One of our customers is looking at enterprise audit of their data center (primarily consists of Linux servers) We suggested them towards a SNMP based tool that has some limitations. Any other recommendation is welcome...
View 1 RepliesI set up an apache webserver on a redhat enterprise server 6 last week. It works fine on the localhost. However, the webpage can't be accessed from the other computer. I didn't modify anything related to 'allow,deny' in httpd.conf. The only thing I've done is I added a rule in iptables to approve the access from a computer with a specific IP address. Since I am quite new to iptables, I don't know if there is anything wrong with my setting.
Even I stop iptables, the problem is still there. I don't know if my setting of iptables is correct. Or, there is anything else that I should do?
I installed Redhat nash version 5.1.19.6 with kernel 2.6.18-128.el5-xen-i686 on a Dell Inspiron 1300 with Broadcom BCM4401 (eth0/LAN) and BCM4318 (eth1/WLAN). eth0 is working fine, but eth1 was causing trouble. After some difficulties with missing packages I managed to install ndiswrapper, blacklisted module bcm43xx in /etc/modprobe.d/blacklist and removed it, loaded module ndiswrapper and had connection. But after reboot module bcm43xx was again loaded. So blacklisting does not seem to work.And additionally strange to me, I cannot unload module bcm43xx anymore. And if I load ndiswrapper driver bcm43xx is still used as the terminal command 'dmesg' is showing me in the system log, while ndiswrapper was used when the connection was once and only once established
View 13 Replies View RelatedI'm trying to add the -audit option to X Server. I run ps -ef | grep -v grep | grep "bin/X" and get: root 2511 2506 0 10:35 tty7 00:00:09 /usr/bin/X:0 -br -verbose -auth /var/run/dgm/auth-for-gdm-sScn1P/database -nolisten tcp vt7 So I'm thinking that I need to add -audit to the /usr/bin/X file, but I believe that it's binary and created by something else, but I can't find that "something else". How on earth can I add this option? I have opened up 1,000,000,000,000,000,000,000 files (slight exaggeration) and I've come up empty.
View 1 Replies View Relatedselinux and psacct is disabled in this system (RHEL5.6 2.6.18-194.11.3.el5 SMP x86_64). After performing a yum update, the syslog is flooded with kernel audit messages (related to PAM), even though audit service is turned off. Is there a way to disable this verbosity?
[Code]....
I have /var/log/audit and /var/log/audit.log owned by root and 600 permissions. I've also removed and made an empty /var/log/audit directory when that did not we work either. I can start the service after boot up, but it is not coming up automatically even when configured by chkconfig. I also get this after I attempt a restart...
Stopping auditd: [ OK ]
Error deleting rule (Operation not permitted)
Starting auditd: [ OK ]
The audit system is in immutable mode, no rules loaded
A tail of my /var/log/messages shows this...
Nov 23 16:45:18 hostname kernel: type=1302 audit(1290548718.524:73): item=1 name="/var/run/auditd.pid" inode=131143 dev=fd:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=user_u:object_r:var_run_t:s0
Nov 23 16:45:18 hostname kernel: type=1300 audit(1290548718.618:74): arch=c000003e syscall=87 success=no exit=-2 a0=7fff730b2f85 a1=7fff730b2f85 a2=2 a3=0 items=1 ppid=6243 pid=6248 auid=1111 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="rm" exe="/bin/rm" subj=user_u:system_r:unconfined_t:s0 key="delete"
Nov 23 16:45:18 hostname kernel: type=1307 audit(1290548718.618:74): cwd="/"
Nov 23 16:45:18 hostname kernel: type=1302 audit(1290548718.618:74): item=0 name="/var/run/auditd.pid" inode=131073 dev=fd:01 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:var_run_t:s0
Nov 23 16:45:18 hostname kernel: type=1300 audit(1290548718.620:75): arch=c000003e syscall=87 success=yes exit=0 a0=7fff9b776f81 a1=7fff9b776f81 a2=2 a3=0 items=2 ppid=6243 pid=6249 auid=1111 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=1 comm="rm" exe="/bin/rm" subj=user_u:system_r:unconfined_t:s0 key="delete"
Nov 23 16:45:18 hostname kernel: type=1307 audit(1290548718.620:75): cwd="/"
Nov 23 16:45:18 hostname auditd[6260]: Started dispatcher: /sbin/audispd pid: 6262
Nov 23 16:45:18 hostname audispd: af_unix plugin initialized
Nov 23 16:45:18 hostname audispd: audispd initialized with q_depth=80 and 1 active plugins
Nov 23 16:45:18 hostname auditd[6260]: Init complete, auditd 1.7.17 listening for events (startup state enable)
I am trying to get a Linux (Slackware 13.37) working in a Windows networking environment. The IT support for this organisation does not extend to Linux support, so I'm limited in what help I can get for this.
