Security :: HOW TO Protect From VPN Attacks
Jun 1, 2011I would like to know how to protect networks against VPN attacks? How does big industries do it? What does the government tend to use? Are any tools open source that I may get?
View 1 Replies
ADVERTISEMENT
Ubuntu :: Does 10.04 LTS Protect You From DDoS/Dos Attacks?
Oct 31, 2010I was just wondering if you were to get DDoSed/Dosed would ubuntu block the packets or protect you in some way?
View 1 Replies View RelatedSecurity :: How To Find The Trace Of The Attacks
Dec 30, 2008I fear that an attack or an entry in my PC has occured, how to find the trace of the attacks.
View 3 Replies View RelatedSecurity :: Prevent Ddos Apache Attacks?
Jan 25, 2011recently my Apache server crashes very often; by watching the error log,I've notice several signs of intrusion.So, I think the problem can be a denial of service attack against my machine.My distribution is Debian Lenny.
View 2 Replies View RelatedUbuntu Security :: Best Solution To Protect Server From Security Threats?
Jul 22, 2011I've recently been running a game server from my desktop, as well as a web page to accompany it.I use the ports 80/8123(HTTP)/5900(VNC)/50500(GAME)/5839(ADMINISTRATION).What's the best solution to protect my server from security threats? On a side note, I plan on adding a MySQL server later, but I want to keep it local only.
View 9 Replies View RelatedUbuntu Security :: Block PHP Injection Attacks With Fail2ban
Apr 12, 2010I'm trying to implement this method to block php injection attack using fail2ban: here it is, however I'm not sure it applies to Ubuntu. You see, there's this filter that must be added to the fail2ban jail file:
HTML Code:
[php-url-fopen]
enabled = true
port = http,https
filter = php-url-fopen
[Code]....
Ubuntu Security :: SSH Pubkey Authentication And MITM Attacks
Jan 6, 2011Given that my public key is a pre-shared secret is sshd made in a way that this negates the possibility of a man in the middle attack? In other words, if the known_hosts file were to be deleted, would it be safe to ignore the fingerprint of a server that already has my public key in authorized_keys?
View 5 Replies View RelatedSecurity :: Researchers Working Toward Processor-Specific Attacks?
Nov 10, 2010With the disappearance of an OS monoculture, attackers would do well to find attacks that are neither OS or application specific. One way to do that, of course, is to target attacks at hardware, rather than software. Now research out of Frances Ecole Superiore d'Informatique, Electronique, Automatique (ESIEA) moves a step closer to that goal: identifying a method for isolating the processor used by anonymous systems for the purpose of subverting that hardware.
View 2 Replies View RelatedDebian Configuration :: Root Attacks Due To Security Breach In Exim4?
Jan 21, 2011My debian server has been attacked due to a security breach in exim4 4.69-9 (probably applies to loads of other versions too). The security breach allows the attacker to get root access by creating a buffer overflow in a header which then can be used to inject code.
[URL]
The securtiy breach is fixed with 4.69-9+lenny1 I want to share my actions with you on what I did to (hopefully) get rid of it. However at the time of writing this, the above website is down due to too much load (DDOS Attack?). How you can check if you've been attacked:
The attack creates a buffer overflow in exim4, which results in paniclog entries.
$ cat /var/log/exim4/paniclog
2010-12-17 07:34:11 string too large in xxxyyy()
2010-12-19 10:42:10 string too large in xxxyyy()
this would be an example of two attacks. One on 2010-12-17 and the other two days later 2010-12-19.with this information you can start find potentially infected files. There may be a better way, but I searched for them with this command:
$ find / -mtime 31 2>/dev/null # files,directories,links created 31 days ago (i.e. 2010-12-17)
My infected files:
/usr/bin/uptime
/usr/bin/pwdx
/usr/bin/slabtop
[code]....
Security :: Advanced Firewall And Testing - Block Certain Kinds Of Attacks?
Dec 14, 2010I launched my website. At the moment the site has an firewall (iptables) enabled with very simple rules. All incoming traffic is blocked, except for the ports http and ssh. Everything is working perfect, but I want also to be able to block certain kinds of attacks. There are some really good examples on the internet, but I don't now if they contain all kinds of attacks which are relevant to my situation. To be clear, I only server web content through port 80 and use ssh to remote login.
