Security :: Is Live CD Safest Thing For Doing B*nking?
Jun 24, 2010
Want to know if using a live CD, say Knoppix, gives a good level of protection when moving money about? I am very unsophisticated on the subject of security.This question has been addressed before on this site Code:if you have enough RAM you can ignore your local disks all together, and avoid the security risk of a swap file
How you do that then?Perhaps it would be better to use an operating system inside the software computer, virtual box, that only ever gets used for this b*nking purpose?
I'm running MySQL 5.0 on a production server and I require to upgrade mysql to version 5.5 to get a new collation support. What is the best procedure to follow? I cannot find MySQL 5.5 on the standard repositories. A yum install would be the safest, correct?
I would like to change my username (or login name) and am wondering what the safest route to do so is. The install is on a headless server, which I just use ssh.There's a) using usermod -l newname oldname. The line in the usermod man that says that changing the login name doesn't change anything else, which makes me think that something else is bound to break. I've also considered b) creating a new user, moving the contents of my home directory to the new user, and deleting the old user. This is kind of cumbersome, but would this be the recommended way to ensure everything goes well (considering I still have to redo some config files).
The latest kernel(2.6.32.9-67) is causing problems for my laptop.What are the best practices for safely removing a kernel?( Yum wants to remove gcc and friends also...)How can one prevent Software Update from relisting the bad boy?
So what is the easiest way to install Ubuntu with win7 also on the computer?I'm asking because last time I ran Ubuntu it was Wubi'd into XP and then it broke, breaking XP's bootkernel and then keeping me from booting into anything...
I have a script which when invoked will generally su into being a number of different users (for those that have read other threads from me, you will know.I am building my own user based package management system).Whilst 75 - 80% of the time there will be no need to be anyone other than the original user, there are times when the root password is required. Currently this is presented to the administrator at exactly the point in the script that it is required.At times this may be more than once and it may also happen for multiple users in a row.
What would be the best / safest method (in your opinion) of capturing the password at the start of the script and then delivering it when required?I have looked at expect ( I am not at all familiar ), but on the examples dealing with passwords, that I could find, they all seem to store the password in a simple bash like variable (which does not excite me at all from a security point).I can also potentially go down the sudo road, but the issue here is that I would either have to find a list of commands that an entire group can have access to without passwords (doesn't sound safe) or I am back to square one of then requiring a password for each individual user to be entered, which if at the start would still need to be captured and saved until necessary.So as I have said, I am open to any and all (constructive) advice
I need to run fsck on a large partition on my server on a periodic basis. In many cases, however, files are left open on the partition, e.g. XMing sessions are often left open for weeks at a time because connection is hit-or-miss, or jobs are left running.
My first thoughts are to shut down the daemons I know are using the partition, then traverse lsof for processes that have files open on the partition and do a SIGHUP, SIGTERM, SIGKILL sequence on them. One problem I see with this is that in some cases a script might be running a loop that performs a process on the partition. For example, suppose loop.sh is running from ~ and it loops process.sh over the files in /data (i.e. the partition in question.) The first signal would end process.sh, but loop.sh wouldn't be touched, which would allow it to proceed to the next iteration, etc. until the final instance of process.sh would get the SIGKILL and yet another iteration would start. Killing process groups might help here, however.
Ideally I would just go to init 1, check the filesytem (maybe run a backup,) then go back to init 4 (running Kubuntu, so no init 3.) I'm not exactly sure how to pull that off without the filesystem check happening every time the server goes to init 1, however.
When connecting to a database in a php script, where would be the safest place to store the connect.php file. I am thinking it should not be in public_html, but is it safe in sub folders or is there a method people generally use to keep such files secure and inaccessible.
The file I mean is one including the database name, user and password etc.
I would like to attempt creating a cron job to backup my root (/dev/sda1) & home (/dev/sda3) partitions to an external USB drive.I have been using Clonezilla to make image backups but, I have to physically do it, when I remember or have the time. I have never created a cron job, and worse, I have never created a .sh file which, I think, is what I need to do.
Having read several threads and received excellent previous advice there are just a couple of points I want to check please before proceeding on laptop. I want to upgrade to 11.4 from 11.2. My disk setup is as follows:-
Disk /dev/sda: 120.0 GB, 120034123776 bytes 240 heads, 63 sectors/track, 15505 cylinders Units = cylinders of 15120 * 512 = 7741440 bytes Disk identifier: 0x462d462c
[Code]..
