General :: Security - Running Suspicious X Programs In GNU?
Mar 18, 2010
What the most harmful thing can malware program started as separate limited user account do if it has access to the X server? Network and filesystem things are already considered by chroot and netfilter.
It obviously can lock the screen and I will need to switch to other vt and kill it manually. Can it for example disrupt other GUI programs on the same X server (access a root terminal in nearby window)?
I know that it is safer to run it in separate X server, for example, in Xtightvnc or even some virtual machine, but how dangerous is to just run it like other programs?
View 3 Replies
ADVERTISEMENT
Jan 3, 2011
My server is probaly hacked and sending spam emails. I see them randomly in maillog (/usr/local/psa/var/log/maillog, server has a plesk panel), sometimes a few in a long time, sometimes a lot of them.Here is a sample of it:
Jan 4 00:47:08 acv360 qmail-remote-handlers[17662]: Handlers Filter before-remote for qmail started ...
Jan 4 00:47:08 acv360 qmail-remote-handlers[17662]: from=root@acv360.com
[code].....
View 7 Replies
View Related
Aug 10, 2010
I got this warning in the log of rkhunter:Quote:
Checking /dev for suspicious file types [ Warning ]
[13:37:16] Warning: Suspicious file types found in /dev:
[13:37:16] /dev/shm/pulse-shm-43136623: data
[code]....
View 2 Replies
View Related
Apr 1, 2010
I have been running rkhunter but how do i view the /var/log/rkhunter.log? I have tried using: sudo /var/log/rkhunter.log but all i got was "Command not found?
View 6 Replies
View Related
Mar 15, 2011
I know this post isn't strictly linux based, but since the system in question appears to be using Linux and I am as well I decided to post this here. In doing other network playing with Ubuntu Sever 10.10 I noticed that on all traceroutes I did to any IP the second hop from my house jumped through a connection on IP 24.96.153.61 which I think should only be another dynamic IP Knology.net customer...
In scanning the IP I now know that its a Juniper Junos Router 9.2R1.10 (Probably running on some VMware based on googling?) Open ports show: 22 ssh openSSH 4.4 v. 1.99 23 telnet Openwall GNU/*/Linux telnetd
At first I thought this was just a legit Knology.net DNS server or something, but using such outdated versions and freeware... I feel suspiciously like this is something else. Also, why in the world would knology allow remote access to their mainframe equipment? Seems that if it were ever breached it would be beyond terrible for the ISP...
Finally, why can't people not SSH into my box from the outside if I have MAC address filtering on? Anyone know anything about this or am I just being paranoid? I'm a noob, so knowing too little about all this is probably more the problem?
View 5 Replies
View Related
Dec 8, 2010
I come to Ubuntu with the notion that it is much more secure than Windows. In XP I had an anti-virus, third-party firewall and sundry softwares against spybots, rootkits etc. The anitivirus blocked the suspicious web pages while browsing. I generally avoided public networks, carrying a portable internet device Do I need similar stuff with Ubuntu.
View 9 Replies
View Related
Aug 1, 2010
I ran a chkrootkit scan and found this: The following suspicious files and directories were found: /usr/lib/pymodules/python2.6/.path /usr/lib/xulrunner-1.9.2.8/.autoreg /usr/lib/firefox 3.6.8/.autoreg /usr/lib/jvm/.java-6-openjdk.jinfo
How do I get rid of this suspicious file?
View 4 Replies
View Related
Apr 12, 2011
I have suspicious requests in my haproxy logs from multiple sources to the same target. I could deny them in /etc/hosts.deny, but there are too many to keep track of. Is there a way to deny all requests to a specific target either in haproxy or through iptables?
Here's an example of the request: Apr 12 15:11:37 127.0.0.1 haproxy[28672]: 41.105.42.150:27072 [12/Apr/2011:15:11:37.315] web_servers frontend_farm/######## 3/0/1/1/169 404 1073 - - --NI 3/3/2/1/0 0/0 "GET /images/comment_icon.gif HTTP/1.1"
I've commented out my amazon instance id for security purposes. The request is for comment_icon.gif which does not exist. All requests go to that. The source IPs are from different countries as well. Blocking a certain country won't work either. Basically, if there was a way to send all requests for comment_icon.gif to /dev/null or something it would work.
View 2 Replies
View Related
May 7, 2011
yesterday I ordered some software on the Net.Early this morning, I got a call from my bank someone else tried to charge to my debit card.I called the company I ordered from to alert them and they assured me it had to be my computer security because theirs was checked, upgraded regularly and above reproach.Fortunately, the bank caught it in time and my account wasn't debited. After I assured them I didn't order anything from Bed, Bath and Beyond, the bank shut down my card and I had to apply for another.
