Security :: Can I Allow SFTP For ANY But SSH For Some IP Address
Jul 20, 2010Can I allow SFTP for ANY , but SSH for some IP address
View 6 Replies
ADVERTISEMENT
Security :: Address Space Randomization On 2.6.28-15-generic Ubuntu 9.04 - Finding Base Address?
Sep 14, 2009Im an academic (university networks and security lecturer) studying/teaching network and operating system security, and inspired by the work of Hovav Shacham set about testing ASLR on linux. Principley I did this by performing a brute force buffer overflow attack on Fedora 10 and Ubuntu 9. I did this by writting a little concurrent server daemon which accidently on purpose didnt do bounds checking.
I then wrote a client to send it a malicious string brute forcing guessed addresses which caused a return-to-libc to the function usleep with a parameter of 16m causing a delay of 16 seconds as laid out in [URL] Once I hit the delay I new I had found the function and could calculate delta_mmap allowing me to create a standard chained ret-to-libc attack. All of that works fine. However .... To complete my understanding I am trying establish where I can find the standard base address for ubuntu 9 (and other distros) for the following, taken from Shacham:-
Quote:
[code]....
/proc/uid/maps gives me some information but not the base address ldd also gives me the randomised starting address for sections in the user address space but neither gives me the base address. Intrestingly ... when a run ldd with aslr on for over (about) 100 times and checked the start point of libc I determined that the last 3 (least significant) hex digits were always 0's and the fist 4 (most significant) where between 0xB7D7 and 0xB7F9. To me this indicated that bits 22-31 were fixed and bits 12-21 were randomized with bits 11-0 fixed. Although even that doesnt define the boundaries observed correctly.
Note: I am replicating the attack to provide signatures to detect it using IDS, and for teaching purposes. I am NOT a hacker and if needed to could reply from my .ac.uk email address as verification.
Ubuntu Security :: Disable SFTP In SSH?
Sep 3, 2010I've made an SSH server using OpenSSH on my desktop Ubuntu (10.4) for tunneling. However, I'm noticing that the public account I made for my SSH (one to give to friends to use proxy) has SFTP access to crucial system files. I'm okay with SFTP being enabled on my account, but not on this public account. Does anyone know of anyway to either disable SFTP to that user, or restrict access to important files?
View 4 Replies View RelatedSecurity :: Setup Proftp For Sftp Only?
Mar 31, 2010I have tried, to set this up, but failed what kind of ftp would you guys recomend, as i have been having slight problems over recent days, with unknowns logging onto my annon ftp server, delt with mind.
I am thinking about a proper login even for the annon account, fairly easy to setup.
Security :: Restrict Number Of Sftp Connections?
Nov 9, 2010if i want user should`t have more than 20 sftp connections to a server,is there any way we can limit no.of connections to a particular user on the server using ssh configuration
View 7 Replies View RelatedSecurity :: Permission Configuration For SFTP User?
Jun 8, 2011I've run into my first Linux/Unix roadblock and need support. I am creating a user strictly for SFTP and need them to login to a specific folder as well as set their navigate, write, and read permissions appropriatly but am having trouble. I was able to modify /etc/passwd to change their home location upon login but was warned that it was a bit dangerous to modify this file, even though my login test worked, and that I should look for an alternate solution in case shadow passwords were used. I'm reading up on chmod and understand the binary relationship but still can't seem to put the pieces together for each folder I'm working in. Below is what I need to satisfy: username for this test will be 'customer'
Example folder: /storage/company/files
1. User 'customer' needs to login to /storage/company/ by default.
2. User 'customer' needs browse, write, and read permissions to /storage/company/ and ALL files and subdirectories within this folder
3. User 'customer' must be UNABLE to navigate backwards toward folder root / or in general, navigate out of their primary home location.
Ubuntu Security :: SFTP/SSH Alternative To Root Login?
Oct 20, 2010On my Ubuntu 8.04.4 LTS webserver I desperately want to disable the Root account. But at the moment I am unable because I prefer to use Nautilus/Dolphin on my home laptop for SFTP. The graphical interface also helps when comparing multiple config files at once, something that being limited to NANO or PICO would make extremely painful. The problem is that if I don't use ROOT I can't perform any SSH or SFTP actions with a graphical interface, because I can't use SUDO without the terminal. Does anyone else leave root enabled? I have a non-standard port, disabled password authentication in favor of ssh keys, and I have a tarpit configured
View 2 Replies View RelatedUbuntu Security :: Allow Sftp Access To System Using Accounts?
Nov 26, 2010allow sftp access to my Ubuntu system (happens to be desktop as it's also my main system) using accounts that are not able to login normally. (I have already managed to create such accounts.) These accounts need to be chrooted (also already accomplished with the openssh daemon settings.) Where I run into problems is that I want to give them (read only) access to files outside the chroot (on another partition in fact) and the matter if made more difficult because the directories to be shared are on NTFS-3G partitions (as they are a shared linux / windows storage drive). Is this possible and if so, what do I need to do?
