Fedora Security :: Configure Firewall And Software Plus User Rights?
Apr 27, 2011
I am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote.What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights? So only root and one admin can install softwares and no one else.
I am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote. What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights ? So except me no one can install any software. I will have another general user id for internet surfing
I have a user account which is required to run as part of the operating system and as a service. I am currently attempting to install my companies software on an Ubuntu desktop via wine just for the purpose of finding out if it's do-able.
Is there a way, in Ubuntu, for a user account to be given the local rights assignment to act as part of the operating system and to function as a service in the background?
What I am tring to do is give all users of group users rwe any files/directories of a samba share execpt for the top level.Top Level cotains a number of folders and a readme file and should be r-eSublevel should be rwe including files/dir they did not create.I'm am familure with chmod/chgrp but not sure how to do this.
Up until recently, as in a few days ago, I was using Ubuntu and had ufw managing the firewall.It's been "recommended" that iptables itself be used. Where do I do the rules go (as in a file) and how do I call those rules at startup?
im currently running fedora 11 on my computer and i have this old firewall called firestarter. firestarter is very outdated but it has better rules for blocking connections like IGMP does any one know how to add filter rules so i can block IGMP trace and other unknown protocols it would be cool
at the end of my first in fedora i've seen that there is an integrated firewall. With ubuntu i used iptable but we haven't a internal gui firewall. I was looking for reviews but i couldn't found no about it because beeing new i'd like to know if this firewall is good or if is better to install iptable.
I'm new to Ubuntu and wish to use the system in combination with Apache/mySQL/phpMyAdmin. I managed to get phpMyAdmin working for now. Also mySQL database seems to work. Only problem is Apache2. I can start the server and it is working. However in the folder /var/www/ where all site files are stored, I can not edit anything. I have been reading about sudo nautilus which did allow me to change administrator rights for the folder, but still I do not get it working to display other than the default index.html page. Is there a manual or quick solution for me so I can use apache with Ubuntu?
I am trying to set up a simple home file-server for media and backups, using an old Atom board I had lying around and 1GB memory, so I don't want a full desktop. All goes well with installing server 10.10, using LVM for my data disk. However, I wanted some GUI tools since I am not familiar with the CLI, so I installed gdm, xorg, and gnome-core as suggested in some threads and forums.So far so good, it boots into the Gnome desktop, but I can't get sudo access with anything (synaptic, gkedit, etc.) - always "incorrect password". I am fine from the console; I reset my user password, no luck; I set up another admin user, and that also works in console but not the desktop.I have no idea where to go next and can't find anything that works in the forum
I have my own 16GB sandisk cruzer flash drive, I've already mounted him and can read on my own user, but I can write on it only using root. how can I give my user Chmod +x on the folder /media/XXX ?
I have created a new user using sudo adduser "user1" from the root .but this user does not have full admin rights...How to give full access to this user1?
I have configured Ldap Server in CentOS 5.4 & it's working fine, the problem is when I create a ldapuser from server the user can login in client machine but the user has no rights to change the password. How to rectify this by using commands.
when i logged in as user,it shows packages are there for update?,when i click yes it shows insufficient rights.But when i logged in as root i can perform software updates.
I am only user on this ubuntu 10.10 install. I have admin rights but when I try to change some settings via Ubuntu tweak unlock or alter user and groups via advanced tab I never get the option to enter my password. I have added a new user 'tempuser' via safe mode and this user is administrator too but everything works fine from this user..
Results from $ grep admin /etc/group lpadmin:105:heath,tempuser admin:119:firstuser,tempuser,heath
Results from groups admin adm dialout fax cdrom floppy tape audio dip video plugdev fuse lpadmin sambashare I am thinking of making a fresh install if I cant sort this but would like to fix if possible.
I switched over to Fedora a couple of days ago. I'm using the built-in firewall shipped with it but I can't find out how to enable logging of dropped packets. Among others I'd like to use psad that needs firewall logging. Is there an easy way to do this? I'm not an iptables "expert".
How can I mount a device with specific user rights on start up? I still have some problems figuring it out. I would like to mount the divide with uid=1000 and gid=1000. My current entry to the /etc/fstab/ file looks like this:
I have a few FTP users on my linux server(running vsftpd). They all have their own directory and can upload and delete files in that folder.Now, I was wondering whether it would be possible to create special permissions/rights for users. For example, I would like to make it so that certain users could not upload .exe files, or I want a certain user to only be able to upload image files (gif, jpg).
I'm having a bit of a problem after joining Ubuntu 9.04 to my company's Windows Domain. I can log in and use sudo just fine but I don't have access to certain things in my menu (i.e. "Add/Remove Software") and I can't open the User Manager. I manually edited the /etc/group file as root and added my username (username@domain) to the appropriate groups but still no luck.
One of the feature in my application involve changing of hardware setting. This require the user to be root or have administrative right.Before my application enable that feature, I want it to check whether the user is "root" or not, or whether user use "sudo" command to run the application or not, or whether the user has administrative rights or not.What are the codes or library that can do this?
NOTE: Sometimes, advanced linux user may set the user id of root to something else other than 0. So, getuid() may not be helpful in this case.
I have setup a VPS server, created two accounts to two domains respectively, and in one account I built a tool to manage other accounts. I have been rigorously researching and found information, however not implemented yet, about granting apache sudo rights through an interface on one account, so that it can execute scripts as root to manage installations in other accounts. what I mean this is my tool will use 'rsync' to duplicate installations from any account into any account.
My question for security, is it secure to grant apache sudo rights? I have not resolved successfully granting it permissions, and I would not want to waste my time investigating more on it if it can compromise the system in any way.
In your experience, is it feasible to build such a tool like I described? I have the tool working to copy within account and to addon domains and it works great, but I want it to manage all accounts on the server.
Quote: The open-source Linux operating system contains a serious security flaw that can be exploited to gain superuser rights on a target system. The vulnerability, in the Linux implementation of the Reliable Datagram Sockets (RDS) protocol, affects unpatched versions of the Linux kernel, starting from 2.6.30, where the RDS protocol was first included.
According to VSR Security, the research outfit that discovered the security hole, Linux installations are only vulnerable if the CONFIG_RDS kernel configuration option is set, and if there are no restrictions on unprivileged users loading packet family modules, as is the case on most stock distributions.