I was shocked. You hear about it but never imagine it will happen to you. I began to wonder and worry if it was because I was using Linux and it wasn't as secure as Microsoft.I'm isolated in a very small town in West Texas so I order some things on the Net.I loaded the full version of Ubuntu "Lucid Lynx" 10.04 from a 4 disk set and downloaded all the upgrades; almost five hundred and set everything up the way I wanted. My question is: Are there programs running among the Ubuntu build to assure a secure transaction on the net or do I have to load others and a fire wall like Windows? That's one of the reasons I left Microsoft behind was the "Auntie-viral" programs took over and almost became a competing system.
View 9 Replies
View Related
Sep 21, 2010
Is there anything suspicious about this auth.log? I find the many CRON outputs and the part with gconftool weird. Also, why don't I have the permission to view "/var/log/btmp1". It has never happened before.
I'm using GNOME's log viewer.
[Code]...
View 2 Replies
View Related
Aug 19, 2010
I am new to C programming and I need a way to compile and run my code. I've made a little research and I found that eclipse is a nice IDE. But I don't know how to configure it and generally. What do I need to download and install to make it work. I've also tried downloading easy eclipse that doesn't need any configuration or extra files but the link on the site was broken. Is there any other C IDE like easy eclipse available?
View 5 Replies
View Related
Jun 24, 2010
I am trying to study gtk programming and get stucked before some errors in compiling them. Iam using ubuntu 9.10 and i didnt installed any additional libraries or packages for running these gtk programs assuming gtk is already installed in ubuntu. I am newbie to gtk I tried compiling some example programs from my tutorial and it ended up in errors. So do I need any additional packages to run these programs.when compiling it shows package config cannot find any gtk+-2.0 packages and to try specifying .pc in environment path. I don't know how to set these path stuff.
View 1 Replies
View Related
Feb 24, 2011
How can I disable Internet access for programs running in Wine?
View 3 Replies
View Related
Apr 26, 2011
using mint 10, now after updates my system is barely working. The programs were no longer showing in the task bar, and the system was running much slower.
[code]...
This repeated over and over again. My temperature was never to high 40-55, and I found a suggestion to update my kernel to 2.6.37-020637. After doing so there is no longer the thermal limit exceeded error but the computer is still running poorly. The system is slow and again no programs are showing up in the task bar when open.
View 6 Replies
View Related
Apr 21, 2011
I sshed to a server a week ago, then ran *screen* and created a few windows in my screen session. I then ran a few programs on those screens. All the programs were running in the background (I run them with &). I did not close or detach from the screen sessions. So I was still connected to those screen sessions from my client machine.
Then, this morning I find my client machine rebooted. When I do screen -ls I find there are no screens available to reattach to. But that is not the worst part. The strange thing is that all my processes (which were running on the server) have disappeared as well, even though they were running in the background. I thought 1) using screen I will be able to re-attach to old screens when my client restarts, 2) If I have sshed to a server and have run programs in the background, restarting the client should not stop those programs (even if I had not used screen).
View 2 Replies
View Related
Sep 10, 2009
I have a HP 530 laptop running Fedora 11
If I run 'uname -ar' Linux 2.6.30.5-43.fc11.i586 #1 SMP Thu Aug 27 21:18:54 EDT 2009 i686 i686 i386 GNU/Linux
It has virtual machines and a dual core processor.
The results of
Code:
Power management:
processor: 1
flags: fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx constant_tsc arch_perfmon bts pni monitor vmx est tm2 xtpr pdcm
bogomips: 3657.37
clflush size: 64
power management:
View 11 Replies
View Related
Dec 18, 2010
I am using Unison so synchronise my files. I have configured Unison to start when I log on no problem, but is there any way that I can open Unison when I click log off, such that it will wait for Unison to finish before actually logging off (I need to input a password and respond to prompts)?
View 2 Replies
View Related
Dec 19, 2010
I installed openSuse 11.3, and configured my inittab like:
1:2345:respawn:/sbin/mingetty --noclear tty1
2:2345:respawn:/sbin/mingetty tty2
3:5:respawn:/usr/bin/startx -- :3 tty3
[code]...
under the console 7 (ctrl+alt+f7), I have a virtual win xp, and I run some music and apps in it.. but, when I switch to any another console, it just shuts up.. also, when I log in as a root under console 2 and go back to console 7, sound card also shuts up..
View 3 Replies
View Related
Apr 8, 2010
My problems is that after i've DL a program and then use unrar to open up the files...I was able to successfully mount a linux version game using Furious ISO mount (the game is Civilization call to power loki) Now I can see the files inside the folder but I can't figure out how to run the game after its mounted
I've looked around a lil bit and I know someone has probably asked this question before but most of what i find is people asking how to mount the image to begin with
View 5 Replies
View Related
Jul 3, 2010
I have a dual boot system, Windows 7 and a WUBI installed Ubuntu 10.04, both are 64 bit. Can I use Wine to run a program installed on the Windows partition? If so is there anything special I need to do? My Ubuntu partition is really small and I:d like to keep it that way.
