server that runs on Fedora 9, and all other PCs (mostly running Windows XP) access the file server via SAMBA. Everything works perfectly! However, lately a home invasion in my neighborhood got me thinking. If they take my file server, my data is not protected. So, I would like to implement the LUKS partition encryption (/home) which sits on a separate disk. However, I don't quite like the decryption process at boot time. In other words, I would like to wake up the file server (WOL) remotely, and when it's done booting, I would like to log-in using the other PCs and enter the passphrase remotely to decrypt /home. Is this possible using LUKS encryption (i.e., cryptsetup)? If not, what would be another alternative to what I am trying to do using a secure encryption (so that the data is safe from thieves)?
View 4 Replies
View Related
Sep 17, 2009
way to redirect the audit daemon message to a remote host I checked the auditd.conf and it's man page and find that the log location is specified by the line log_file = file_path and in the man page
Quote:
"log_file: This keyword specifies the full path name to the log file where audit records will be stored. It must be a regular file."
does this mean that the auditd does not have the function to redirect the logs to a remote hosts.
View 4 Replies
View Related
Jun 15, 2010
We recently had a vulnerability scan done on our network and one of the vulnerabilities was that the dns server discloses the remote host name when using hostname.bind.
Is there any way that we can stop this from happening? Our name server is a Fedora 11 machine.
View 2 Replies
View Related
Jul 31, 2010
I have several (say, 50) machines running ubuntu.I want them to be centrally controlled.That is, each machine should get permit from central machine before installing any software etc.I googled quite a lot but could not find the solution...
View 1 Replies
View Related
Jan 25, 2011
I've been trying to make sense out of this error report. I get it every once in a while on startup of my machine.
Code:
Summary:
SELinux is preventing /usr/sbin/ntpd access to a leaked netlink_route_socket
file descriptor.
Detailed Description:
[ntpd has a permissive type (ntpd_t). This access was not denied.]
SELinux denied access requested by the ntpd command. It looks like this is either a leaked descriptor or ntpd output was redirected to a file it is not allowed to access. Leaks usually can be ignored since SELinux is just closing the leak and reporting the error. The application does not use the descriptor, so it will run properly. If this is a redirection, you will not get output in the netlink_route_socket. You should generate a bugzilla on selinux-policy, and it will get routed to the appropriate package. You can safely ignore this avc.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ [URL]
Additional Information:
Source Context system_u:system_r:ntpd_t:s0
Target Context system_u:system_r:firstboot_t:s0
Target Objects netlink_route_socket [ netlink_route_socket ]
Source ntpd
Source Path /usr/sbin/ntpd
Port <Unknown>
Host localhost.localdomain
Source RPM Packages ntp-4.2.6p2-7.fc14
Target RPM Packages
Policy RPM selinux-policy-3.9.7-3.fc14
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Plugin Name leaks
Host Name localhost.localdomain
Platform Linux localhost.localdomain 2.6.35.6-45.fc14.i686
#1 SMP Mon Oct 18 23:56:17 UTC 2010 i686 i686
Alert Count 1
First Seen Fri 21 Jan 2011 02:01:09 AM PST
Last Seen Fri 21 Jan 2011 02:01:09 AM PST
Local ID fb73799a-8d3c-4d9a-8c06-a0c1b6d4814e
Line Numbers
Raw Audit Messages
node=localhost.localdomain type=AVC msg=audit(1295604069.730:15): avc: denied { read write } for pid=1731 comm="ntpd" path="socket:[14643]" dev=sockfs ino=14643 scontext=system_u:system_r:ntpd_t:s0 tcontext=system_u:system_r:firstboot_t:s0 tclass=netlink_route_socket
node=localhost.localdomain type=SYSCALL msg=audit(1295604069.730:15): arch=40000003 syscall=11 success=yes exit=0 a0=8a1ad60 a1=8a1b040 a2=8a1b2c8 a3=8a1b040 items=0 ppid=1730 pid=1731 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ntpd" exe="/usr/sbin/ntpd" subj=system_u:system_r:ntpd_t:s0 key=(null)
View 2 Replies
View Related
Jul 28, 2011
Has anyone got experience connecting a linux machine to a Microsoft VPN server using RSA authentication? What puzzles me perhaps most about this topic is the absolute dirth of information. If it is not possible, can anyone tell me why?
View 9 Replies
View Related
Aug 21, 2011
I use a hosted machine for work which has vnc and apache servers running. To work on a shell, I connect to the VNC server, and to access files I host them using apache and open them from my browser. It would be great if I can access my shells via my browser itself instead of using VNC or command prompt.
I am looking for an end result like this: [URL].. What are my options? PS: I already tried [URL]..but this uses a java applet to run and does not do it in browser itself.
View 2 Replies
View Related
Jul 6, 2010
I always use VNC to check my server for updates, and this morning I started the xvnc4viewer to vnc into my server and it keep asking for a password. I never setup a password because I do this local from my laptop, and I am the only one who uses my laptop. I had to go to my server and check the setting in System > Preferences > Remote Desktop and found them all changed. There was a password setup and there was a check mark in the you must confirm each access to this machine there some security update that changed all these setting? Sometimes when I do updates I don't know what is being changed on my server
View 9 Replies
View Related
Jan 25, 2011
Whenever I try to open a folder or some other location on disk through any program, I get the Remote Desktop Viewer. For example, if I go to Places --> Home Folder, the RDV opens up and says "the connection to /home/<me>" is closed. It's very odd. I get the same behavior in Chromium if I select "Show in Folder" for a download.
If I go to the terminal and type 'xdg-open ~' or 'gnome-open ~' I also get the Remote Desktop Viewer, just like I do when I select home from the Places menu.
View 3 Replies
View Related
Mar 12, 2011
I've an network architecture where for the user to reach the machine that it want, it has to pass through a frontend machine.
Code:
User ---> Frontend ----> Machine1
The connections between all hosts uses ssh. If I want to reach the Machine1, I've to authenticate to the Frontend and authenticate again to the Machine1. The Machine1 and the Frontend doesn't have X installed - only console mode.
The Machine1 has the file in my HOME directory called: hello.html that contains flash embedded. I would like to view the hello.html in my browser located at the User machine.
Is there a way to access remotely to the html file, without have to copy the file to my local machine?
View 1 Replies
View Related
Mar 24, 2010
So I've read a bit and it seems that this is okay and secure. But I wanted to double check here with everyone, because I trust here more than just about anywhere. I've read about the hipporemote (which is pretty cool) and I have it working. Basically I want to make sure my system is still secure.
1. I had to open a port on my firewall for the VNC connection.
2. I turned on the Remote Desktop
2a. Checked Allow other users to view....
2b. Checked Allow other users to control....
2c. Checked You must confirm.....
2d. Checked for password, and put in a password
2e. Checked Configure network automatically to accept connectios
So with doing all of that, am I ok? I think so, especially since it says its only accessible on my local network. But I just wanted to hear from people who know more than I do that I don't need to worry any more than normal about others accessing my machine. I'm mainly thinking 2e, I don't fully understand what's going on there.
View 9 Replies
View Related
Sep 4, 2010
I have configured Nagios Server and Client on my RHEL 5.4 machines using these links and help html files in tar balls.
url
url
I have this scenario.
Nagios Server - 192.168.1.200
Nagios Client - 192.168.1.201 (This is the remote-host I am trying to monitor)
I firmly believe I have at least configured it right as this command on Nagios Server does not show any errors.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
code....
View 8 Replies
View Related
