General :: Security - Is It Safe To Run An Old Version?
Dec 14, 2010
I'm currently running OpenSuSE 11.3. I'm afraid as newer versions are released they will demand more of my old PC (Dell Optiplex GX270). Also, I've heard of issues with newer Linux distributions having issues with older Intel hardware (just hearsay, not personal experience). However, patches for specific OpenSuSE releases have a limited window of time.So,
Am I much more at risk to security issues if I keep a version of Linux past its patch date?Is it possible to keep a specific Linux release but still be able to receive security essential updates based on my repository selection?
View 2 Replies
ADVERTISEMENT
Jun 9, 2011
How safe is linux version of 7zip with password turned on?
View 6 Replies
View Related
Dec 5, 2010
I am using Fedora on my desktop pc. I want to know how can i protact my PC from outside world. What firewall policy should i implement in iptables to keep it more secure.
View 5 Replies
View Related
Sep 18, 2010
How do i check for updates to the current version of rkhunter and if possible upgrade to a new version?
View 2 Replies
View Related
Nov 12, 2010
It seems to me that he passwords kept in GNU Keyring Seahorse, are not kept very safe, because if I'm logged in and someone access my cumputer they can see my passwords that are saved there. I have set a keyring password, but it seems that is it not all the time locked.What are some general follow guide rulles to make sure my passwords are kept safe and my encryption keys that I use.
View 2 Replies
View Related
Jun 11, 2011
How do you know if a site is safe to download from ?
Have only been using Mint 11 for 3 days after 7 years with windows and the usual safety nets there were the https headings and firewalls blocking stuff but how do you know something is safe in Linux ?
In short how do you know it's a trusted site ?
View 5 Replies
View Related
Jun 14, 2010
Other than Firestarter, how safe is it to use an iptables firewall for Linux if you know the basics of iptables but not the details and not exactly what you're doing with iptables? I want to be very secure without configuring iptables myself if possible or doing as little as possible. If you don't think iptables is safe if you don't really know what you're doing, which firewall you can use (Slackware specific, preferably) that is the easiest to install and configure? Are there any that work like free Windows firewalls, other than Firestarter? I've looked around and looked at slackbuild and can't find a Firestarter package, I searched this site also and saw something about the reason there isn't one. I'm concerned with my security and I don't want to write my own iptables firewall - I don't fully know what I'm doing.
View 6 Replies
View Related
Sep 29, 2010
When I go to the Runesacpe page to run the game I get a message that says that the aplit is not signed.
Is it safe to run.
Does anyone know what it does, other than just run the game?
View 2 Replies
View Related
Jul 13, 2011
I just found a neat way to encrypt a file in Ubuntu 10.04.
I right click on a file and select the Encrypt option. The program prompts me to "Choose Recipient" so I choose myself on the list. Then it prompts me to enter my passphrase.
Once all that's done I hit enter and it adds .pgp to the end of whatever file just encrypted. The same basic method is used to Sign the file.
Does it sound as though what I said is correct and that the file I wanted to encrypt was indeed encrypted?
Can anyone crack my files without the passphrase? I'm sure it depends on the complexity and length of the passphrase.
View 6 Replies
View Related
Jan 3, 2010
A new open source package called Lightning Rod will help to close security exploits in Adobe's dirty Flash code. A presentation made at the 26th Chaos Communication Congress showed that the package does its job by reviewing incoming code before the browser executes it. Heise Online is reporting that this method can block over 20 different known attacks and can even be used to filter out malicious JPG attacks. As more vulnerabilities are discovered they can be added to Lightning Rod to close the breach.
View 2 Replies
View Related
Sep 8, 2010
when I apply port forwarding to my router @ home? Is it a risk to every computer on the network or just specifically the server that is involved?
View 9 Replies
View Related
Sep 24, 2010
I opened a specific port in my router and manually configured Limewire to use the same port for all traffic, but I notice when I disable and turn off Firestarter when on limewire, my searches go really fast and dowaloads zoom really fast also I am not running as root. Is this ok to temporarly stop the firewall when I am on Limewire and then turn it back on when finished?
View 9 Replies
View Related
Apr 19, 2011
I would like to know if you guys think this is a safe plugin/extension to use with either Chromium or Firefox.
There is an old page that shows it had security issues in the past.[URL].. Would it be safe to use this or do you think someone could use it to steal my passwords, etc. while browsing?
View 3 Replies
View Related
Jul 17, 2011
how safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?
View 4 Replies
View Related
Apr 15, 2010
So I know Linux has iptables, I'm rather new to linux, and I'm wondering, are the stock settings with Ubuntu/Kubuntu safe? Is there anything I need to do make them more secure? I tried adding rules myself for some things but ended up just not being able to do anything so I had to reset back to stock with iptables -F. Should I be safe running as-is?
