Security :: How To Prevent The Execution Of Malicious Commands

Oct 16, 2010

how to prevent the execution of the following commands or how to set a policy or rule that prevents the execution of the following malicious commands

dd if=/dev/zero of=/dev/sda
rm -rf /

View 3 Replies


ADVERTISEMENT

Fedora Security :: Ssh Malicious Login Attempts

Nov 15, 2009

I have a server box behind my ISP router at home, and I need to allow ssh access to my server. My ISP router doesn't let me allow selectively ssh from some IP. It allows ssh to everyone.

I have fedora10 and openssh-server-5.1p1-3. How can I configure openssh to allow just from 1 IP?

Does it use xinetd at all and the hosts.allow and .deny mechanism?

View 14 Replies View Related

Security :: Could Not Grab Mouse - Malicious Client Eavesdropping?

Oct 16, 2010

After visiting (and being booted from) pclinuxos.com's forum, I am getting the following error message on my system:Could not grab your mouse. A malicious client may be eavesdropping on your session or you may have just clicked a menu or some application just decided to get focus. Try again. I get this if I try to launch Unetbootin, Synaptic, Firewall... Did they put something into my puter? Or is some stuff simply broken after the latest update?

View 3 Replies View Related

Security :: Firefox Plugin Decodes Malicious Websites?

Apr 15, 2010

A computer security researcher has released a plugin for Firefox that provides a wealth of data on Web sites that may have been compromised with malicious code.

The plugin, called Fireshark, was released on Wednesday at the Black Hat conference. The open-source free tool is designed to address the shortcomings in other programs used to analyze malicious Web sites, said Stephan Chenette, a principal security researcher at Websense, which lets Chenette develop Fireshark in the course of his job.

View 1 Replies View Related

General :: Prevent RC Commands From Running?

Mar 17, 2011

I am running a shell script from a rc file in Linux. The shell script is going into a loop which runs for 8 hours. Now I want to prevent the shell script from running when Linux boots or I need to find a way to kill the shell script when it is running. I tried using killall, kill $! and Ctrl+C etc. Nothing seems to work. Can you suggest a way out. I am new to Linux.

View 2 Replies View Related

Security :: SSH For Remote Execution?

Feb 8, 2011

We are on our first Linux platform and I am trying to coordinate a distributed application backup across multiple machines. I am trying to write a script in which I would have used RSH to execute scripts on the other servers. We are no longer allowed to use rsh, and someone suggested ssh. I am using that instead of telnet, but I am not sure of the syntax"rsh server [-n] path/executable" is what I would have used, just not sure of the syntax for ssh

View 8 Replies View Related

General :: Prevent The Logging Of Commands Run Into Syslog As Post-shell Expansion?

Dec 15, 2010

Is there an easy way to prevent the logging of commands run into syslog as post-shell expansion?

I.e log a command of "ls *.log" as just that, rather than "ls a.log b.log c.log d.log" It makes rather a mess of the log files.

View 1 Replies View Related

Security :: How To Prevent Duplicate UIDs

Oct 8, 2010

I have been learning Linux for the past few months and just recently started with Bash programming. Using scripts it is possible to find users with duplicate UIDs but is there any way or script why which duplicate UIDs can be prevented altogether.

View 7 Replies View Related

Fedora Security :: Prevent Firefox With SELinux?

May 11, 2009

I am new to Fedora 10, and to SELinux too.

I would like to know how can I prevent from users with role user_r to connect to Internet with firefox.

View 2 Replies View Related

Ubuntu Security :: Why Few Firewalls To Prevent System

Jul 14, 2011

Windows have many firewalls to prevent the system. But Ubuntu have few. Why is it so? Is it not needed to prevent Ubuntu or if it is prevented?

View 5 Replies View Related

Security :: Prevent Ddos Apache Attacks?

Jan 25, 2011

recently my Apache server crashes very often; by watching the error log,I've notice several signs of intrusion.So, I think the problem can be a denial of service attack against my machine.My distribution is Debian Lenny.

View 2 Replies View Related

Security :: Prevent Same User Ssh To The Multiple Server

May 23, 2010

how to prevent same user from ssh to multiple linux server at a same time , anyone of you have the script or how to do that ?

View 16 Replies View Related

Security :: Prevent Spying Keyboard Input?

Oct 16, 2009

I just made a script to read out /dev/input/event3 into a file (My keyboard is identified here [ Machine is a laptop which runs on slax-atma distro ]). Then used a hexdump to convert the binary into hex. After that used a gwak script to print out the keys corresponding to each keyboard input. So now when I put this in my rc.local , It is taking down all the keys I press. Including login passwords (In short, each and every keys I press).Isn't this a big security risk, because intruder who has a physical access to my machine or has root password can put this file in rc.local and run a script to mail him all the details like my passwords, account and PIN numbers.