Edit - Forgot to include versions
Ubuntu 10.10
openssh 1.5.5p1-4ubuntu4 (the one that comes with 10.10)
Ubuntu Security :: Securing SSH Connection For SFTP Server
Jan 19, 2011I'm running an SFPT server which my clients logon to using an FTP client. at the moment each client has a user name and password.
Thus far to improve security I've disabled root login but an looking for futrhrt ways to protect it from attack, having researched using google some of the security features suggested prevent the FPT clients from connecting.
Questions:
1- what further things can i do to secure my server that still allows it to be usable for FTP clients?
2- specifically is it possible to use non login pre-share key authentication?
How i set up the server is shown here: [url]
Security :: Restrict Sftp Access And Changing Its Port?
Mar 17, 2010I tried changing the sftpserver port but its not working, besides how can i restrict users from particular ips.Eg: users a can ssh from 192.168.*.*user b can sftp from 200.*.*
View 2 Replies View RelatedSecurity :: Truecrypt Volume On Ftp Server Inferior To Sftp?
Feb 24, 2011If one uses a free ftp account to store private data such as bookmarks, they might prevent any eavesdropping by using ssh for the transfer (ftps), or alternatively sftp.
However, they would still have to trust the ftp hosting provider, because the data is stored unencrypted in the server.
Someone suggested putting all bookmarks in a small truecrypt volume instead and synchronizing this with the ftp server.
Performance issues aside, given that the plaintext only changes a little in each resync (only a bookmark is added usually), is the use of the truecrypt volume introducing a means for an eavesdropper to break the code?
Ubuntu Security :: Disabling SFTP Access While Keeping SSH Enabled?
Mar 29, 2011right now i have vsftpd server installed for FTP access. I originally set it up for both FTP and SFTP, but found that SFTP disregarded any and all permission settings and user jailing that i had set up... so I am switching to just being standard FTP
so here is what's happening:
i've tried to disable SFTP in the sshd_config file, but i am still able to log into the ftp server under sftp through port 22 (which normally is ssh?) i've tried all kinds of things short of just blocking port 22, however I would prefer to be able to remote into my server via Putty (which has access restriction to ONLY allow my admin user account over ssh)..
Ubuntu Security :: Is Posting The Hardware Address A Security Risk
Feb 28, 2011When posting results from ifconfig, it shows the hardware address of etho, etc. Would you consider that to be a security risk ?
View 9 Replies View RelatedUbuntu Servers :: Sftp On Vsftpd - Make / Force All Users To Use Sftp And Not Just Ftp
Apr 13, 2011i have a vsftpd server running well but i want to make/force all users to use sftp and not just ftp is this possible?
View 1 Replies View RelatedFedora Security :: Chrooted SFTP - Couldn't Get Handle: Permission Denied When I Try To Get The File "junk"
Sep 3, 2009I'm trying to set up a Fedora 11 server so that users have only SFTP access. The relevant lines from my "/etc/ssh/sshd_config" are:
[Code]....
I can log in okay, I can type "cd /" and "cd upload", but when I try an "ls" command, I get: Couldn't get handle: Permission deniedand when I try to get the file "junk" (listed above), I get: Couldn't stat remote file: Permission deniedAnyone know what I'm doing wrong?
General :: Connect To An SFTP Server From A Windows Machine To A SFTP Server Using A DSA Key?
Jul 24, 2011As a Windows user, I generated a pair of DSA keys from CoreFTP Lite and sent it to a third party that runs an SFTP server. They told me that a valid DSA key needs to have ssh-dsa at the start and the username@systemname at the end. CoreFTP generated neither the ssh-dsa header nor the username@systemname footer. I tried with WinSCP and it didn't generate them either. Is there a difference between how SFTP works between Windows and Linux? If I put a useraccount@systemname at the end of the text will it work? How would the Linux system validate that my system is called "systemname"? If it can't validate, what is the purpose of adding it?
View 2 Replies View RelatedSecurity :: Proftp Log MAC Address?
Mar 11, 2011how do you configure proftp to log MAC address on LAN, not just IP?
View 4 Replies View RelatedUbuntu Security :: Use Address Not Ip In Iptables?
Jul 24, 2010i need to open this address ftp.nai.com, is there a way to use address not ip in iptables?
View 7 Replies View RelatedSecurity :: Netstat Output Has No Address?
Apr 19, 2011I've never seen the type of output from netstat and don't have a clue what it means.Quote:
tcp 0 0 :::8009 :::* LISTEN 31673/java
tcp 0 0 :::22 :::* LISTEN
[code]...