View 4 Replies
View Related
Jul 10, 2010
What if someone tampered with some important security updates, and suddenly you get a rootkit instead?
View 4 Replies
View Related
Apr 7, 2011
I am new to Ubuntu so Iwant to know,Am I safe when on-line with the default installation settings on? If not what should I do?
View 6 Replies
View Related
Feb 17, 2011
Today I ran
aptitude update && aptitude safe-upgrade
Like I regularly do, and I see these two packages need to be upgraded:
login passwd
Since these packages seem kinda security-sensitive I would like to know exactly why I would need to upgrade them. I checked Debian's security list but couldn't find anything relevant, and the links to the changelog for both packages are broken:
The requested URL /changelogs/pool/main/s/shadow/shadow_4.1.4.2+svn3283-2+squeeze1/changelog was not found on this server.
Where can I see what is changed in these packages so I can safely upgrade?
View 3 Replies
View Related
Sep 2, 2010
My Windows XP Pro laptop has been attacked! Windows will no longer update and Microsoft Security Essentials will not update either. I've been trying to resolve the issue for over two weeks with Microsoft support, but it's just taking too long. I also tried some rescue CD options (all running some form of Linux, obviously):
- BitDefender Rescue CD (removed infections, now detects nothing),
- Kaspersky Rescue CD 10 (removed infections, now detects nothing),
- Trinity Rescue CD (won't load AV Engine, so can't use it to do anything).
Malwarebytes cleaned a bunch of stuff, but will not clean the final threat detected (it's supposed to get deleted on reboot, but never does). Hijack.FolderOptions is stuck in the accursed registry, and it keeps causing Windows Explorer to crash. I cannot rename files or work with them or everything just crashes.
So I'm ready to reinstall XP from scratch, and add a dual boot with Xubuntu & LXDE, which I'm already running on a much older laptop.
Question: I want to rescue the files I need. My idea was:
1) Install Xubuntu with dual boot.
2) Copy over files from Windows XP partition using Xubuntu.
3) Back up files to an external drive using Xubuntu.
4) Reinstall XP Pro and format hard drive.
5) Reinstall Xubuntu with dual boot.
6) Use Xubuntu for daily use.
7) Only use XP for those tasks that require it (TomTom updates ...)
Should I be concerned about the security risk from copying files from the Windows partition to the Xubuntu partition, and from there onto an external hard drive?
Is this the way to do it, or is there a better way? I just want my laptop back in working order. Right now I can't use it for anything.
View 8 Replies
View Related
Jul 13, 2010
I am setting up tomcat server on my Centos 5.5 machine. I've been advised to run tomcat on 8080 as non root user and redirect traffic to it from port 80.
I searched and found the following iptables commands for this:# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT -to-ports 8080
# iptables -I INPUT -p tcp --dport 8080 -j ACCEPTI have a doubt:
Tomcat is not accessible via port 80 without the second command. But the second command opens 8080 and makes it accessible over the internet (tomcat is accesible via both: www.<website>.com and http://<ip address>:8080). This doesn't seem right. Is there some simple (iptables) way to redirect traffic "internally" from port 80 to 8080 without having to open 8080 to the internet.
View 3 Replies
View Related
May 6, 2010
I'm trying to figure out how to use ADrive.com's 50 GB's or SkyDrive's 25 GB's of free storage to backup my computer automaticaly.
Problem's:
1. With ADrive I can select all my files at once through their website's uploader vs SkyDrive where you have to select them one by one. There are some third party programs, like Gladinet, which will mount sky drive to your computer like an extra drive, though I haven't found one for linux yet. This guy came up with a cool way to backup automagically with Windows: [URL] I am trying to figure out how to do the same thing with Linux.
2. ADrive's uploader is not on https, whereas SkyDrive is. Either way I wanted to encypt my files on my computer first so when I back them up, they are safe in case they should fall into the wrong hands, not that I don't trust Microsoft or whoever ADrive is with all my most precious documents, but I'd rather error on the side of safety.
View 1 Replies
View Related
Jun 11, 2010
adobe was kind enough to release new versions of flash to deal with the recent 0day exploit which is all fine and good except they didn't release a 64bit version. as a matter of fact the 64bit alpha is no longer available for download and their forum for the 64bit version has been set to read-only.
i'm using slackware64 13.1. i began the process of getting nspluginwrapper working with the 32bit plugin but decided that it wasn't worth the hassle. rather than just dump flash altogether, am i making my box "safe enough" by using the flashblock extension for firefox? obviously, sites still can sniff for the flash version, but nothing will be displayed unless i click on it. basically i'd only be using it for stuff like videos and a few other major sites that should be trustworthy.
