Currently using linux mint.While it's nice I have the feeling all those bells and whistles must be exposing a large attack surface. What is the most secure distro known to man, but which is still capable of making payments to amazon and ebay?
View 14 Replies
With the ever increasing threat of financially aimed malware on Windows machines(think Zeus here), I'd like to create a distro of Linux that boots from a USB thumb drive and opens directly to a web browser. I'd like this distro or config not to be writable and its only purpose being to make financial transactions via a web browser. All other services or applications would need to be stopped or locked down.I've seen some threads on here from a few years back and wanted to know if there is anything new out there that can assist with this.
View 9 Replies View RelatedI'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
I'm looking for a live Linux distro that is secure and preserves my anonymity online. For what I need, Tor seems to do the job - but such software requires configuration that someone who is not knowledgeable in how it works might find difficult. I was looking at 'Lightweight portable security' but it does not specify whether it sends all traffic through Tor. Does anyone know more information about it and/or any other such live Linux distro?
View 3 Replies View RelatedAs soon as I get the hang of remastering, I am planning to remaster my distro (I have MEPIS 8 now, but will switch to either 9 or 11) to do two things: install KDE Trinity (I don't like KDE 4), and remove all extraneous software: games, "toys," and specialized programs that it was peculiar to include on the liveCD in the first place (such as jbidwatcher, a program for monitoring eBay bids). Oh, and I'll try to make it fit into one CD (not one DVD). Since I don't like downloading DVD-sized distros in the first place ( DVDs cost more!), I might download the latest antiX MEPIS and modify it to my liking.
If I successfully remaster a new version of MEPIS to my specifications, I might as well try to share it online in case anyone would want it. Where would I upload a Linux distro to share it?
Last night my old Sony Vaio laptop which connects via wired Ethernet and runs Ubuntu 10.10 started hammering the network out onto the Internet. Fired up Wireshark and found lots of traffic between my machine and 174.129.193.12 which I did a whois on and found belonged to Amazon EC2 Cloud Server. The port on my machine was an unknown 5000+ but the port on the remote system was 443 the port used by https, however no browser was running. Did a search and put together a couple of iptable commands to block this IP address which stopped the traffic. I then used nmap and netstat and found port 3000 open and another connection to IP address 91.189.89.76 which I also blocked. Unusually no info exists on this IP when you do a whois. At first I thought it might be some sort of sync as this machine has Ubuntu One running on it, however it could also be something else.
View 3 Replies View RelatedI seem to be missing a secure.log or security.log file. I have Ubuntu 10.04 and can't find this file. I looked in the /var/log and ran a search command to no avail. Does anyone know where this file is or is it called something else. I'm looking for a file that logs any change to the security settings of the system.
View 1 Replies View RelatedRecently I was trying to make a quick script for calculating payment between workers. I got stuck however. Here is what I am in for...
#!/bin/bash
#Setting the calculator
calc=` bc << EOF
scale=4
a=$2*($3/100)
b=$4
a/b
EOF
`
I've saved the $1 for further script.
#Creating the script
while [ -n $1 ]
do
case $1 in
workerA) read -p "Enter the total sum: " total
total=$2;
read -p "Enter the percentage:" percent
percent=$3;
read -p "Enter number of workers:" workers
workers=$4 ;;
*) echo "Error usage!"
break
esac
done
My script ends here. It just does not work. Did I sat the vars in the wrong way?
In the past week or so I've noticed some weird network behaviour. I find accessing some sites such as Amazon, Paypal, and Bigstockphoto really slow. Sometimes the page will not load at all. Other sites are fine. The problem sites are not a problem for others on my LAN at home. When I try to open the problem sites, I can see in Firestarter blocked connections coming from 2.1(8/9).xxx.xxx on various ports such as 36007. This only happens for the problem sites. I attached a typical output from firestarter.
This happens with Firfeox or Chrome. Using Ubuntu 10.10
How to Centos 5.5 very secure for mail server. how to its performance very fast.
View 2 Replies View Relatedperform below activities please guide how to do perform below activities.Make sure the Guest account is disabled or deleted.-Disabled or deleted anonymous accessSet stronger UserID policiesSet Key Sensitive UserID Default enable in linuxCombination of numbers, letters and special characters (*,!,#,$,etc.)
Status of UserID
Type
User Name
[code]....
how to secure opensue? Or point me to some good articles etc?
View 9 Replies View RelatedI set up my ubuntu server with iptables that only allows ssh in the input chain (and of course established connections) with only the mac adress of my laptop allowed to connect, set up a key with a long passphrase and installed pam_abl plugin. ICMP echo is blocked by default.
The only problem is i log all other attempts to connect to the server and i see a lot of traffic going to ports 445 and 5900.
My question is: Is there a possibility that these attempts could succeed and is there any way to further ensure this server?
A) Pc-bsd
B) Ubuntu
And also which OS is more reliable?
