If I leave the computer running for a few minutes without doing anything on it, this screen appears demanding that I enter my password, otherwise I can't get back to Fedora. I understand the necessity for this security feature in a work environment, but I'm just a home user and this security screen is just a nagging problem I don't know how to get rid of.
View 1 Replies
just migrated to Lucid from Jaunty and noticed that the login startup screen looks more like windoze (shows all authorized users).One of the endearing security checks with Unix was that if you had access to a console you had guess both userid AND password - the system wouldn't tell you which was wrong.I feel that we have lowered security by making the list of authorized users visible on a console. Is there any way to turn it off and force users to enter both userid and password?
View 4 Replies View RelatedI was trying to install Fedora 9 on my new laptop that came with Win XP. I have selected the option to wipe out all partition and create a default layout with the Encryption option selected. But that installation got stopped on the middle, therefore I have started the installation again. This time it asked for the encryption password as expected but don't know why, its not accepting my password. I am 100% sure that the password is correct but it is not allowing me to enter into the hard disk partition section.
My question is, how do I remove encryption from my hard disk? I don't need to preserve the data, I just need to use my hard disk again. Is there any boot CD that allow us to format encrypted disks without prompting for a password?
When I upgraded from FC11 to FC12 of the encrypted raid partitions started to request password on boot (in FC11 not having references to encrypted md1 in fstab and crypttab, was enough for FC11 not to ask for passwords on boot) despite the fact that I removed /etc/crypttab and there is nothing in /etc/fstab relating to encrypted md1 (raid array). I want my machine to boot w/o asking me passwords for encrypted devices, and I will open and mount them myself manually after boot.
View 11 Replies View Relatedlove security/pentest tools. This script adds ALL the tools from the Security Spin, plus Metasploit. Feel free to modify it if need be.
View 12 Replies View Relatedthis is the allert i got:Code:Summary:Your system may be seriously compromised! /usr/sbin/NetworkManager tried to loada kernel module.Detailed Description:SELinux has prevented NetworkManager from loading a kernel module. All confinedprograms that need to load kernel modules should have already had policy writtenfor them. If a compromised application tries to modify the kernel this AVC willbe generated. This is a serious issue.Your system may very well be compromised.Allowing Access:Contact your security administrator and report this issue.Additional Information:
Source Context system_u:system_r:NetworkManager_t:s0
Target Context system_u:system_r:NetworkManager_t:s0
Target Objects None [ capability ]
[code]....
I'm just curious as to what security measure's I should be taking to make my box a little less vulnerable? I'm still experimenting/playing with Linux, use the net, IM, download this and that and was wondering how secure fedora 10 was out of the box?
View 12 Replies View RelatedDuring a recent install I made the leap to encryption,but /boot must remain unencrypted.Is there really any legitimate security risk to having an unencrypted /boot partition? I mean basically someone can just see what kernel you're running which they could see during boot anyways right? Oh I and keep all my financial documents in /boot/finances/ (haha ok not really, but I am serious about the first part).
View 5 Replies View RelatedIs it possible to install security lab menu on a normal Fedora 13 installation? I don't want to use security spin.
View 14 Replies View RelatedMy question is related to the log in screen in Fedora 11, Gnome desktop, installed on my laptop. I currently have an account with the name Octav. When my computer starts-up i have a window with <my name> and <other> showing to choose from. When i click on my name, i type my password and i'm logged in.
Now my question, can i have my log in window, without my name written there, so i have an extra security if i may say. What I want is for me to type my username and then password to log in. I don't want my name been written on the screen.
I just putup the fedora15 on my PC. there are several msg coming up from selinux saying permission denied, though I am not doing any administrative activity. the PC being a workstation for reaserch. how can I know the denial is for an security intrusion attempt. how can I set conditions to see the logs of all security intrusions. how can I set exclusive msg-ing from selinux that the denial is for a security intrusion attempt.
View 5 Replies View RelatedIs there any way to hide my username in login screen (GDM)? I ask this because in Ubuntu I have seen that you need manually enter your username.
View 5 Replies View RelatedFirefox 3.5 has a critical java script vulnerability as noted in the recent news. I had to manually update to 3.5.1 using the mozilla tarball because there's still no Firefox 3.5.1 in Fedora Updates or even Fedora Updates Testing repositories. Is this normal? I didn't want to resort to using the mozilla one because now I can't use flash (my system is 64 bit and mozilla only seems to offer a 32bit tar file of Firefox) and having two Firefoxs means dealing with the ProfileManager, separate bookmarks and so on.
I'm trying to find out if I'm just looking in the wrong place, I tried the normal mirrors for "updates" for Fedora 11 and then updates-testing and also the baseurl for "updates" to get rid of the mirror update delay. None of them seem to have 3.5.1 ?
Problem that may require several tools available on Fedora. I don't know if its possible or not.
Given: Surveillance video box based on Fedora & Zoneminder. Internet connection is via a private 10.x.x.x network connection to the local phone company/ISP. That's the only connection available and they are the only ISP in the area. The ISP uses NAT to ultimately provide a routeable IP address, but that only works on outbound initiated traffic.
Problem: How can someone out on the Internet hit this box? i.e Is there any way to rig a method that will ultimately allow a connection initiated from the Internet to see the surveillance video that this box has stored via an http session?
I thought of one idea but don't have the tools to implement it. User sends an email to a server out on the Net somewhere. Surveillance box retrieves mail ever minute. The mail contains the users IP address. Surveillance box sends an outbound packet to that IP address to get NAT functional. The users box then uses that address to hit the box on the private network. The snag with this is that NAT is specific to ports, and I have no sway over the ISP's NAT capability.
