Security :: Lightning Rod Keeps You Safe From Dirty Flashers
Jan 3, 2010
A new open source package called Lightning Rod will help to close security exploits in Adobe's dirty Flash code. A presentation made at the 26th Chaos Communication Congress showed that the package does its job by reviewing incoming code before the browser executes it. Heise Online is reporting that this method can block over 20 different known attacks and can even be used to filter out malicious JPG attacks. As more vulnerabilities are discovered they can be added to Lightning Rod to close the breach.
View 2 Replies
ADVERTISEMENT
Dec 5, 2010
I am using Fedora on my desktop pc. I want to know how can i protact my PC from outside world. What firewall policy should i implement in iptables to keep it more secure.
View 5 Replies
View Related
Dec 14, 2010
I'm currently running OpenSuSE 11.3. I'm afraid as newer versions are released they will demand more of my old PC (Dell Optiplex GX270). Also, I've heard of issues with newer Linux distributions having issues with older Intel hardware (just hearsay, not personal experience). However, patches for specific OpenSuSE releases have a limited window of time.So,
Am I much more at risk to security issues if I keep a version of Linux past its patch date?Is it possible to keep a specific Linux release but still be able to receive security essential updates based on my repository selection?
View 2 Replies
View Related
Nov 12, 2010
It seems to me that he passwords kept in GNU Keyring Seahorse, are not kept very safe, because if I'm logged in and someone access my cumputer they can see my passwords that are saved there. I have set a keyring password, but it seems that is it not all the time locked.What are some general follow guide rulles to make sure my passwords are kept safe and my encryption keys that I use.
View 2 Replies
View Related
Jun 11, 2011
How do you know if a site is safe to download from ?
Have only been using Mint 11 for 3 days after 7 years with windows and the usual safety nets there were the https headings and firewalls blocking stuff but how do you know something is safe in Linux ?
In short how do you know it's a trusted site ?
View 5 Replies
View Related
Jun 14, 2010
Other than Firestarter, how safe is it to use an iptables firewall for Linux if you know the basics of iptables but not the details and not exactly what you're doing with iptables? I want to be very secure without configuring iptables myself if possible or doing as little as possible. If you don't think iptables is safe if you don't really know what you're doing, which firewall you can use (Slackware specific, preferably) that is the easiest to install and configure? Are there any that work like free Windows firewalls, other than Firestarter? I've looked around and looked at slackbuild and can't find a Firestarter package, I searched this site also and saw something about the reason there isn't one. I'm concerned with my security and I don't want to write my own iptables firewall - I don't fully know what I'm doing.
View 6 Replies
View Related
Sep 29, 2010
When I go to the Runesacpe page to run the game I get a message that says that the aplit is not signed.
Is it safe to run.
Does anyone know what it does, other than just run the game?
View 2 Replies
View Related
Jul 13, 2011
I just found a neat way to encrypt a file in Ubuntu 10.04.
I right click on a file and select the Encrypt option. The program prompts me to "Choose Recipient" so I choose myself on the list. Then it prompts me to enter my passphrase.
Once all that's done I hit enter and it adds .pgp to the end of whatever file just encrypted. The same basic method is used to Sign the file.
Does it sound as though what I said is correct and that the file I wanted to encrypt was indeed encrypted?
Can anyone crack my files without the passphrase? I'm sure it depends on the complexity and length of the passphrase.
View 6 Replies
View Related
Sep 8, 2010
when I apply port forwarding to my router @ home? Is it a risk to every computer on the network or just specifically the server that is involved?
View 9 Replies
View Related
Sep 24, 2010
I opened a specific port in my router and manually configured Limewire to use the same port for all traffic, but I notice when I disable and turn off Firestarter when on limewire, my searches go really fast and dowaloads zoom really fast also I am not running as root. Is this ok to temporarly stop the firewall when I am on Limewire and then turn it back on when finished?
View 9 Replies
View Related
Apr 19, 2011
I would like to know if you guys think this is a safe plugin/extension to use with either Chromium or Firefox.
