Fedora Security :: Prevent People From Unauthorized Access?
Mar 19, 2009
I'm doing a research to protect my pc from physical access. What I'm facing here is that my company created a program for fedora 8 and plans to sell the unit away. We created a function where you can configure the program using any web browser from a network so we do not want anybody to have access to the fedora except for out personnel.
Based on my research, I've found [URL] this guide to protect people from accessing grub and single user. I am currently researching on preventing others to clone the harddisk. I would like to know if there are any other methods to prevent people from unauthorized access to fedora.
View 14 Replies
ADVERTISEMENT
Jul 14, 2009
I am facing a really weird kind of issues where my boss has asked me block everybody from changing their wallpapers and put a default one there.
View 11 Replies
View Related
Sep 4, 2010
I know it's very easy to share printers in Ubuntu, just went to System, Administration, Printing, Server Settings, Publish Printers connected to this system. VoiláMy question is:How can I create an access list so only certain IP addresses are allowed to see it?
View 8 Replies
View Related
Mar 11, 2011
has my Ubuntu machine been cracked?
machine on home lan
192.168.0.102
it is the DMZ from router
ufw on (ports open for aMule)
sshd installed
[Code].....
View 2 Replies
View Related
May 20, 2011
Do to the last thread I posted got way off topic do to my bad doing , I will post it again to get the thread back on topic.I try it one last time hopefully these myths will be cleared up and this thread will stay on topic an not derail like last one.The myths going around on the internet.
1.Less than 1% use Linux and 10% use Mac Os X it is not that they are so much better but market share .The Malware makers are going windows where the market shares are.
2.Windows have more security but most people don't use it.
3.Mac OS X security is not that good , windows is better.
4.windows it has more gradual permission level than a ON and OFF like Linux or Mac OS X
5.Malware is growing with Linux and Mac OS X now.
View 3 Replies
View Related
Nov 12, 2010
Currently i'm doing a script for my project and I want to prevent people from exiting the terminal by clicking the "X" at the top right. when I run the script, user cannot exit out of the terminal unless the scipt finish running.
View 5 Replies
View Related
Apr 29, 2009
I'll spare the details, but is there a way to use iptables to do the following:
Allow all port 80 traffic to work for squid, yum ,etc. but prevent firefox from talking to port 80?
(That way if they don't use squid proxy, it won't work)
View 4 Replies
View Related
May 11, 2009
I am new to Fedora 10, and to SELinux too.
I would like to know how can I prevent from users with role user_r to connect to Internet with firefox.
View 2 Replies
View Related
Feb 19, 2011
Launching OpenOffice takes several minutes because it's trying to connect to the Internet. The problem gets worse in a dial-up connection. Turning off the Internet takes less than a second to start. How can I prevent OpenOffice from trying to access the Internet when it starts?
View 2 Replies
View Related
May 21, 2009
I want to prevent users changing the wallpaper, as i couldn't found any direct method I thought of preventing the /usr/bin/gnome-appearance-properties being running,
I know that the user also can set the wallpaper without running that . But didn't found any other way .
I tried to use SELinux to it and I'm stuck at writing a own policy.
According to SELinux, it prevents everything ., but as i have mapped the user to a SElinux user ,even though he can use administrative tasks , he can run the appearance window. that means he has got the permission from a different policy , Currently I'm stuck at this place.
Suitable way to prevent the wallpaper being changed by the normal users.
View 1 Replies
View Related
Aug 11, 2009
After install glibc-2.10.1-4 (x86_64) package, i couldn't run the qemu-kvm anymore.
SELinux is preventing qemu-kvm (svirt_t) "setrlimit" svirt_t.
SELinux prevented pt_chown from using the terminal 0.
View 6 Replies
View Related
Oct 8, 2010
I have been learning Linux for the past few months and just recently started with Bash programming. Using scripts it is possible to find users with duplicate UIDs but is there any way or script why which duplicate UIDs can be prevented altogether.
View 7 Replies
View Related
Mar 23, 2009
I have a users, that log in from a terminal. They should not have any shell access, so currently their login script, at the end, starts the program that they use, and after that program ends, the login script moves on to log them back out. The problem is, they could press ctrl+c, while the login script is running, and it quits the login script and spits them out at a shell prompt. -- Is there any way I can prevent this?
View 4 Replies
View Related
Jul 14, 2011
Windows have many firewalls to prevent the system. But Ubuntu have few. Why is it so? Is it not needed to prevent Ubuntu or if it is prevented?
View 5 Replies
View Related
Jan 25, 2011
recently my Apache server crashes very often; by watching the error log,I've notice several signs of intrusion.So, I think the problem can be a denial of service attack against my machine.My distribution is Debian Lenny.
View 2 Replies
View Related
May 23, 2010
how to prevent same user from ssh to multiple linux server at a same time , anyone of you have the script or how to do that ?
View 16 Replies
View Related
Oct 16, 2009
I just made a script to read out /dev/input/event3 into a file (My keyboard is identified here [ Machine is a laptop which runs on slax-atma distro ]). Then used a hexdump to convert the binary into hex. After that used a gwak script to print out the keys corresponding to each keyboard input. So now when I put this in my rc.local , It is taking down all the keys I press. Including login passwords (In short, each and every keys I press).Isn't this a big security risk, because intruder who has a physical access to my machine or has root password can put this file in rc.local and run a script to mail him all the details like my passwords, account and PIN numbers.