If I select existing /home root and swap partitions, format root but prevent formatting of /home and use a different user ID I believe that will leave my existing data intact and will allow me to trial new os. Is this correct approach? If all goes well and when I have new system working correctly, what is best way make old user id date accessible. Can I simply create my old id on new system and will that allow me to access data when I log on with that id?
Second question; at present I have the ability to boot to openSUSE, OS/2 and windoze. (It used to be done entirely by Boot Manager but during my last Linux installation I messed this up a bit so now machine boots to grub and this offers all three operating systems but chain loads Boot Manager if I select OS/2)
When I do the new installation what should I select to retain this setup so that I still have access to windoze and OS/2 but when selecting linux have new 11.4 system run.
I am planning to install 10.4 when it arrives. And am not going to upgrade because i upgraded from 9.04 to 9.10 so now i need to refresh the system.But I have all my partitions except root using lvm2 logical volumes. My question is : What is the safest procedure to install 10.4 on an existing lvm2 without losing my files/partitions
I got BT's repo's set and ready to install, tho I haven't installed them all just yet cause I not wanna crash the system, so I guess what I am asking has anyone sucecfully done this and what are the specific risks here. I have uploaded crunch and that works fine if I do it manually from the command line. the kernal seems to be update-able as well to BT's Kernal, I am not sure if I should do this or not in fear it might crash the Ubuntu system somehow. I guess what I might do next is install everything but the Kernal and install the executable links to the drop down menu by hand per the menu structure.
What I would ideally want is to have all the functionality of BT in Ubuntu which is pretty close to where I am at. Also, when I am done I want to make a live CD of this system so that I not have to do this ever again as it is very time consuming. What program would be used for that? Would any of my user data transfere? I don't want my user data to be transferred to the live CD just the raw system data etc. Anyone done this and would like to chat via skype? that would be best, but I'll take any help I can get at this point. I am using Ubuntu 9.10 for all this.
Is an ubuntu live cd totally secure from intrusion? Stated another way, even if someone knows my ip address, can the live cd environment be hacked into in any way so that another could monitor what I am doing on my computer? From my understanding the live cd is read only, so that would prevent anything malicious being installed on it. I am curious if there are other ways a box running a live cd could be tapped into.
AVG Rescue CD A powerful toolset for rescue & repair of infected machines. Quote: The AVG Rescue CD is a powerful must-have toolkit for the rescue and repair of infected machines. It provides essential utilities for system administrators and other IT professionals and includes the following features:
* Comprehensive administration toolkit * System recovery from virus and spyware infections * Suitable for recovering MS Windows and Linux operating systemsFAT32 and NTFS file systems) * Ability to perform a clean boot from CD or USB stick * Free support and service for paid license holders of any AVG product * FAQ and Free Forum self-help support for AVG Free users
I have broken my MBR and can now only enter 9.10 with the ubuntu start up cd.when i boot through he ubuntu live cd.I can see my mounted drive with all my files however i do not have the permissions to open or copy some of my files( music, films, pics) . id like to do this so i can transfer all my files to an external HDD and reformat start all over again.error when trying to open files.You do not have the permissions necessary to view the contents of.
I had a friend ask how he could do his electronic banking without a chance of any information being left on his computer once he is done.
I thought of a Ubuntu live CD but have seen the HD activity light flashing when using one. That leads me to believe that some kind of use is made of the HD and that makes a live CD questionable. He wants no information on the HD even in unassigned sectors.
Maybe, better yet would be a USB thumb drive that runs Ubuntu or another distribution that will not use the HD or even require that one be in the computer. A plus with a thumb drive would be that it would only be available on the computer when it is being used so it could contain passwords etc. Of course, it would have to be removed when not in use.
I have a windows install that is totally hosed, bluescreens, etc. I want to try to force mount it from Ubuntu to get whatever data I can, but it won't allow me to mount. It keeps telling me to run chkdsk /f and reboot twice. But that's not possible. I was wondering if there are any ntfs tools for Ubuntu or any data recovery tools I can use to get what I can from this drive.
Is there any point to running a personal firewall when using a linux live CD or DVD with a dialup internet connection? My chief concern is compromise of the underlying Windows installation. I do not need corporate-grade security.
I want to run Debian as a live version from my USB flash drive. Does this provide the same amount of security from hackers as installing Debian as the only OS on my netbook. Windows ce would still be on my netbook?
I want to access my hard drive to copy over my old documents. So I boot into a LiveUSB, mount my ubuntu partition, and then cd to my home directory, but I can't open it. I get "permission denied." I encrypted my whole home directory and know the password, but how do I "decrypt" it or login as the partition's root so I can access the documents that way. I'm booted into the USB, but can't access the home directory. I get "You do not have the permissions necessary to view the contents of 'jake'".