Is there any way to push an http session outbound to the waiting end user? i.e. initiate a push of http traffic from the private box to the end user?
Does any one knows how to set an schedule for fire fox to terminate loading some IP. or restricting people to accessing some websites from your system..?I mean to set some restriction option to Fire Fox for third party..
View 4 Replies View RelatedI might get harassed for making this windows/linux comparison, but i'm seriously wondering why i cant find any application that can display a quick little notification on the bottom right hand corner of my screen whenever there's some intrusion attempt.
For example, sometimes I can see that in my /etc/logs/secure (or something like that) there's someone who's trying to attempt to connect to me using random usernames/passwords from different servers. The only time I know this has happened is when i actually open the file with gedit. Is there anything like (norton for windows) that can display little notifications (with or without eye candy)??
I would like to maximise security on an FC 10 box. I had come across some scripts that perform a host of security tests and let me know recommendations on what all needs to be done. Dont seem to remember what they were called. Has any one tried any such stuff on FC10 recently? which scripts or suites you would recommend for this purpose...
View 2 Replies View RelatedI was reading that Arch does not provide security updates, but just provides security by keeping with up-to-date software...So what is in a security update and what does it patch? The kernel?
View 10 Replies View RelatedFYI Security Spin.
[url]
"...The Fedora Security Spin provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations. The spin is maintained by a community of security testers and developers. It comes with the clean and fast LXDE Desktop Environment and a customized menu that provides all the instruments needed to follow a proper test path for security testing or to rescue a broken system. The Live image has been crafted to make it possible to install software while running, and if you are running it from a USB stick created with the LiveUSB Creator's overlay feature, you can install and update software and save your test results permanently..."
About Security Spin -
[url]
Available Apps of Security Spin -
[url]
Using SMB to access a windows machine through port 139/445 is great, but how can this be used to exploit the system?I know this is gonna get flamed for the nature of hacking, but i'm trying to pen my own windows box with my sec spin of fedora (tried backtrack but didnt like the feel of it, so got the GNOME-security spin)I'm trying to find a way to open up c$ without sitting at my win box and sharing it.
View 1 Replies View RelatedI ran the LiveCD of Fedora SecurityLab and noticed these ports open, 111,631, 34526.How can I close them and what runs behind them. I know 111 is rpcbind, 631 ipp and 34526 is unknown.
View 4 Replies View RelatedI just preparing some presentations and was wondering what the most interresting Tools on the FSL would be. There are many, many everybody would use, but what would be the lets say "most wanted" Tools on the fedora Security Suite aka FSL?! Without what Tool you could not work?
View 2 Replies View RelatedI am on the admin account of my computer and am trying to remove all privileges from CWD i have tried
chmod go-rwx ~
sudo chmod go-rwx ~
but when i pull up
ls -l ~
It is still showing permission in the g and o column.
How can I remove authentication completely from my pc?
How can I edit the files present in the patrician filesystem?
Can a virus survive a reformat, running bootrec /fixmbr (both from the install CD), and then installing Ubuntu? Reformat meaning from the windows disk recovery console, using the format command for all partitions. Likewise, would a virus be capable of surviving just the first two steps alone without installing Ubuntu, just re-installing windows?
If one were to have an MBR virus on Windows or Linux, how abouts would you find or remove it without doing an entire disk wipe? And before someone goes "Linux is immune" take into consideration vulnerabilities on the user end.
How can I remove this string from all files. I am not sure how it did get there
PHP Code:
<?php /**/eval(base64_decode('')); ?>
I tried this but It did not work
PHP Code:
find . -iname *.php* -exec sed -i 's/<?php /**/eval(base64_decode('')); ?> //g' {} ;
I've searched the forum, but nothing answers my question. We know the security risk posed by suid, sgid.I'm looking to remove the suid bits from all programs that do not absolutely need it.
This command:
find / -type f ( -perm -04000 -o -perm -02000 ) -exec ls -lg {} ;
gave the list below.
For which of these programs can I safely remove the suid bit? I don't want to break my system by modifying a program that the system needs.
-r-sr-xr-x 1 bin 502172 Jan 10 12:36 /usr/local/bin/dccproc
-r-sr-xr-x 1 bin 186683 Jan 10 12:36 /usr/local/bin/cdcc
-r-s--x--x 1 root 23980 Nov 17 00:27 /usr/lib/virtualbox/VBoxNetDHCP
-r-s--x--x 1 root 9896 Nov 17 00:27 /usr/lib/virtualbox/VBoxNetAdpCtl
-r-s--x--x 1 root 23976 Nov 17 00:27 /usr/lib/virtualbox/VBoxSDL
[Code]...
I say to remove access to MOST of these SUID binaries? do they all need this power? what i want to do is minimize access just incase one of them gets an exploit(as ive already done for apache SuEXEC)
[Code]...
A Javascript has crept into all my hmtl, php files in my shared hosting account. I have SSH access.How can I use sed to remove that line from all files in a directory recursively ?sed doesnt change the original file.And I need to specify *.php and *.html
View 4 Replies View RelatedI have a Ubuntu file server with a mix of 30+ users ( mix of windows and linux ).All are members of the same group. All need read write create access. I want to prevent deletion of certain key folders. How can I achieve this ? sudo chmod -R nnnn ??
View 8 Replies View Related