View 14 Replies View Related

Security :: Prevent Users From Changing Their Password?

Jul 17, 2010

I use the following method for preventing the users from changing their passwords , is there any other method other than this ?ls -l /usr/bin/passwd-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwdso we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwdnow normal users won't be able to change their own passwords - and only the root user will be able to do it for them.

View 9 Replies View Related

Ubuntu :: How To Report Malicious Software

Jan 16, 2010

Having recently gone on an interview with a company that attempted to con me into writing malware for Linux desktops (which made the assumption that javascript and flash were present), I am concerned about this.I have a fresh install of Ubuntu 9.10 desktop x86-64. I wanted to download a free documentary via bit torrent but don't trust bit torrent sites and needed to be able to search for seeds from the client. I installed Vuze (formerly Azureus) from repo. I opened the client and searched for my file and BLAMO!, twenty or so notices came up about me needing an anti-virus, trojans being on computer, etc. Clearly this phishing attempt was directed at a Windows machine, however the behavior of the application is unacceptable. I haven't checked to see if any files were downloaded or nasty tracking cookies created (though I did get one prompt for my password), but I was curious: Is there a place to report potentially malicious or unsound applications in an Ubuntu recognized repo?

View 8 Replies View Related

Fedora Security :: Prevent People From Unauthorized Access?

Mar 19, 2009

I'm doing a research to protect my pc from physical access. What I'm facing here is that my company created a program for fedora 8 and plans to sell the unit away. We created a function where you can configure the program using any web browser from a network so we do not want anybody to have access to the fedora except for out personnel.

Based on my research, I've found [URL] this guide to protect people from accessing grub and single user. I am currently researching on preventing others to clone the harddisk. I would like to know if there are any other methods to prevent people from unauthorized access to fedora.

View 14 Replies View Related

Ubuntu Security :: MoBlock Does Not Prevent Browsing To Blocked IPs?

Mar 11, 2010

I have installed MoBlock as instructed here: [URL]

After installation I created my own list file in /etc/blockcontrol/custom-blocklist.p2p and have the following uncommented at the bottom of /etc/blockcontrol/blocklists.list:

Code:
locallist /etc/blockcontrol/custom-blocklist.p2p

The list contains the following 2 entries:

Code:
Yahoo:98.137.149.56
Google:74.125.47.147
When I do:

[Code].....

Recently I just noticed that the locallist rules seem to have no effect. I will always get "destination port unreachable" even if the locallist entry in blocklists.list is commented out.

However, whenever I try to browse to that IP, even when blockcontrol is on, even by typing the IP into Konqueror (not the domain name), it lets me go there every time. How can I know that my other applications will not to do the same thing? How can I lock this down and test it empirically to be sure?

View 1 Replies View Related

Ubuntu Security :: Prevent Kernel Initramfs Extraction?

Jul 16, 2010

I'm writing here because it's mainly a security issue even though it's rather kernel related.

I'm compiling my own vanilla kernel with an initramfs included in the bzImage. That image contains encryption keys for the rest of the system. Even though it's not for everybody the initramfs image can be extracted from the kernel, decompressed and the keys extracted.
I'm looking on a way to prevent this.

View 3 Replies View Related

Ubuntu Security :: Prevent / Disable Copy Of A File?

Feb 5, 2011

How do I prevent/disable a file from being copied?

I would want someone to be able to see the content of a directory, then open the relevant document, but just for viewing purpose. They cannot copy the file, either through copy + paste or File/Save As.

Is that possible under Ubuntu?

View 4 Replies View Related

Ubuntu Security :: Prevent Users From Changing Settings

Jun 15, 2011

I am administrating a system with about 40 or 50 users, and we recently jumped ship from windows to ubuntu. Most of my users are getting along fine, but it seems every few days, i have to help someone who accidentally changed something, and now their account (or more rarely, the machine) is unusable, and has to be reset.

I know configuring /etc/sudoers is a huge step toward fixing my problem, but that still will not completely solve it. What I would like to do is prevent users from making ANY changes to the system (aside from their work files and the like), including themes, icons, desktop, background, etc.

View 2 Replies View Related

Security :: How Does Mktemp Prevent Denial Of Service Attack

Apr 22, 2010

This is an excerpt from the Linux man page for mktemp command: "mktemp is provided to allow shell scripts to safely use temporary files. Traditionally, many shell scripts take the name of the program with the PID as a suffix and use that as a temporary filename. This kind of naming scheme is predictable and the race condition. It creates is easy for an attacker to win. A safer, though still inferior approach is to make a temporary directory using the same naming scheme. While this does allow one to guarantee that a temporary file will not be subverted, it still allows a simple denial of service attack. For these reasons it is suggested that mktemp be used instead."

- How can a denial-of-service attack be carried out if a directory name is known?
- Why is it important to use mktemp to generate a sufficiently random file/directory name for temporary files?

