Security :: Deprecated Pam_stack Module Called From Service "su-l"
Nov 17, 2010
I get the following message in /var/log/secure: Nov 15 09:27:21 su: Deprecated pam_stack module called from service "su-l"
I have done some research and it seems I need to get rid of pam_stack.so in /etc/pam.d/su but I can't find out what to use in its place.
Below is a copy of my /etc/pam.d/su file:
Code:
From what I understand, I need to replace the line "auth required pam_stack.so service=system-auth" with "auth include system-auth"
My problem is how do I then go about limiting access to su based on group membership without pam_stack.so?
View 2 Replies
ADVERTISEMENT
Jun 8, 2010
Code:
nits@nits-desktop:/mnt/Storage/Tors/Incomp$ btdownloadcurses --check_hashes 1 filename.torrent
/usr/lib/python2.6/dist-packages/BitTorrent/Storage.py:4: DeprecationWarning: the sha module is deprecated; use the hashlib module instead from sha import sha
These errors occurred during execution:
[09:37:48] IOError - [Errno 5] Input/output error
Got this error when I tried hash checking, was downloading the file using rtorrent when there was a sudden powercut and my system shutdown abruptly, tried restarting the torrent and kept encountering problems while restarting.
View 2 Replies
View Related
Mar 5, 2011
Having not used Clive in over a year I went over to [URL]... and downloaded, built, and installed both Clive and URLgrabber. Here is error message when I tried to run Clive,
[code]...
View 10 Replies
View Related
Jan 8, 2010
I don't know what I'm trying to achieve falls into 'routing' or 'Bridging'???I have two network ports (with static IP ) and I would like to forward RX packets of one to the other.
I have done this in Windows by enabling a service called 'routing'.Is there something similar in Fedora 11? I am pretty sure there are a few thread explaining these but I am just not educated enough to find one that makes sense to me, so Please excuse me for starting a redundant thread and point me to it?
View 1 Replies
View Related
Nov 15, 2010
I'm trying to run a java app from a stock chart service called ThinkorSwim. I've tried it in NetrunnerOS2, Ubuntu 10.4 and Ubuntu 10.10. All of them result in the same java error.:I'm running Sun Java 6 update 22 on all these OSs.The install seemed to go OK, and I get the splash screen when it starts up and I get a "loading desktop" type of message then it throws that error. I've googled for 2 days and nothing I find is dealing with this error.
View 8 Replies
View Related
Jul 3, 2010
I recently installed 10.04 with a realtime kernel and after running some upgrades I can now no longer log in. It was previously set to automatically log in, now I get to the log in screen, click on Automatic Login and it says: Unable to open session. If I click my username and then enter my password it says the same thing. I can ctl-alt-F1 to the CLI and if I then enter username and password I get:
Code:
Last Login: Sat Jul 3 12:24:51 BST 2010 on tty1
Linux james-laptop 2.6.32-23-generic #37-Ubuntu SMP Fri Jun 11 07:54:58 UTC 2010 i686 GNU/Linux
Ubuntu 10.04 LTS
Welcome to Ubuntu!
* Documentation: https://help.ubuntu.com
0 packages can be updated
0 updates are security updates
[Code]...
View 3 Replies
View Related
Nov 14, 2010
I always use professional services to secure my servers. Everything was fine for years but a week ago my server got hacked.I don't know how the hacker got my username/password - it was not something like admin, password.9 months ago my PC was infected with some virus which connected to the FTP server by using password which was saved in CuteFTP and infected all index files with some javascript. Then I changed the user/FTP password and didn't save it anymore in Cute FTP. Of course, I checked all the folders and re-uploaded all infected files. Is it possible that this virus uploaded some hidden file which was able to get the new password for this account?
The server was hacked from so called Tor IP address. I am tiref of worrying about server security and now have an idea to get a static IP address from my ISP and to allow logins only from this IP address. What do you think about it? This idea looks good for me but are there any risks to lose access to the server. Can ISP provider change the static IP address for some reason?
