Im trying to make a script that will test the suitability of a password. I understand that all the features I want are in the /etc/pam.d/common-password file. From here I can change the length of a password, what characters must be in a password, if the words are in the dictionary, etc... but I don't know how to change these values by using a script. I want it in a script because I want to be able to suggest a more suitable password if the original password doesn't meet the criteria.
I'm trying to do an online security check on my Linux system.I would like to do a Firewall/Antivirus test. What free online sites do you know?For instance, I use ShieldsUp to test some firewall's components.Does someone recommend anything else?I still can't find a site that tests for the presence of virus/malware installed.Are there any?
I have been forbidden to enable automatic updates on our Ubuntu servers, for both security and regular packages.When I log into any of my four Ubuntu servers, the welcome message contains this:
39 packages can be updated. 26 updates are security updates.
However, when I run the Nagios plugin that monitors APT, I get:
% /usr/lib/nagios/plugins/check_apt APT WARNING: 33 packages available for upgrade (0 critical updates).
I need to know how to properly detect that there are pending security updates, and regular updates. Once I can do that, I plan to write a Nagios script that will return WARNING for pending regular updates, and CRITICAL for pending security updates.
everytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?
I know this has probably been asked too many times here but I need to secure my emails. Personal matters of course. But yeah. I use the program "Password and Encryption Keys" to generate a key to sign my emails with but I do not know what to do. To be blunt, I'm stupid when it comes to this. IF not, steps in creating a key? and giving it (my public key) to the significant other? Finding where both keys are? Implementing it into Thunderbird? If it helps any here's some extra information: Ubuntu distro: Ubuntu 10.04 Email client: Thunderbird
I suppose that my main Linux user account password serves as my SSH password as well. Is there a way I can modify this? As it turns out, I'd like to have a REALLY secure SSH password for obvious reasons, but a less secure local password, as it makes typing in passwords a heck of a lot easier on a machine. Is there a way I can change my account password in SSH without changing my Linux user password?
I'm using Ubuntu 9.04 and i've installed my HP Printer and SAMBA successfully. Windows XP clients on my network can successfully print through this shared printer. My problem is, is there a way to put a security password or some sort of authentication before they can print? its because this printer is only dedicated to one department only.
How can I force passwd to use a simple password?I want to change my passwd & delete passwd history (if stored).I plan on creating a Virtual Appliance that uses another password besides my testing password.
I have a database created by an older program (not Access) that I need to open and retrieve information for my business. The manufacturer put a password on there so that only it's program could open it. I do not use that program, but it has information I need. Is there a way to find that password or circumvent the password altogether?
I use KeePass2 to access username/password information in a Dropbox file. This allows convenient access from multiple devices. I can't seem to copy a password to the clipboard on my Linux 2.6.27.41-170.2.117.fc10.x86_64 system, however, in order to supply the password to a prompt in an xterm(1). I've tried both Ctrl+C/Ctrl+V and highlighting and mouse button 2 clicking. The KeePass2 program on the Linux system is executed by Mono.
I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...
When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.
So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.
If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.
I'm trying to create a program that will go through a list (one word at each line) from the file pwdlst.txt and try to log-in with the passwords entered in the file. When the program tries with a password that matches the current one, the program will stop and print out "The password is: %s" % password. This is what I created so far:
get the error and print when the log-in attempt is deniedgo through the list (pwdlst.txt) and try each password one at a timestop the program when the password matches
I am trying to write a remote access module. Is there any function in linux where I can give string (password entered by user) and compare it with the actual user password stored in /etc/shadow. Since the password is stored encrypted in /etc/shadow I cannot parse and compare. So I want some method to compare if my user entered the correct password..Is there any function for that..
I can see what Firestarter is blocking in the Firestarter/Events tab, but after reading all the man pages of UFW, I still don't know how to check what the UFW is blocking.
Is there a plugin or some other way to check to see if a website has https available, and use that instead? I know some sites, like Wikipedia have a different hostname for SSL support while others have the same hostname, just What I would really like to seesome kind of header in the http reply or the html that saysSecureAvailable= is there any system like this in place? There's too many issues with with unencrypted http to continue having that as the default.
having a slow internet connection, I bought the all maverick repository on DVDs, copied the files on a usb drive and modified the apt sources file to consider the local repository only:
Code:
# deb file:/var/www/ubuntu_local/ ./ deb file:/var/www/maverick/dvd1/ maverick main universe restricted multiverse deb file:/var/www/maverick/dvd2/ maverick main universe restricted multiverse deb file:/var/www/maverick/dvd3/ maverick main universe restricted multiverse
[code]....
Even though I am reasonably sure it is safe, this local repository is not authenticated and I can only install package through the command line or synaptic, the Ubuntu Software Centre giving an error message "Requires installation of untrusted packages"...I thus would like to disable the apt authentication check for this local repository.
i was thinking that is there a way to check data flow for viruses? i mean if i set up calm av in my internet sharing server could it detect anything in incoming and outgoing data ?!!
I was recently connecting securely to the website where I have my mail account, and I connected through Tor. When doing so firefox presents me with the screen saying that the connection is untrusted and it can't verify the certificate. So I cancelled. I'm using torbutton and I turned torbutton to off and connected again with no problem. Then with torbutton on again, same thing (untrusted).
Is it possible the exit node I was going through is doing a man in the middle attack? However later when connecting through tor I did NOT get the warning about the site being untrusted. I really don't know what exit node I was using when I got the certificate warning and what exit node I was using when I did not recieve the warning. I don't know how long I stay on the same node or how/when it changes.
I have been using the new ocr app 'cuneiform' that has appeared in the Lucid repo.It is command line and works very well.However, the rest of the household would like to use it and desire a gui front-end.Mepis has this and it is called YAGF. Works well.We are told to install only from trusted sources.how can I check the integrity of this .deb and freedom from malware before installing it?
There is a suspicious amount of data (more than a megabyte) being uploaded from my computer whenever I log onto a commercial web site on which I advertise rental properties.
Is there any way I can see the data being uploaded - I am pretty familiar with the Unix/Linux system and commands.
Just wanted input for this script i have cobbeled together. Its not done yet. I am trying to think of ways to close up my outgoing while maintaining full functionality of my laptop ( irc, web stuff, a torrent or two, etc.) . Anyways, I have done some myself; as well as, pulling bits and pieces from other stuff out on the web. I am starting to wonder why i have to write a specific rule to check for spoofed packets if my default input is set top drop. wouldnt it be caught?