I'm trying to get to the point where I can get to the internet to download what I need on this Linux machine.
The situation is this (*fictitious addresses used) -My Linux machine uses a fixed IP address (10.100.150.21)
My Windows machine uses a DHCP assigned IP address (10.100.150.213)Both Linux and Windows machine are configured to access the gateway server (10.100.150.1)So, I can ping the Linux machine from the Windows machine and vice-versa.I can ping the gateway machine from the Windows machine.I can browse Windows Shares on the network via SMB from the Linux machine.I CANNOT ping the gateway machine from the Linux machine with the Destination Host Unreachable message being the error message.
For actual internet access I need to access a proxy server but since the Linux machine can't even ping the gateway server, it fails to ping the proxy.Now, I have been told the gateway is a HW based router and for Windows machine they use some software for authentication to connect to the network. This software isn't available for Linux, so that's why I've been told to use a fixed IP address.My experience of networking is pretty basic and most of the Linux setup is done via running Slackware's setup program.
how could i automate the audit of computer's hardwares present in network?
View 1 Replies View RelatedIm new in linux i want to configure my redhat machine as both router and transparent proxy!
View 1 Replies View RelatedTo run applications compiled for RedHat 4 Enterprise (gcc3.4) on RedHat 5 Enterprise (gcc4.1), what should I do?
View 4 Replies View Relatedhow i have a machine installed Red Hat Enterprise Linux Server release 5.1 with 2 modem (usb & com port) still i want to configure RAS server so some pple able to connect my server and send me some files.
View 4 Replies View RelatedI am trying to implement a NAS running Debian to replace the Windows 2003 file server.We implemented the system and we integrated it with the active directory. Is it possible to manage the access rights using windows tools and get the same amount of detail(not the right word) on access.As an example, we have the following folder structure:
Teams&Projects All users list, admins full
Team1 All users list, admins full, some users modify
Project1 All users no access, admins full, some modify, some list
I have read some articles on the internet that this is possible but I do not have enough information to implement this.
I am in need of the instructions of how to create a boot disk for my RED HAT Linux Enterprise Server. I have a floppy drive also it this helps.
View 2 Replies View RelatedCan you Please tall me What are the configuration file for DNS
View 5 Replies View RelatedTo run applications compiled for RedHat 4 Enterprise (gcc3.4) on RedHat 5 Enterprise (gcc4.1), what should I do?
View 4 Replies View RelatedInstallation of CVS on Redhat linux
Installing CVS on Redhat Linux Redhat Enterprise 4.0
The following steps give simple steps to install CVS software on Redhat Enterprise Linux 4.0.
1) Download the tarball cvs-1.11.1p1.tar.gz
2) Run "gunzip cvs-1.11.1p1.tar". You will get file called cvs-1.11.1p1.tar.
3) Then extract this file using command
"tar -xvf cvs-1.11.1p1.tar".
4) Then go to directory cvs-1.11.1p1.
5) There you will find a file called INSTALL. Read it once carefully.
6) Now run the command "./configure."
7) Build it using the command "make".
8) Install binaries/documentation using command "make install".
9) Now open file called /etc/services and add the following lines.
Cvspserver 2401/tcp # CVS client/server operations
cvspserver 2401/udp # CVS client/server operations
10) Open file called /etc/xinetd.conf and add the following lines to that file.
service cvspserver
{
Port = 2401
socket_type = stream
protocol = tcp
wait = no
user = root
passenv =
server = /opt/bin/cvs
server_args = --allow-root=/home/cvs -f pserver
env = HOME=/home/cvs
log = /var/log/cvslog
}
11) Space on both sides of = in the above file is a must.
12) Restart xinetd services by running command " services xinted restart "
13) Check whether CVS is running on the port 2401 by using the following command "nmap IP |grep 2401". If the CVS server is running correctly it will give output as "2401/tcp open cvspserver ".