View 9 Replies
View Related
Apr 14, 2010
ssh-Ebymts4547 it is also listening to a port on my machine and it is owned by my regular, non-root, user account. Is it malware of some sort?
View 3 Replies
View Related
Jul 13, 2011
I feel there's a bit of a misunderstanding going on between C++ and me...My problem is that I have a deque of pointers to a class, and create objects then add them to the deque in a for loop. However, the destructor is called on the object as soon as the loop quits.
Code:
This prints:
Code:
Now, if I change the deque from deque<Test*> to deque<Test> then it works fine - I get:
Code:
However, I can't do this with my actual code, because I am creating a deque of pointers to an abstract class, so it won't let me instantiate the class. (This is all so that I can take advantage of polymorphism, and call functions on a set of similar objects without worrying what type of object I'm dealing with).
So, I suppose my question is: what is the correct way to create that deque of pointers to the abstract class? I don't seem to be barking up the right tree currently.
View 4 Replies
View Related
Dec 10, 2010
I have an acer aspire one 150A running Ubuntu 10.04 netbook remix. Some weeks ago the netbook would not boot up and after fiddling for a while It came back to life but I was unable to login with the message "unable to open session". If I tried to log in from the terminal it told me "error in service module"Their is already a post about this issue which I have added to, http://ubuntuforums.org/showthread.php?t=1523153 . However, no one has posted a solution so I thought I would create a new thread to see if anyone would reply. Apologies if this is not the correct procedure as I have only just joined this forum in an attempt to sort this issue out
View 5 Replies
View Related
Aug 18, 2009
I'm trying to add simple policy to system - Fedora 11 x86_64 updated.Where is my error? I can't add any module.
View 14 Replies
View Related
Apr 7, 2011
a cup of days I'm trying to find any working free VPN service. Without success. [to run Windows in VM and use service which works in Windows is no solution for me - it is pathetic and it takes too much system resources] Everywhere are many questions. but no answers. All tutorials I read are old and nothing works.
View 9 Replies
View Related
Sep 24, 2010
I heard we can set security in /etc/hosts.allow and /etc/hosts.deny on user base also like something user@domain or something if so how can I restrict a user to access particular service by his/her user name in a particular host via /etc/hosts.allow or /etc/hosts.deny
View 3 Replies
View Related
Apr 22, 2010
This is an excerpt from the Linux man page for mktemp command: "mktemp is provided to allow shell scripts to safely use temporary files. Traditionally, many shell scripts take the name of the program with the PID as a suffix and use that as a temporary filename. This kind of naming scheme is predictable and the race condition. It creates is easy for an attacker to win. A safer, though still inferior approach is to make a temporary directory using the same naming scheme. While this does allow one to guarantee that a temporary file will not be subverted, it still allows a simple denial of service attack. For these reasons it is suggested that mktemp be used instead."
- How can a denial-of-service attack be carried out if a directory name is known?
- Why is it important to use mktemp to generate a sufficiently random file/directory name for temporary files?
View 1 Replies
View Related
Sep 16, 2010
I have two servers behind different networks. First network is protected with firewall provided by the router and there is no firewall in the server:
[Code]....
As you see, there are no difference in nmap output If I check with tcpdump, which packets are sent from 192.168.217.73 and 192.168.13.19(tcpdump -i eth0 src host 192.168.217.73 and tcpdump -i eth0 src host 192.168.13.19 respectively) towards me during nmap scan, there are none. It's understandable, as there should be no reply when port is filtered. Is there somehow possible to detect, whether firewall is active in the server or in the router?