How can i secure grub 2.0 ? with grub 1 just do : grub-md5-crypt then we write password --md5 <crypted_password> in /boot/grub/menu.lst
View 9 Replies View RelatedIs it possible at all to secure transmission?
View 9 Replies View RelatedNewbie here,
I'm thinking of moving mostly to linux to get away from the security holes in Windows. And I have some questions...
How secure is Firefox for doing online banking?
Sometimes I have run into a situation where the bank doesn't support anything but Windows explorer when accessing my accounts. Can this be gotten around safely in Linux?
If so, How?
Is there any way to secure harddisk accessbility ? i want encrypt my hard disk, and partitions that ubuntu installed on that. is there a way ? i want deny all access to hard disk, just my own root account can have access to all.
View 9 Replies View RelatedOk im new, i know apparmor is running. i was looking for firestarter but their isnt one.....how do i secure this server? i want a good firewall and some virus protection!. also do i need this?
View 9 Replies View RelatedI want to set up a website that hosts very confidential business information. The info needs to be accessed by multiple people in different geographical regions. The entire website would require the high security (ie: there are no little sections that are publicly viewable). While the site will be run with Ubuntu server, I will be hosting it in Amazon's EC2 cloud.
So, if I use the HTTPS protocol with an SSL certificate, am I pretty well reaching the most secure possible situation? Are there any concerns with using the EC2 solution? Obviously there are a LOT of variables involved with maintaining website security, but I want to know if HTTPS is the current best bet (in addition to all the "best practices" of securing a site) or if there is a more robust way of securing content.
what is the best option to securing server via firewall and iptables?
View 9 Replies View RelatedI'm learning to secure my server in the best way I can think of: By learning to attack it. Here's what would like to accomplish. I have SSH set up on a linux box in a offline lab environment.
Username: root
Password: ajack2343d
Now, I know I can simply brute force this as I know the password, but there has to be other ways, and I wish to learn them.
we are trying to make a policy decision whether to go with SSH user/passwd or PPK secure key ? our servers are hosted remotely by a hosting service. we were wondering which of these two models are more secure.e.g. i would tend to think that user/passwd with account lockouts upon failed attempts would be more secure because the other option exposes your server in case someone sneaks the PPK file or steals your whole computer.however, what makes me doubt myself is that Amazon Web Services EC2 cloud hosting uses PPK by default (although an instance's SSH config can be change to accommodate logging in but they don't endorse it).
View 3 Replies View RelatedSuddenly, I'm getting lots of messages in my CentOS 5.6 secure log : -
May 12 13:07:49 CentOS55 webmin[14538]: Successful login as root from 192.168.0.203
May 12 13:10:03 CentOS55 userhelper[14698]: pam_timestamp(system-config-securitylevel:session): updated timestamp file `/var/run/sudo/root/unknown'
[code]....
I'm trying to do an online security check on my Linux system.I would like to do a Firewall/Antivirus test. What free online sites do you know?For instance, I use ShieldsUp to test some firewall's components.Does someone recommend anything else?I still can't find a site that tests for the presence of virus/malware installed.Are there any?
View 8 Replies View RelatedI'm new to Linux(Ubuntu 11.4), just installed it two weeks ago. I've been a member of Linuxquestion for about 2 or 3 years mostly lurking.I have building/buying computers for 30 years, first DOS,Windows 3.1, then Windows 95 through all to Win7.My question is for security of online banking and other financial things. Everything.I've been reading on here indicates that no Antivirous/Malware is needed. Being new to Linux, I can't tell if ClamAV is working or if is even needed.I had thought about doing banking on my wife's machine(Windows only) rebooting to a Ubuntu LiveCD. Does this sound like a more secure idea? Our two other machines are both dual boot with Ubuntu alongside of Windows XP & Windows 7.
View 8 Replies View RelatedAre the default firewall settings of F10 without any modification, sufficiently secure for general usage and to bridge the timeframe between a fresh installation of F10 and the time before the security updates are applied?imilar to how Windows firewall is set without any configuration, or do I need manually configure it to be somewhat secure, or something like Firestarter.
View 14 Replies View RelatedHow to secure the Home folder. I forgot what the script was?
Something like chmod 0700 $HOME. Is that right? I'm just not sure.
I am running UFW, which is set to deny everything but SSH on port 22, OpenVPN on port 1194 and HTTPS on port 443. SSH is set to only allow private key logins, and the root account is disabled. I have AppArmor running for all of my daemons (OpenVPN, Apache2, OpenSSH) and I have Fail2Ban running.
Is there anything else I can do to secure my server from the Internet (it is directly connected, there is no NAT between the Internet and my server).
If I need to get a file to someone I could place it on the server and somehow automate an email telling them there is a file available. They could login to the server based on their email address and a randomly generated key combination and down load the file.I also need it to preform the same function going the other way. Login into my server and place files going to me.
View 2 Replies View Related