View 3 Replies
View Related
Feb 15, 2011
Are there potential compatibility problems if a KDE program is installed and run under Gnome in the standard Ubuntu Desktop 10.10? If two programs with the same functions are available, is it better to select the Gnome version?
View 3 Replies
View Related
Apr 7, 2010
i have a C program which creates an executable file in linux after that we can use that exe file and decode any file which is encoded by flatedecode algo now i have to write a C program... which reads a file.....use the above mentioned exe file and den post the decoded output.... i am in need for a code in C which can run EXE files and perform some function...
View 1 Replies
View Related
Jun 5, 2010
Everything works fine; No problems running WinXP from an ISO, etc. I have several Windows only applications which I want to run on the WinXP VM. I cannot see the programs I have downloaded when using Explorer for Windows.Ordinarily, in a WinXP only system, I just find the program to be installed and double click on it to start the automatic installation routine.In this case, I cannot see any of the .exe files used for the install.I have placed those downloaded Windows application in the same directory on my Ubuntu Box as where VirtualBox, the Sun Guest Editions and the CD Image of the Garmin Trip and Map system.I installed the Garmin system directly from and ISO of the CD I made using Brasero. It works without a hitch.Should I take the Windows e.e programs and burn them to a CD and then transfer them as ISO tback to the VM drive?
View 3 Replies
View Related
Oct 24, 2010
I'm running Ubuntu 10.04, and for some reason I get a segfault whenever running programs with OpenGL. I ran "lspci | grep VGA" in the terminal and this is the output:
Code:
02:00.0 VGA compatible controller: ATI Technologies Inc M92 [Mobility Radeon HD 4500 Series]
View 2 Replies
View Related
Apr 11, 2011
i used to run wine and a windows chat program. I got away from linux for a while, but now am back, but the same program i used to run, now gives and error.. to check my internet connection. <urlopen error [Errno 5] Access denided> I gave the program the permission to run, but what am i missing?
View 9 Replies
View Related
Jun 7, 2011
so i've just been sitting here, compiling and running some c++ programs (with g++ from the terminal), I looked away for one minute to open a file that had just been written out (opened it with gedit if that makes a difference), now my terminal says:kbuildsyscoca4 running...so I'm wondering if anyone knows what this is about?hy it suddenly started running and why it has appeared on my terminal. I'm basically just curious as I though bash shells were entirely separate virtualizations of shells, and unrepresentative of other processes. i'm also wondering what kbuildsyscoca4 is/does (i've got gnome going on and generally gnome varieties of programs). I found a post from about a year ago mentioning the same thing, though no replies.
View 1 Replies
View Related
Jul 8, 2011
im try to run modding programs for xbox which are all for window (.exe) but the ones that dont have an install they just click and run in windows dont open my laptop thinks about it and doesnt open them here are the programs that dont work
mw2 clan edit
ezgt2.2
lefluffie
usb xtaf xplorer
modio
View 2 Replies
View Related
Aug 9, 2011
Trying to write a script for desktop launchers that are adaptable to screen resolution. Ideally, the program should:
1. Determine screen resolution:
if "a" use xdotool options window size 1305 x 869 px and move to 135,0
if "b" use xdotool options window size 1545 x 1019 px and move to 135,0
2. Check if program running:
if no, open program, and use "a" or "b" placement options, focus window
if yes, focus window
3. Close script and leave program open (if possible).
Problems arise when trying to use the script on programs that run from and hog the terminal
(e.g. brasero, gcalctool, nautilus)
Here the script will load the program, and nothing else (probably because it still occupies the terminal as it runs)
Code:
gcalctool && xdotool search "calculator" windowmove 135 0
This next command will cause the program to load, move, but it keeps focusing itself like xdotool is running the windowmove function constantly - it keeps focusing itself until script stopped.
Code:
gcalctool & xdotool search "calculator" windowmove 135 0
This had the same effect as the above code, but seems to work as a conditional subscript running when the process is running in the terminal - it just goes infinitely.
Code:
while [1] ; do xdotool search "calculator" windowmove 135 0 done exit
Is there some kind of "if, then" or "while, do" or some kind of conditional I can put in to the script ensure the window is moved only once if the program is running within the terminal? Is there a way to remove the program from the terminal from the script once it's been called?
View 5 Replies
View Related
Aug 17, 2010
I have successfully created a dual boot system on my Aspire One net book computer with Windows XP and Ubuntu for net books. When I use the software installer the program icon shows up but when I click on the icon nothing happens. All of the software that was installed when I installed Ubuntu works fine. The software in question is a flight simulator named Saber.
View 1 Replies
View Related
Jul 22, 2014
I am trying to replicate what is happening on this page under the tcsh shell, but using the bash shell found in Wheezy. Here is the page I am referring to:[URL] The command I am trying to replicate is on page 6 under figure 2.4. The command is "prompt> ./mem &; ./mem &".
I would like to run the same program twice, concurrently, but do not know how. Note that I am not trying to use a bash script, but rather by simply using syntax on the command line.
View 4 Replies
View Related