There is an old page that shows it had security issues in the past.[URL].. Would it be safe to use this or do you think someone could use it to steal my passwords, etc. while browsing?
View 3 Replies
View Related
Jul 17, 2011
how safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?
View 4 Replies
View Related
Apr 15, 2010
So I know Linux has iptables, I'm rather new to linux, and I'm wondering, are the stock settings with Ubuntu/Kubuntu safe? Is there anything I need to do make them more secure? I tried adding rules myself for some things but ended up just not being able to do anything so I had to reset back to stock with iptables -F. Should I be safe running as-is?
View 4 Replies
View Related
Jul 10, 2010
What if someone tampered with some important security updates, and suddenly you get a rootkit instead?
View 4 Replies
View Related
Apr 7, 2011
I am new to Ubuntu so Iwant to know,Am I safe when on-line with the default installation settings on? If not what should I do?
View 6 Replies
View Related
Mar 10, 2011
I have a server that has 2 dirty volumes, both of which are very large. One volume contains live data, the other is just a rsync'd copy of that data, which isn't critical to the users. The e2fsck is taking forever in single user mode, so i'm wondering if there is a way after the volume with live data becomes clean from e2fsck fixing everything, if i can boot the server and have it skip mounting the other dirty volume (/dev/md1) just this once, so i can get the server up with the live data available to users. Then with /dev/md1 unmounted with the server up, I should be able to e2fsck that until it comes back clean, then do a mount /dev/md1,Please let me know how I could do this, I'm running RedHat if that matters. I'm quickly running out of time here,
View 5 Replies
View Related
Feb 17, 2011
Today I ran
aptitude update && aptitude safe-upgrade
Like I regularly do, and I see these two packages need to be upgraded:
login passwd
Since these packages seem kinda security-sensitive I would like to know exactly why I would need to upgrade them. I checked Debian's security list but couldn't find anything relevant, and the links to the changelog for both packages are broken:
The requested URL /changelogs/pool/main/s/shadow/shadow_4.1.4.2+svn3283-2+squeeze1/changelog was not found on this server.
Where can I see what is changed in these packages so I can safely upgrade?
View 3 Replies
View Related
Sep 2, 2010
My Windows XP Pro laptop has been attacked! Windows will no longer update and Microsoft Security Essentials will not update either. I've been trying to resolve the issue for over two weeks with Microsoft support, but it's just taking too long. I also tried some rescue CD options (all running some form of Linux, obviously):
- BitDefender Rescue CD (removed infections, now detects nothing),
- Kaspersky Rescue CD 10 (removed infections, now detects nothing),
- Trinity Rescue CD (won't load AV Engine, so can't use it to do anything).
Malwarebytes cleaned a bunch of stuff, but will not clean the final threat detected (it's supposed to get deleted on reboot, but never does). Hijack.FolderOptions is stuck in the accursed registry, and it keeps causing Windows Explorer to crash. I cannot rename files or work with them or everything just crashes.
So I'm ready to reinstall XP from scratch, and add a dual boot with Xubuntu & LXDE, which I'm already running on a much older laptop.
Question: I want to rescue the files I need. My idea was:
1) Install Xubuntu with dual boot.
2) Copy over files from Windows XP partition using Xubuntu.
3) Back up files to an external drive using Xubuntu.
4) Reinstall XP Pro and format hard drive.
5) Reinstall Xubuntu with dual boot.
6) Use Xubuntu for daily use.
7) Only use XP for those tasks that require it (TomTom updates ...)
Should I be concerned about the security risk from copying files from the Windows partition to the Xubuntu partition, and from there onto an external hard drive?
Is this the way to do it, or is there a better way? I just want my laptop back in working order. Right now I can't use it for anything.
View 8 Replies
View Related
Jul 13, 2010
I am setting up tomcat server on my Centos 5.5 machine. I've been advised to run tomcat on 8080 as non root user and redirect traffic to it from port 80.