It doesn't output like "2401/tcp open cvspserver"
I'm trying to configure DNS on Oracle Enterprise Linux 5.4 - Kernel 2.6.18-128.el5. When I restart the named service, I'm not getting any errors. But service is showing Failed. What could be the reason?
View 3 Replies View RelatedI have a problem in connecting from windows xp OS to the REDHAT LINUX through vncviewer. The first connection works fine. However, if I want to add more than one connection by establishing the hostname:2 through vncviewer, it stops working. I have tried modifying the file /etc/sysconfig/vncservers to add more than one allowable connections. It still fails...
View 4 Replies View RelatedI am using red hat enterprise 5.7 OS and the problem is that vsftpd won't start. When issuing Service vsftpd start it comes up with failed. I am using the default RPM to install it, also using the default vsftpd.conf
View 8 Replies View RelatedI am trying to initilaize auditing on a Red Hat 5.2 enterprise server. Things like:
/sbin/chkconfig audit on
/etc/audit/audit.rules
/var/log/audit/audit.log
are what I am looking at, but I need to know where things go to start the audit service. A simple example with all of the pieces set to audit, then I can add rules to match requirements.
I am using a Red Hat enterprise server 5.0 I would like to know if there is a way to extract a single file from inside a war file and display its contents on the screen? For example: I have a file labeled test.war and inside this war there are multiple files/directories. I am interested in seeing the contents of one file labeled MANIFEST.MF without having to unzip the entire war file. does it make sense?
View 6 Replies View RelatedI successfully install vnc server and client in my machine after installation in GUI mode i clicked on service and enable vnc server when i click on start. It says that "This service is being refreshed right now" Then after i use terminal and typed "#service vncserver start"
its display error message "Starting VNC server: no displays configured [FAILED]"
at work place I have an HP ProLiant DL580 with RedHat Enterprise Server 5.4 x64. Today I cloned this machine using clonezilla. What I would like to do is restore the image to VMWare machine for personal purpose (I cannot perform tests on production machine). But after restoring on VMWare I got "Kernel Panic". That's normal due to different hardware.
Now, is there a way to remove the Kernel Panic and correctly boot the machine? I ask our tech department for the RedHat CD1 to enter the "linux rescue" enviromnent, then try to re-read the hardware list with
# chroot /mnt/sysimage
# kudzu
Im having a lot of trouble configuring freeradius for Ubuntu. I have freeradius installed but Im having trouble finding any information on how to edit the configuration files to create users and be able to WPA2 Enterprise. The wireless router that I am using is an Linksys WRT54gl.
View 2 Replies View RelatedI am installing Red Hat Linux enterprise 5.0 on HP proliant ML 110 G5 with X3330, 8 Gb 2 X 250gb SATA Config. Time required for full istallation is around 2hours 30 minutes. What could be the reason?
View 3 Replies View RelatedI have installed Redhat Enterprise Linux Server 5 on my laptop. I have also installed Windows 7 Operating system on the laptop. I want to access windows 7 created ntfs partitons on RHEL 5 server. I tried installing the following rpm's on the rhel5 for accessing the ntfs partitiins.
1. fuse-2.7.4-8_12.el5.i386.rpm
2. fuse-devel-2.7.4-8_12.el5.i386.rpm
3. fuse-libs-2.7.4-8_12.el5.i386.rpm
4. fuse-ntfs-3g-2010.5.22-1.el5.rf.i386.rpm
[code]....
im located in Sudan which is under usa empargo, means some software is restricted in my country. My company which has 5000 emloyee os going to build their own webserver which will hold alot of apps which is compatible with linux i didn't trust M$ windows specially on web, so ive to use linux do u recommend any other release other than opensuse coz o can get free update and patches.
View 5 Replies View RelatedI have installed the Suse Enterprise server 11 SP1 on my laptop. I have the atheros AR8132 network card, and it seams the suse is detecting correctly, but i can't start the network up. He returns an erros saying that the eth0 is not supported by suse, or kernel, i must check to be sure.
View 1 Replies View RelatedWe want to upgrade our servers running RHAS v3u9 to RHEL 5.3. What is the best way to do this without losing any information.
View 3 Replies View RelatedI have a box that is Rec Hat Linux 5.4 with Apache server 2.2.3 . I'm told there are multiple vulnerabilities in Apache httpd, that version 2.2.16 or later is better. However, I did a package update this week and 2.2.3 is where I sit. Is there a newer version that will run or a patch for 2.2.3? Upgrading Red Hat is not an option.
View 3 Replies View Related