View 6 Replies
View Related
Sep 17, 2010
Which LXDE version of Linux has the newest version of Firefox and Open Office included?
I am looking for an iso file, and I am trying to run this off of a live CD for now. So I want a light version of Linux, probably LXDE, or if not, then probably XFCE. But I need a new version of Firefox and OpenOffice included.
Because, I tried burning the customizable NimbleX @ custom.nimblex.net . Pretty good, except it uses Firefox 2, and Open Office 2.3, which are outdated.
And I tried Mint XFCE, which might have been pretty good too, but it had some issue of blanking and requiring relogin after I opened hotmail frequently (user id: mint, password: blank).
The web browser and the word processing program are the most important and essential applications to me.
So are there any Linux versions in LXDE on LiveCD that include newer versions of Firefox (or at least another good browser) and Open Office (oo seems better than abi)? (Again, if no LXDE, perhaps XFCE?)
I just want to download a good version in an iso file, and burn it to a CD and get to work. Like I said the web browser and the word processing program are all important.
So really, what iso/LiveCD versions are the fastest for running on an older system, and yet have the newest browser and word processor included?
View 6 Replies
View Related
Mar 2, 2010
I've made OpenPGP keys using gpg 1.4.9.I have a public key and a sub key.And a passphrase.I can distribute the pub key. What is sub key? Can I distribute sub key?I think the phasephrase is the private key. Right ? (in the RSA Algorithm)?Where to use the Secure Shell Key? And why to distribute it?
View 1 Replies
View Related
Feb 8, 2011
I checked on clamav web site but no way to install it yet on Maverick.
View 4 Replies
View Related
Aug 28, 2010
In the wake of all of the stories about the Windows DLL hijacking bug, it appears that certain Linux distributions may be vulnerable to a similar problem related to the way that Linux handles a specific variable in some cases. The bug apparently was introduced via a Debian patch last year.The discussion on the possible bug in Linux began with a blog post by Tim Brown, a UK-based security researcher, who detailed a specific case in which Linux could be vulnerable to an attack similar to those designed to exploit the Windows DLL bug. The post spawned a related discussion on the Full-Disclosure mailing list, in which several others confirmed that they'd seen the problematic behavior in certain Linux distributions, including Fedora, Ubuntu and Debian.
View 1 Replies
View Related
Mar 12, 2010
How to detect intrusion in my desktop ubunta 9.10 version ? which command that could direct tell me about any change in my files ? I would like the procedures that protect my system from intrusion , i am using firestarter and keep tracing the network by using netsta -tap ?
View 2 Replies
View Related
Mar 10, 2011
I'm trying to turn off SSH root login on Ubuntu 10.10. However, changing PermitRootLogin=no (/etc/ssh/sshd_config) do not work. Here is the sshd_config:
[code]...
View 9 Replies
View Related
Jun 4, 2010
I want to run Debian as a live version from my USB flash drive. Does this provide the same amount of security from hackers as installing Debian as the only OS on my netbook. Windows ce would still be on my netbook?
View 5 Replies
View Related
Nov 10, 2010
I'm posting an E-Mail I sent to Pidgin Support, which didn't get answered. I'm doing this because I believe it is a general SSL problem. I've even tried a different chat client (Instantbird) - same error message. Since a week or so I'm not able to securely login to ICQ any longer with one of my accounts. Only if I disable "Use SLL" in the advanced settings, it works. With SSL I get the error message "Unable to connect to BOS server: SSL Handshake Failed". In the debug window the reason for the failure is "A record packet with illegal version was received". If I enable the setting "Use clientLogin", I get a different error: "Received invalid data on connection with server".
I get this error for all of my ICQ accounts if I enable this, but the other ones work just fine using only "Use SLL". I can login to the ICQ website with the "bad" account too, the settings are exactly the same for all 3 accounts. I was using Pidgin 2.7.3 when this happened first, upgraded to 2.7.5, but no change. I'm running RHEL 5.5 x86_64. I've attached the Pidgin debug messages for the "bad" case of the not working account and for the "good" case of one of the working accounts. I've tried a lot of things, like deleting the account and adding it again. I deleted the cached certificates. I changed the password on the ICQ website.
From the attachment I'm only pasting the most important part - the error message:
(20:27:14) gnutls: Starting handshake with bos.oscar.aol.com
(20:27:14) gnutls: Handshake failed. Error A record packet with illegal version was received.
(20:27:14) oscar: unable to connect to FLAP server of type 0x0002
(20:27:14) connection: Connection error on 0x9bf19f0 (reason: 0 description: Unable to connect to BOS server: SSL Handshake Failed)
I doesn't get into my head why 2 accounts work perfectly, but one doesn't. The login-server is exactly the same, so also the used certificate should be the same.
View 2 Replies
View Related