I searched and found the following iptables commands for this:# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT -to-ports 8080
# iptables -I INPUT -p tcp --dport 8080 -j ACCEPTI have a doubt:
Tomcat is not accessible via port 80 without the second command. But the second command opens 8080 and makes it accessible over the internet (tomcat is accesible via both: www.<website>.com and http://<ip address>:8080). This doesn't seem right. Is there some simple (iptables) way to redirect traffic "internally" from port 80 to 8080 without having to open 8080 to the internet.
View 3 Replies
View Related
Nov 9, 2010
I just did a clean reinstall of Ubuntu (10.04 --> 10.10). After the install, any time I do CPU intensive work, my PC is suddenly shutting down like it's overheating.Everything was working fine for months, and started having problems immediately after the reinstall. so this is not a problem with my hardware, and it's not a problem with my fans needing cleaning -- it's a problem with software. So please don't tell me "that sounds like overheating, clean your fans". Something is different in software-land between 10.04 and 10.10 that is causing this to happen -- I assure you that the upgrade did not magically fill my fans with cat hair.
I have checked my log files, and can't find anything related to overheating -- searches for things related to lm_sensors, "temp", and "thermal" are not turning up anything in the system logs (syslog, kern.log, or messages). I also looked at the logs around the times of the sudden shutdown, and couldn't find anything unusual.How can I diagnose this? I'd like to file a bug report, but since I can't find anything in the logs, I honestly have no idea how to go about providing useful information.Is there anything besides overheating that might be causing my laptop to suddenly shut off?
View 7 Replies
View Related
May 6, 2010
I'm trying to figure out how to use ADrive.com's 50 GB's or SkyDrive's 25 GB's of free storage to backup my computer automaticaly.
Problem's:
1. With ADrive I can select all my files at once through their website's uploader vs SkyDrive where you have to select them one by one. There are some third party programs, like Gladinet, which will mount sky drive to your computer like an extra drive, though I haven't found one for linux yet. This guy came up with a cool way to backup automagically with Windows: [URL] I am trying to figure out how to do the same thing with Linux.
2. ADrive's uploader is not on https, whereas SkyDrive is. Either way I wanted to encypt my files on my computer first so when I back them up, they are safe in case they should fall into the wrong hands, not that I don't trust Microsoft or whoever ADrive is with all my most precious documents, but I'd rather error on the side of safety.
View 1 Replies
View Related
Jun 11, 2010
adobe was kind enough to release new versions of flash to deal with the recent 0day exploit which is all fine and good except they didn't release a 64bit version. as a matter of fact the 64bit alpha is no longer available for download and their forum for the 64bit version has been set to read-only.
i'm using slackware64 13.1. i began the process of getting nspluginwrapper working with the 32bit plugin but decided that it wasn't worth the hassle. rather than just dump flash altogether, am i making my box "safe enough" by using the flashblock extension for firefox? obviously, sites still can sniff for the flash version, but nothing will be displayed unless i click on it. basically i'd only be using it for stuff like videos and a few other major sites that should be trustworthy.
View 6 Replies
View Related
Jul 2, 2011
After preupgrade downloads install media and reboots to start install, I get a dirty file systems error on /dev/sda2, my / partition.I fsck'd sda1,2,3,4,5,6 (all clean) and rebooted, ran preupgrade again and got same error. No other disks are mounted other than internal SSD.wtf is going on here? ;-)More importantly how does one get around this error? Only half-solution I have found on the net for this problem is to set allowDirty=1 in upgrade.py and recreate install.img. Have no preupgraded before so don't want to take any more risks than necessary.Thanks for any workarounds....---------- Post added at 03:12 PM ---------- Previous post was at 08:31 AM ----------Anyone have ideas here? I'd like to avoid yum upgrading as that looks to entail more pain.Why on earth does Anaconda see my /dev/sda2 on "/" as dirty when fsck reports it as clean
View 1 Replies
View Related
Apr 8, 2010
I use openSUSE 11.1, 64 bits version. I also have Thunderbird version 3.0.3 . I would like to install Lightning (version 1.0 beta 1) but I get the following error : Lightning" could not be installed because it is not compatible with your Thunderbird build type (Linux_x86_64-gcc3). Please contact the author of this item about the problem.