View 3 Replies View RelatedUbuntu Security :: Pen Test IIS - Methods To Simulate Attacks To Check HIPS Detects?
Jan 27, 2011I need to do a pentest on a Microsoft IIS webserver to test the efficiency of the HIPS i have installed on. methods to simulate attacks so that i can check if the HIPS will detect them?
View 4 Replies View RelatedSecurity :: My Server - Deb5 And Plesk10 - Is Involved - Causing - In Brute Force Attacks
May 6, 2011I am ashamed that I am causing other people troubles, but apparantly my server is involved in attacking the servers of other people.
I have to admit that I am not too familiar with using a CLI, or Linux for that matter, but I have a Debian server running under Plesk 10, which is colocated.
Now I have received messages from the datacenterm which state that my server is involved in brute force attacks.
The messages show a lot of lines like this:
Code:
The only I get from my hoster is to back up all domains and re-install the machine.
I want to resolve this asap, but do not agree with that action for two reasons: the machine just had a fresh re-install 2 months ago, so if it is a flaw in the OS, I will get the same flaw back, and if it is not OS related but due to a domain, I will get the problem back by putting back the backed-up domains.
But now I'm stuck: what steps should I follow to try and find the cause of this evil and make sure that my machine will not bother other machines anymore?
I realize that this probably will be a steep learning-curve, but please bare with me and help me to resolve this.
What have I done so far?
1) There are a number of live sites on this server, either running WordPress or Joomla, I have made sure they are all updated to the latest release.
2) I have manually looked at the source code of the index-files of those sites, haven't seen anything strange, like redirects.
3) I have used online scanners to check all sites for malware, all have been reported back to be clean.
4) I have run the Plesk-version of RKhunter, and that gives me certain warnings which I cannot (or do not) understand:
Code:
Code:
Code:
I received the first report of these attempts about a week ago and immediately changed the Plesk/SSH password to a 200bit password generated with KeePass, hoping that would keep out any evildoers.
Ubuntu Security :: Does Firestarter Protect Out Of Box?
Sep 15, 2010I was wondering if firestarter (software firewall) works out of the box or does it need some kind of configuration in order for it to provide protection? Is firestarter even needed with ubuntu?
View 6 Replies View RelatedSecurity :: Protect Server From Url Injection?
May 20, 2010I am facing problem on my Linux server, those runing php sites, most of the time hacker upload file in my website and take the control, and hack the sites, shoot the thousands of mail etc
View 7 Replies View RelatedFedora Security :: Trying To Password Protect Directory
Apr 1, 2010I create music and usually gets sold world wide. I have some distributors that have been able to access a private server and get the new tunes I make to download via ftp. Well that server is getting full and I was trying to create another directory on my website itself.I created the directory. made the ".htaccess" file. Then I tried to make the htpasswd file but my server just keeps saying no command by that name.
View 8 Replies View RelatedUbuntu Security :: How To Protect From Untrusted Files
Oct 8, 2010I want to start using videos/music files downloaded from untrusted sources (BT,Sharing Forums, etc.). Haven't made this a habit b4 because of the security risks. I want to take steps to reduce the risk & protect my computer from anything malicious. What are some good choices for this? The biggest step I took so far is using Ubuntu since it's very virus resistant, but other threats do exist out there (rootkits, malicious scripts, etc.). When downloading files from untrusted sources, who knows what may be hidden inside.Some options I'm thinking about:
1) Using a VM (with Ubuntu installed inside) & playing the files inside the VM. If anything malicious happen, it would be trapped inside & I could easily revert to a clean snapshot.
2) Using AppArmor to restrict what the files or program used to play the files can/can't do. AA seems very complicated though.
Are the above overkill? Would it be sufficient enough to just open these files on a non-admin user account since no access to root or sudo?
Security :: Centos 5.5 Server - How To Protect From Outside Attack
Dec 21, 2010I have just configured Centos 5.5 LocalMailServer with fetchmail and sendmail , Proxy with Squid and FileServer with samba. Now my concern is security.. How can i protect my server with outside attack. Will I need to block some ports or I need special tools or script so no one from outside can attack my machine. My machine is working on intranet with local ip only.. No web server or static ip exists. Machine is connected with ADSL router to access internet.
View 5 Replies View RelatedSecurity :: Some Precaution Should Take To Protect Notebook From Intruders?