View 14 Replies
View Related
Oct 16, 2010
how to prevent the execution of the following commands or how to set a policy or rule that prevents the execution of the following malicious commands
dd if=/dev/zero of=/dev/sda
rm -rf /
View 3 Replies
View Related
Jul 17, 2010
I use the following method for preventing the users from changing their passwords , is there any other method other than this ?ls -l /usr/bin/passwd-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwdso we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwdnow normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
View 9 Replies
View Related
Jan 20, 2011
How can I prevent a certain application from having access to ALSA. It keeps stealing my audio.
View 2 Replies
View Related
May 14, 2009
Does anyone know of a tutorial or site where I can learn how to monitor what sites people have been accessing on a network?
View 1 Replies
View Related
Aug 2, 2010
I am looking for statistics on the number of people who use RHL in comparison to other linux distros. Any help on finding up to date numbers?
View 1 Replies
View Related
Mar 11, 2010
I have installed MoBlock as instructed here: [URL]
After installation I created my own list file in /etc/blockcontrol/custom-blocklist.p2p and have the following uncommented at the bottom of /etc/blockcontrol/blocklists.list:
Code:
locallist /etc/blockcontrol/custom-blocklist.p2p
The list contains the following 2 entries:
Code:
Yahoo:98.137.149.56
Google:74.125.47.147
When I do:
[Code].....
Recently I just noticed that the locallist rules seem to have no effect. I will always get "destination port unreachable" even if the locallist entry in blocklists.list is commented out.
However, whenever I try to browse to that IP, even when blockcontrol is on, even by typing the IP into Konqueror (not the domain name), it lets me go there every time. How can I know that my other applications will not to do the same thing? How can I lock this down and test it empirically to be sure?
View 1 Replies
View Related
Jul 16, 2010
I'm writing here because it's mainly a security issue even though it's rather kernel related.
I'm compiling my own vanilla kernel with an initramfs included in the bzImage. That image contains encryption keys for the rest of the system. Even though it's not for everybody the initramfs image can be extracted from the kernel, decompressed and the keys extracted.
I'm looking on a way to prevent this.
View 3 Replies
View Related
Feb 5, 2011
How do I prevent/disable a file from being copied?
I would want someone to be able to see the content of a directory, then open the relevant document, but just for viewing purpose. They cannot copy the file, either through copy + paste or File/Save As.
Is that possible under Ubuntu?
View 4 Replies
View Related
Jun 15, 2011
I am administrating a system with about 40 or 50 users, and we recently jumped ship from windows to ubuntu. Most of my users are getting along fine, but it seems every few days, i have to help someone who accidentally changed something, and now their account (or more rarely, the machine) is unusable, and has to be reset.
I know configuring /etc/sudoers is a huge step toward fixing my problem, but that still will not completely solve it. What I would like to do is prevent users from making ANY changes to the system (aside from their work files and the like), including themes, icons, desktop, background, etc.
View 2 Replies
View Related
Apr 22, 2010
This is an excerpt from the Linux man page for mktemp command: "mktemp is provided to allow shell scripts to safely use temporary files. Traditionally, many shell scripts take the name of the program with the PID as a suffix and use that as a temporary filename. This kind of naming scheme is predictable and the race condition. It creates is easy for an attacker to win. A safer, though still inferior approach is to make a temporary directory using the same naming scheme. While this does allow one to guarantee that a temporary file will not be subverted, it still allows a simple denial of service attack. For these reasons it is suggested that mktemp be used instead."
- How can a denial-of-service attack be carried out if a directory name is known?
- Why is it important to use mktemp to generate a sufficiently random file/directory name for temporary files?
View 1 Replies
View Related
Dec 30, 2010
I've a Linux box with few users (with shell). I would like to prevent normal users see all the processes running on the box. How can I implement this?
View 1 Replies
View Related
Jan 10, 2010
I'm using some software that using mount point such as truecrypt. I also mount shared folder on other machine (fileserver) and publish it using ftp. The problem is when the truecrypt volume dismounted or the shared folder mount point loosing connection to the fileserver, user can write to the mount point without knowing that they actually not writing to the truecrypt volume or to the shared folder.
My question is, when sometime the server reboot and truecrypt volume is not mounted yet, how to prevent write to the mount point? I dont run truecrypt mount automatically for security reason.Some question for shared folder, if fileserver restart and the shared folder mount point got disconnected, how to prevent write to the mount point?
View 2 Replies
View Related
Jan 4, 2010
I have Ubuntu 8.04 as virtual host. On this host I have installed VirtualBox virtualization software. I have installed Windows XP as virtual machine and installed HTTP server.I would like temporally disable all network connections to host and virtual machine.So on Ubuntu host I have set firewall settings:
Code:
sudo iptables -F (to flush - delete all firewall settings)
sudo iptables -P INPUT DROP (to disable all input traffic)
[code]....
View 9 Replies
View Related