View 4 Replies
View Related
Nov 19, 2010
I'm running Thunderbird/3.0.10 on Lucid 10.04, there does not seem to be a Lightning add on available for this version. Can anyone point me in the right direction as to how to get this up and running?Otherwise I like 10.04 and intend to stick with it till the next LTS release as I need a stable desktop environment.
View 2 Replies
View Related
Jul 17, 2010
The version of Thunderbird which is in openSUSE 11.3 is 3.05. Alas, the Lightning add-on only works with Thunderbird 3.1+. I use this add-on a lot!
I'm very tempted to just download Thunderbird 3.1 and install it, but I'd rather "keep it in the family" and have zypper managing the updates etc. Is 3.1 in the pipeline for openSUSE 11.3???
View 4 Replies
View Related
Oct 4, 2010
I am running lucid with Thunderbird 3.1.5 (32 bit) and trying to install Lightning 1.0b2. Whenever, I install Lightning, I cannot restart TB, if I drop it. No error message. I have to start TB from the Terminal with "thunderbird -safe-mode", remove Lightning, and then everything works. I read of others having problems with TB and Lightning, but most of these are 64 bit. I am 32 bit. Please note that I have removed all other extensions from TB, but I still can't run Lightning.
One concern I have is that even though Synaptic says that TB 3.1.5 is install, the Help>About says just TB 3.1. It doesn't include the ".5". I am concerned that despite what Synaptic says, I might not have version 3.1.5 installed. Is there any way to check if I really have version 3.1.5 installed? I tried to install the latest nightly build of Lightning, but I got the error message "Lightning 1.0b3pre could not be installed because it is not compatible with Firefox 3.6.10". how to get Lightning to run with Thunderbird?
View 9 Replies
View Related
Oct 22, 2010
With the most recent upgrade of Thunderbird to 3.0.9 I was unable to find a 64-bit version of the lightning calendar plug-in. I tried compiling my own copy of thunderbird v3 from source (3.0.10pre) and it loaded into 3.0.9 perfectly! Rename the attached files to drop the last ".bz2" (files should end in ".00" and ".01") then combine both files with the command
Code:
cat lightning.tar.bz2.* >lightning.tar.bz2
If you want to try compiling your own copy instead, just read the websites quoted in the header to ensure you have all dependencies then simply run this batch file
Code:
#/bin/sh
#Compile Thunderbird c/w lightning
#script compiled from: https://developer.mozilla.org/index.php?title=en/Simple_Thunderbird_build&action=print
[code]....
View 9 Replies
View Related
Oct 31, 2010
Have just installed Kubuntu 10.10 Maverick 64-bit - works fine. Using xul-ext-lightning (lightning 1.0b2) with a symlink for local.sqlite to the same on the Windows 7 64-bit partition, I can have the same calender on both partitions.
I also have a Kubuntu 10.04 Lucid LTS 32-bit partition and I would like to do the same, but cannot do it. When trying to install lightning 1.0b2 I get the message "not compatible with Thunderbird 3.0.10". So I disable the compatibilityCheck and it installs okay. But the calendar does not show any data with the symlink. Why is that? Different sqlite versions?? Or is it so that the 64-bit data cannot be read by a 32-bit program??
So I try older versions of lightning.xpi - no luck. After some additional googling I try installing Thunderbird 3.1.6 32-bit using Ubuntuzilla. Compatibility OK with 1.0b2 but still no calendar data using the symlink.
View 2 Replies
View Related
Aug 15, 2009
F11 just updated Firefox to 3.5.2 and now lightning doesn't work as an add on. Anyone know :
1. Is there an update for lightning that will work or
2. How can I roll back the version of firefox so I can use lightning containing my appointments?
View 7 Replies
View Related