View 5 Replies
View Related
Feb 20, 2010
I've configured squid proxy server in a P4 desktop. I've 50 users in my network. I installed RHEL 4.4 (2.6.9-42 kernel) and the iptables version is 1.2.11-3.1. I've 2 NICs installed in the system. eth0 (192.168.100.99) for local lan and eth1 (192.168.1.2) for outgoing to internet. I've connected DSL broadband modem to eth1 (default ip of DSL modem is 192.168.1.1). All the clients except few has been forced to go through squid by user authentication to access internet. Those clients which were kept away from proxy are 192.168.100.253, 192.168.100.97, 192.168.100.95 and 192.168.100.165. Everything works fine but from last week I observed that one of some notorious user use the direct IPs (192.168.100.97 or 192.168.100.95) in the absense of the owner of these IPs to gain access to internet as we applied download/upload restrictions in squid.
I want to filter the packets of source hosts using MAC address in PREROUTING chain. I read somewhere that IPT_MAC module must be installed to make this happen. So that those notorious users can not change their ips to gain direct access to internet.
Below are the contents of my iptables file (I've ommited few entries for safty purpose).
# Generated by iptables-save v1.2.11 on Wed Nov 25 16:35:57 2009
*filter
:INPUT ACCEPT [14274:3846787]
:FORWARD ACCEPT [4460:1241297]
:OUTPUT ACCEPT [16825:4872475]
code....
View 9 Replies
View Related
Aug 11, 2010
I am using the "extend" function of snmpd to run a script in order to extend a monitoring platform. This script being ran by snmpd needs to write to a file in /tmp for later parsing, but SELinux is stopping it from writing to the file under /tmp. The following two lines from my audit.log file show what is happening:
Code:
type=AVC msg=audit(1281516573.123:18422): avc: denied { write } for pid=6933 comm="test2.sh" name="tmp" dev=dm-0 ino=1474561 scontext=root:system_r:snmpd_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
[Code]..
View 8 Replies
View Related
Mar 17, 2010
I got alarm on Firestarter showing attack from samba service on port 139 . Is that ok for my host computer ? or a serious attack .
View 9 Replies
View Related
Nov 4, 2010
I'd like to know if this is common security flaw or normal to open up FTP to the public which is of course protected with password for 3rd party access to maintain our public facing / production website ?
If yes, what sort of FTP application to install in Ubuntu ?
View 1 Replies
View Related
Apr 24, 2011
Module xselinux appeared in new versions of XServer theoretically allows to use SELinux in order to improve security. First of all I'm interested in examples of the use of this module (configuration files and what functions it perform). Also interesting to know whether some user's actions with XServer can be restricted via xselinux module (e.g. screenshot prohibition).
View 11 Replies
View Related
May 14, 2011
I'm trying to limit the number of the ICMP packets reaching my server, so I'm using the limit module of iptables, unfortunately it seems the limit I set is totally ignored as I can easily send tens of ICMP packets and get a reply in less than 0.3 second Quote:
m3xican@m3xtop:~$ sudo ping -i0 -c20 x.x.x.x 20 packets transmitted, 20 received, 0% packet loss, time 230ms
rtt min/avg/max/mdev = 184.969/185.895/189.732/1.301 ms, pipe 16, ipg/ewma 12.138/186.232 ms This is the rule I'm using to accept ICMP packets (default setting is DROP)
Code:
iptables -A INPUT -p icmp -m limit --limit 1/s -j ACCEPT
And these are the kernel modules related to iptables
Code:
Module Size Used by
xt_limit 1382 0
[Code]...
View 5 Replies
View Related
Jan 11, 2011
I'm using RHEL 5 with the Enhanced Security. Using the suggest NISPOM Red Hat documented settings (located on the system; copy - paste) I have managed to audit failed file open accesses however, this setting only retained if I enter it at the command line (/sbin/auditctl -a ). If I reboot the system or restart the service all my -a (not -w) located in the /etc/audit/audit.rules are not retained.
View 6 Replies
View Related
Feb 7, 2010
So I installed pam-script
made this script:
Code:
#!/bin/bash
RFID_AUTH_SUCCESS=0
#Read the card
tag=`'/etc/rfid/RFID-login'`
code....
Code:
sudo test
It doesn't ask for my password and instantly authenticates as root!
if I run the above posted script manually, (cd into the dir and execute it), it works fine and produces the result 1 if positive and 0 if negative.