Jun 3, 2010I am planning a trip for a few days and I will be staying at an inn with Wifi access. All the guests are allowed to use it. A friend of mine has been there, he told me there are several other private spots around the house, i.e. lots of other people using Wifi. My friend told me the inn uses WEP, so who knows how many times their access point has been hacked and accessed without permission...
My concern is that I will be there for a few days with my notebook, I will have to work once in a while, connected to the Internet. Is there some precaution I should take to protect my notebook from intruders? Is it advisable to install a firewall in my notebook (iptables?) or am I just overreacting? Is it possible for one of the guests or neighbors to break into my notebook?
Fedora Security :: Programs To Protect My Computer On Internet?
Apr 29, 2009are there any programs that will protect my computer on the Internet. Just started using fed 10 from windows so i am not sure what i need to do. I am using an acer aspire 5630 laptop.
View 1 Replies View RelatedFedora Security :: Password Protect File Folders?
Oct 12, 2009I was wondering how to password protect certain file folders?
View 6 Replies View RelatedFedora Security :: Configure See To Protect The Contents Of A Folder?
Jul 28, 2011im currently trying to configure SE Linux policy for a folder so that only my user with root privileges can access it and not just root but i don't know the commend to run on the folder to change its permissions
View 4 Replies View RelatedUbuntu Security :: Password Protect Evolution (or Other Executable)?
Jan 4, 2010I want to password protect evolution. How would I do that? I want to allow anyone to access all my other software, but my business email needs to be privateMy current solution seems to be to setup another account. But all the user switching and other what not seems a little much for one program.
View 2 Replies View RelatedUbuntu Security :: How To Protect The Whole GRUB2 Boot Menu
Mar 7, 2011I've already read and tested the various guides for pasword portecting the menu items. What I need is a little bit different. I need to protect the whole boot menu so normal users cannot select any entry at all and only let the default entry boot.
View 4 Replies View RelatedSecurity :: How To Password Protect Folder So Can Open It On Windose
Oct 5, 2010I would usually just root the permissions to 000 but I need to password protect a folder on a usb drive and then open it on windows.
View 1 Replies View RelatedSecurity :: Protect Samba Server For Limiting Access To Certain Domains?
Nov 24, 2010I was looking for a way to protect my samba server for limiting access to certain domains.Can I use the parameterhosts allow = example.comor something like that or is there another way to do the job for domains
View 4 Replies View RelatedUbuntu Security :: AppArmor Protect Devices And Limit Their Access To The File System?
Nov 9, 2010This might sound really stupid, so you'll all have to excuse my lacking knowledge. I read that USB attacks get more and more common, like putting in an USB stick with a malicious autorun script on it, and it's game over. Can AppArmor protect devices and limit their access to the file system?
View 5 Replies View RelatedFedora Security :: Anti-Virus Used To Protect Fedora From Spyware And Virus?
Aug 22, 2009if there is any free software there used to protect Fedora from spyware and virus?
View 8 Replies View RelatedGeneral :: Vulnerable To PDF Attacks?
May 12, 2011I've heard of attacks using PDF files on Windows with Adobe Acrobat and Foxit Reader. Is Linux vulnerable to these attacks when using the default PDF viewers in KDE or Gnome or even xpdf? What is a good PDF scanner to determine if a PDF file is evil?
View 2 Replies View RelatedDebian :: Protection Against Incoming Attacks?
Mar 5, 2011I'm using Debian 6 to host a website (with apache2) and a game server. But because of attacks to my server, my hosting company have now set it offline.
These are the two logs that they provided (I replaced all IPs):
Direction IN
Internal ***.***.***.***
[code]....
Fedora Networking :: VPS - Blocking HTTPD DOS Attacks?
Apr 6, 2010I have a VPS which is running HTTPD, and its getting blown to bits by a DOS Attack. Turns out mod_evasive is totally useless (due to not running a total - rather counting per child process) and the only way to stop the box from running at 100% on all cores is to term HTTPD. So, what rules can I implement on the iptables firewall to block multiple requests from an IP? I saw this: [URL] Where someone has posted some rules but these dont work ("unknown error 4294967295" on the 3rd line). This is what i'm after though - block multiple requests from a single IP for a certain period of time.
View 3 Replies View Related