My most recent F11 -> F12 was a near-fiasco, because I had the bad luck of foolishly having two distinct physical drives in the same system, where the /(root) partition on each drive had exact same UUID (result of partition cloning and neglect to change the UUID on the copy)
BUT! the UUID redundancy was not the initial trigger of my problems (its near-disastrousness played itself out only while I was REMEDYING the initial problem). The initial trigger: insufficient space on my /boot partition. "preupgrade" neglected to properly assess the space and/or warn me about it before proceeding.
In addition, the automatic cycling out of grub kernel entries came to bite me (part of many factors of the near-fiasco) because after the unfinished upgrade i had only one working kernel left to boot into, until I messed up that remaining one (too long a story), and then grub-install messed up my booting because of duplicate UUID. At any rate, at the end of what looked like a good preupgrade-reboot-upgrade-package-install process the post-install phase lingered a looong time, then I found myself booted into the old Fedora 11 kernel with absolutely NO modules (corresponding /lib/modules had been erased by the upgrade!) Somehow the system ran, but no USB, no wifi, no ethernet, no way to easily place the right kernel rpm onto the hard drive (had to unscrew the drive,etc., to copy over the correct kernel rpm). (Plus, file /boot/preupgrade/vmlinuz, left over from the arrested upgrade, was NOT the right target upgrade kernel version (2.6.32.9-70.fc12), so it didn't help either because it didn't have its modules either. The target /lib/modules (version 2.6.32.9-70.fc12) WERE there, but the kernel itself was NOT, due to upgrade running out of space on the /boot partition).
(Oh, and the preupgrade/upgrade had deleted my /var/cache/yum/preupgrade/ packages; hence my inability to quickly (re)install the 2.6.32.9-70.fc12 kernel rpm -- why!? it hadn't successfully finished the process!)
(Also, FWIW, i ended up rescuing the system through "rpm -i --force <kernel>", many an F12 rescue boot, chrooting, /boot/grub/grub.conf & fstab edits, tune2fs/uuidgen, running grub on command-line ("setup (hd0)"), etc., etc.)
So, any tips out there on phasing out the old-school /boot partition scheme, the safest and easiest way (without destroying a working system, of course)?
I'm using tty1. Lets say I am listening to music there can't I do another thing at the same time read or writing to files or plus can the default login take me there instead of tty8.
Does anyone know how to delete that virtual CD thing that is built into WD harddrives? Nothing I've tried works and I can't find anything about it online. If it can't be deleted, can it at least be disabled so that I don't have to look at the cd icon every time I plug in the hd?
just installed testing on my netbook. my sources.list file all say wheezy. it was my impression that debian testings nickname was squeeze. are wheezy and squeeze the same thing?
Having been given a P4 computer "not running fast" had xp on it.I decided that the time had come to improve on Microsoft so I added an extra 1gb ram downloaded ubuntu, burn off a cd and set to work loading this computer with Ubuntu
Try 1 failed, boot of disk but stalled Try 2 failed boot off disk but full of errors. Try 3 from within windows, yes we have Ubuntu dual boot with a fresh install of XP, looking good took it off the work bench and plugged into my KVM system. Reboot.Err where is {Ubuntu} bit like a rabbit and hopped off the drive Try 4 Boot up from inside windows only this time a full reformat and full install of "Bunny" {well it has hopped off once} so from now on, I shall call ubuntu Bugs after bugs bunny that well known cartoon fool. (What's up Doc)
Low and behold I now have a fully ? no! a working version of Bugs now running.Test it on U-tube, download install plug-in all working, let the kids now on it to try it out.Yip, bebo , facebook run A OK, and the built-in sound card works, great I can play a bit of music.At this point things start to fall apart.Rhythm-box, it will not play any of my mp3 files that I put on the hhd, it tells me but I downloaded the whole CD from Ubuntu web site.And when I try other things to download to play music I get the following message or same as.Now the last thing I want to learn is a complete new language.If bugs can not play standard mp3 files like every man and his dog has, what is the point in having a poor rated file player.
After pissing around with Kubuntu all evening, I wish I had hair to pull out in screaming frustration. After trying everything from Xbindkeys to animal sacrifices and voodoo spells to get my multimedia keys working, I now find that both the Windows key and the End key are mapped as F14. Problem is that it's the End key opening the K Menu, not the Windows key.
How can two keys get mapped as the same thing?! And how do I get the End key back to just the End key? I'm close to calling it quits on Linux and putting Windows back on my laptop.