View 1 Replies
View Related
Mar 17, 2010
Whenever i copy ELF or BIN files from the filesystem of linux i must get permission denied. For this case i have gone through the linux security module but didn't get much help regarding the permission denied only in case of copy of ELF and BIN files from filesystem. how can i proceed in this. WORK DONE:
1. Downloaded linux-2.6.25.14
WORK NEEDS TO BE DONE:
1. compile the kernel with some modifications in linux security module to get the desired results but this time i am unaware of that.
View 5 Replies
View Related
May 5, 2010
My goal is this: Allow a user to connect to a server via SSH with any login name or password without checking to see if that account exists on that server. Their account would be captured by a universal account say, 'generic_user', and then they would be directed to one of my python scripts with the username and password they supplied for initial login. At this point my script would capture their SSHD process ID and allow/deny their existence based upon a MySQL/Subscription check.
The part I'm having trouble with is with PAM and allowing the user to login with any credentials and be successfully authenticated under the generic account. Beyond that, everything is great.
View 2 Replies
View Related
Mar 8, 2011
internal system mail revealed an error. Part of the mail is the below:
Feb 25 00:00:01 mbdba crond[1025]: PAM (system-auth) illegal module type: ccount
Feb 25 00:00:01 mbdba crond[1027]: PAM (system-auth) illegal module type: ccount
Feb 25 00:01:01 mbdba crond[1122]: PAM (system-auth) illegal module type: ccount
Feb 25 00:02:01 mbdba crond[1152]: PAM (system-auth) illegal module type: ccount
Feb 25 00:04:01 mbdba crond[1275]: PAM (system-auth) illegal module type: ccount
Feb 25 00:06:01 mbdba crond[1397]: PAM (system-auth) illegal module type: ccount
i have check /etc/pam.d/system-auth for the "ccount" entry, but it does not exist. "ccount" existed before in /etc/pam.d/system-auth but i managed to change it back to "account." i have grepd for the "ccount" string in all files under /etc/pam.d and i was not able to find it.
it seems that the system-auth is not able to take the now "account" string insted of "ccount" altough i have restarted crond
here is my system-auth file on the affected server:
auth required /lib/security/$ISA/pam_env.so
auth required /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
code....
View 1 Replies
View Related
Oct 6, 2009
Trying to install the Suhosin module with the php 5.2.9 c5-testing repo...it won't run with the php 5.2.9 testing build (there isn't an updated suhosin package against the 5.2.9 build)
PHP Warning: PHP Startup: suhosin: Unable to initialize module
Module compiled with module API=20050922, debug=0, thread-safety=0
PHP compiled with module API=20060613, debug=0, thread-safety=0
What's the best way to handle this from an admin best practices standpoint? I want to do everything possible to keep the suhosin module tracked by yum for future updating etc. Is it best to try to find a suhosin rpm that is built for 5.2.9 and install it with yum localinstall? If not, if I build the module myself, what's the best path to keeping yum/rpm in the loop on this install for future updating via yum?
View 3 Replies
View Related
Nov 4, 2010
I'd like to know if this is common security flaw or normal to open up FTP to the public which is of course protected with password for 3rd party access to maintain our public facing / production website ? If yes, what sort of FTP application to install in your Linux webserver?
View 7 Replies
View Related
Feb 25, 2009
How can I track IPsec module's operations? Can I find such a log file or entries in Linux?
View 1 Replies
View Related
Nov 25, 2010
I use iptables firewall (v1.4.1) installed on FC8. I'm trying to limit the inflow traffic for the port 1723 to certain MAC addresses. To experiment with the mac option, I've written the following iptables rule:
Quote:
iptables -A INPUT -m -mac --mac-source 10:08:08:08:08:10 -j ACCEPT
It didn't work. It gave me this error message:
Quote:
iptables v1.4.1: Couldn't load match `-mac':/usr/local/libexec/xtables/libipt_-mac.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information. Does that mean the mac module wasn't installed/enabled?
View 4 Replies
View Related