Fedora Security :: 'send' Address Can Be Spoofed
Oct 16, 2009I'm behind a modem router with firewall and SElinux enabled by default - but checking my mail this morning I noticed several ' delivery failures ' ( allegedly ) from hotmail referring to mail I hadn't sent. When I checked the spam folder for the on-line side of my mail account there were more failure notices. Two points that may be relevant, one is the recent Hotmail exploit, the other is that this only occurred with the address I use for railway matters, and some people cc to everybody, so it's odds on that address is on a good few computers. On one occassion when I checked my spam folder on-line I found spam which claimed to be from myself, so I know the ' send ' address can be spoofed, is this the explanation, or is it a new kind of attack linked to the Hotmail exploit?
View 13 Replies View RelatedFedora Security :: Blocking And Allowing IP Address For FTP?
Jul 15, 2010I want to ask about securing the FTP connection... I have one server that Installed with Redhat Linux Fedora 6.
And now, i want to securing the FTP access, so only the selected IP will be allowed to connect. Do anyone know how to do this?
Another thing is, my server using Webmin 1.3 to manage the server and there not installed / not configured yet with Frox FTP, ProFTPD Server, WU-FTP Server... even there is such thing in my Webmin...
Can i make use one of the three FTP i mention above, and if yes, will it be affecting the current FTP access?
Fedora Security :: Blocking Ip Address Range?
Dec 31, 2010I'm assuming that the following should block the complete 178.123.xxx.xxx address range.
Code:
iptables -I INPUT -s 178.123.0.0/24 -j DROP
Then I believe that I need to save this change.
Code:
service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
However, I'm not so sure that it is actually working based on the fact that there continues to be access to my wiki from that address range. The following is after I made the firewall change.
Quote:
178.123.177.61 - - [31/Dec/2010:04:24:40 -0500] "GET /mywiki/Opera%20Web%20Browser?action=edit&editor=text HTTP/1.1" 200 6346 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
code....
Let me state that I'm new at this iptables thing. I did some reading and decided that I need to make the above change to the firewall but it doesn't seem to make a difference.
Fedora Security :: Any Way To Block IP Address Access?
Jul 27, 2011I recently set up a web server at home, using a non-standard port, due to my ISP blocking 80. I just checked my log files, and I see a TON of entries indicating that a file was not found "proxy-1.php", "proxyheader.php", etc. I do not have these files, not intend to have them as part of my website. I did a whois looking by IP address for several of these, and they all seem to come from an ISP in China. Is there a way to BLOCK any IP address outside the US (that is somewhat simple to do?)
View 5 Replies View RelatedUbuntu Security :: How To Reset / Allocate IP Address
May 19, 2011For a while now, I have been trying to reset my IP address in Ubuntu but I have had no luck. The reasons why I want to reset it and get a new one is because my service provider waits weeks to change it. I am concerned it has fallen into some unsavory hands. Also, can you be hacked if the would-be attacker is unaware of your IP address? Are there other means of locating your computer on the web without an IP address or webserver?
View 6 Replies View RelatedUbuntu Security :: Allow Foreign IP Address In Hosts?
May 30, 2011I found this IP address in my hosts.allowQuote:ALL: 119.42.68.232I cannot find any other evidence of intrusion.
View 4 Replies View RelatedSecurity :: Blocking A Specific IP Address From Server?
May 8, 2010I would like to COMPLETELY block a specific IP address using iptables. I found this one:
Code:
iptables -A INPUT -p tcp -s xxx.xxx.xxx.xxx -j REJECT --reject-with tcp-reset
Will this work? How do I undo the changes later?
Security :: Blocking An Ip Address Range Within Iptables?
Mar 30, 2009I am setting up a iptables firewall on one of our servers, and I would like to block a range of addresses from getting into the system. I am using a script that does a BLACKIN and BLACKOUT methodology for specific addresses. One example is the following:
Code:
$IPTABLES -A BLACKIN -s 202.109.114.147 -j DROP
...
$IPTABLES -A BLACKOUT -d 202.109.114.117 -j DROP
What would be the correct syntax to use if I wanted to block an entire remote subnet from getting into the server?
Security :: Properly Set Up Ssh To Only Allow One IP Address To Login Remotely?
Apr 6, 2010properly set up ssh to only allow one IP address to login remotely
View 2 Replies View RelatedSecurity :: Block Any IP Address Who Failed To Connect More Than 3 Ssh
Mar 25, 2010how to block any IP address who failed to connect more than 3 ssh?
View 5 Replies View RelatedSecurity :: Racoon Address Bind Failure?
Mar 11, 2010I did not use below configuration in my racoon conf,
remote anonymous {
exchange_mode main;
lifetime time 1 hour;
proposal {
encryption_algorithm 3des;
hash_algorithm md5;
[Code]...
I've pruned your post from where you originally posted. In the future, please check the dates on threads which you're thinking about posting in. If you see they are dead (inactive for a few months or more) just let them rest in peace and start your own thread. You can always include links to reference the dead thread if you need to, as I've done here.