View 1 Replies View Related

Security :: Prevent Normal Users See All The Processes Running On The Box?

Dec 30, 2010

I've a Linux box with few users (with shell). I would like to prevent normal users see all the processes running on the box. How can I implement this?

View 1 Replies View Related

Fedora Security :: How To Prevent The Appearance Changing Window Running

May 21, 2009

I want to prevent users changing the wallpaper, as i couldn't found any direct method I thought of preventing the /usr/bin/gnome-appearance-properties being running,

I know that the user also can set the wallpaper without running that . But didn't found any other way .

I tried to use SELinux to it and I'm stuck at writing a own policy.

According to SELinux, it prevents everything ., but as i have mapped the user to a SElinux user ,even though he can use administrative tasks , he can run the appearance window. that means he has got the permission from a different policy , Currently I'm stuck at this place.

Suitable way to prevent the wallpaper being changed by the normal users.

View 1 Replies View Related

Ubuntu Security :: Firewall: Completely Prevent Any Traffic From Network?

Jan 4, 2010

I have Ubuntu 8.04 as virtual host. On this host I have installed VirtualBox virtualization software. I have installed Windows XP as virtual machine and installed HTTP server.I would like temporally disable all network connections to host and virtual machine.So on Ubuntu host I have set firewall settings:

Code:
sudo iptables -F (to flush - delete all firewall settings)
sudo iptables -P INPUT DROP (to disable all input traffic)

[code]....

View 9 Replies View Related

Ubuntu Security :: How To Prevent Grub Command-line Boots

May 18, 2011

The ability to manually boot using the Grub command-line constitutes a big security risk in Linux, IMO.Any OS can be booted in this manner from a PXE-LAN, USB, or CD/DVD drive, circumventing BIOS-imposed boot restrictions. (Once a foreign OS is booted, of course, it can be used to access any part of an unencrypted hard drive.) Placing passwords or locking menu items (in the Grub configuration files) does not prevent a user from booting manually using commands entered at the grub command-line.

As it stands now, when presented with the Grub menu (or after bringing up a hidden Grub menu with the "ESC" key), a user only needs to hit "c" to enter the Grub command-line mode to facilitate any type of bootup whatsoever. (They can then enter manually the Grub commands to boot an OS on any device.) This is extremely insecure and allows any passerby to boot the computer with a few keystrokes and a bootable USB drive. How do I configure Grub so that it will require a password in order to enter the command-line mode (and thereby restrict boot options to the menu, which can then be password protected/locked) ?

View 8 Replies View Related

Security :: Filter Pam_rhosts_auth Messages To Prevent The Logs Filling Up?

Mar 8, 2010

I have a batch job which logs in to the server every 10 minutes via windows rsh. The job checks to see is there are any files that need to be send via a EDI serverto a supplier.The following logwatch report is swamped with the login messages and would like to either suppress the logging in PAM? or suppress the entry in the logwatch report?But I still want logging id the username is not username1.Connections (secure-log) Begin rshd[1754]: pam_rhosts_auth(rsh:auth): allowed to username1@10.0.0.1 as myedi

View 2 Replies View Related

Security :: Prevent Users From Changing Or Unset Their HISTFILE Variable?

Sep 30, 2010

'readonly HISTFILE'

but the user could tamper with the histfile itself. Like:
rm -f $HISTFILE;
rm -f $HISTFILE; mkdir $HISTFILE;
rm -f $HISTFILE; ln -s /dev/null $HISTFILE;

I'm experimenting with PROMPT_COMMAND to execute a command each time the user executes a command and so log it somewhere else.This post was pruned from the 2009 Is there a way to prevent users from changing or unset their HISTFILE variable? thread. Please do not resurrect old threads but instead create your own (and maybe provide a link to the old one).

View 2 Replies View Related

Fedora Security :: New Glibc Update Make Selinux Prevent Qemu-kvm To Run

Aug 11, 2009

After install glibc-2.10.1-4 (x86_64) package, i couldn't run the qemu-kvm anymore.

SELinux is preventing qemu-kvm (svirt_t) "setrlimit" svirt_t.
SELinux prevented pt_chown from using the terminal 0.

View 6 Replies View Related

Ubuntu Security :: Protecting My Privacy - Measures To Prevent My ISP From Keeping Data

Jun 12, 2010

Intrepid Ibex (U8.10) is what I am using presently and I would like to know if there are measures that I can take to prevent my ISP from keeping data that flows between my PC and it.

I am living in Australia, I am wanting to keep the bastards (read: Australian Government) ignorant about what I use my PC for.

Its them storing any of my personal information that I am worried about, but if I can keep my history from them completely, even better...

View 9 Replies View Related

Ubuntu Security :: Prevent Desktop Users From Viewing The Wireless Password?

Dec 3, 2010

The title says it; I want to prevent users from viewing the wireless network password.

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved