Security :: USB Theft Monitoring In The Data Center?
Nov 7, 2010
have around 20-30 HP and Dell Hardware where we have attached Pen Drive. There is no Rack-lock facility. A misuse of Pen Drive is reported and it happens every alternative day that someone unplug and theft the drive attached.There is no camera facility to monitor.I have a plan to write a script which will login to every machine through ILO and watch the USB availability. In case anyone dettach the USB, a mail will be sent to the administrator and thereby the steps could be taken.Does this idea look feasible.
View 13 Replies
ADVERTISEMENT
Feb 4, 2011
NextPendingConnection () returns a new socket with respect to a new client. This new QSocket is passed to the connect () function which connects it to a SLOT 'xyz' with SIGNAL 'readyRead()'. Now in the SLOT 'xyz' how I am supposed to automate the monitoring of ALL connected sockets to see whether some data is available on them? One pathetic way would be to run all the sockets through a for loop and check each one of them for the data. Secondly, I read up on QSocketNotifier() here: [URL]. But I am not sure if that is the correct thing.
View 3 Replies
View Related
Jan 11, 2011
I represent Data Center magazine - the new online publication by Software Press editing house (publisher of Hakin9 and Linux+ magazine), providing professional information and knowledge concerning data center area to the IT related audience.Our next issue will be dedicated to Storage and Backup topic.We are looking for competent authors, who can share their knowledge on the pages of our magazine.
View 1 Replies
View Related
Dec 15, 2010
I've firewall machine customers connect on it then connect to one of another 3 machines as root through ssh key , is there any way to know which user connect to which machine and what command that he has executed without using script command ?
View 1 Replies
View Related
Nov 30, 2010
How do I monitor who is ssh'ing into a box (SLES) as well as failed attempts? How can I log their IP addresses, even if they're not in DNS?/var/log/messages I see their hostname but no IP address
View 13 Replies
View Related
Jun 10, 2011
So i got the f15 and i notice i can't play Grand theft auto download teamspeak and i'm googling on how to use it and people tell me i have to use wine so if someone can tell me how that would be great i'd like to talk and start gaming with my friends again
View 2 Replies
View Related
Sep 30, 2010
I'm going to start monitoring our Linux servers with a log management/correlation tool to take a proactive approach to the security of our systems.
Right now I'm going to search for log events that include the following:
Any other commands or logs that would be good to correlate or be alerted on when a potential breach or suspicous activity is happening on the box? Logging cleared, permission changes on accounts or particular files or directories? What would you want to see while monioring your servers?
View 3 Replies
View Related
Feb 9, 2011
I am currently running a 64-bit Fedora 14 server which hosts a game server, a voice server, and remote desktop functionality, each on a distinct TCP port. I am currently using the built-in firewall to deny all traffic other than ICMP ping/pong and TCP traffic on those specific ports.I am looking for a graphical application which will let me monitor any connections being made to my server in order to keep an eye out for possible security concerns. To be more specific, I'd like to be able to see the source IP addresses, TCP/UDP ports, and individual bandwidth in use by external connections being made to the server, along with any other information that might be helpful in identifying a possible intrusion attempt.
View 3 Replies
View Related
Jan 31, 2010
Is there a program that monitors and displays 'who' is on your wireless Internet signal that one may not be aware of? Like, the ability to see when someone that you don't know is accessing your locked wireless?
View 9 Replies
View Related
Oct 1, 2010
At our company we have a central server with client files. This server has a SSH server installed, and through Nautilus all employees can access the files. However, I have a few questions:
1. Most employees need access to all folders, because they might use them at some point in time. However, I want to make sure they are not accessing things they do not need. How can I do this? For instance, if somebody copies all of the folders to his/her computer, I want to be able to see this in some sort of log. Can this be done? Copying and accessing in general is what is of my concern.
2. Some employees only need access to specific folders. Can this be easily configured with SFTP?
3. Some also use SSH and type commands which I want to check every now and then (e.g. to make sure an intern is not again copying information or accessing folders they should not be in). What is a good way to do this?
View 7 Replies
View Related
Feb 9, 2010
is someone can guide the best open source tools to monitor as webbase,gui,shell prompt
View 1 Replies
View Related
May 9, 2010
I was reading a magazine article today which was a discussion of internet detective work for tracking down ip addresses which attempt an ssh login to your machine. I have never really paid much attention to network security since I only run a small home network. I have WPA encryption and a firewall on my router. But while reading this article, I remembered that I myself has seen log files in the past that inidicated someone somewhere had attempted to log into my machine (attempts all failed). This had happened a few times, but I never really considered it a threat.
But, the more I read about home computers becoming "zombies" for criminals, I guess I am getting a little paranoid in my old age, particularly since my wife does quite a bit of business on the net with credit cards. I have four computers connected to the net and each other on this network, and would like to be able to easily detect attempted log ins and deal with them quickly.
So my reason for posting is to ask if someone could recommend a novice-friendly application for monitoring traffic to check this intermittently. I have read bodhi.zazen's excellent tutorial on snort, but I it appears to be written for large lan's or web servers and is over-kill for a small home network.
View 8 Replies
View Related
Oct 15, 2010
I am striving to setup OSSEC to monitor some specific files for realtime changes! Is this possible? I can't really find a lot of info from their Documentation
Some Examples:
/etc/myfile.txt is deleted. I need this to be reported.
/etc/myfile.txt is created again so I need this to be reported again!
This has to happen instantly though, because the file might be deleted and created again many times in a short period of time.. Another one...
/etc/passwd is touched (accessed) even if there is no changes! Can this be reported as well?
View 2 Replies
View Related
Dec 3, 2010
I'd like to buy some stuff from the Software Center but I don't see how to confirm a valid certificate or see any indication of a secure connection on the screen where I enter my credit card info. Of course, I'm sure the page IS secure because who would design it otherwise (especially considering how our patron made his first fortune), and I could sniff out the network connection, but I don't see any information provided to the end user.
It seems like it could open up Canonical to all sorts of legal issues to not have security info and a privacy policy easily available in the payment section of the USC. Maybe it's there and I've missed it somehow. maybe it is on the next page, but I didn't press the "submit" button.
View 4 Replies
View Related
Jul 10, 2011
I've installed Ubuntu via UNetbootin from USB on my child's computer. It comes by default with the sudo command which I find really annoying to work with. I'd rather have my su command.
Now, while googling for a removal instruction, I've read that the sudo command is tied to system functions on some Ubuntu live systems and can't be removed easily. Does anyone know if this applies to the 10.04 live version used by UNetbootin and how to work around this problem?
If not, is it simply enough to remove 'sudo' via the software center? I find many tutorials on how to switch from su to sudo but not much about the other way around.
View 7 Replies
View Related
Mar 17, 2010
I'm running Apache2 under uBuntu 9.10. My problem is that I use my own user "wavesailor" to work on my websites. I kept all my sites under /var/www and I set up the security of the directory after following the guidelines.
Code:
sudo chown -R root:root /var/www
sudo chown -R www-data:www-data /var/www/*
[code]...
View 4 Replies
View Related
Dec 6, 2010
I am just out of curiosity working with honeypot and found there are two way for arpd to route the unused IP to honeypot with blackhole and arp spoofing.Now to test, I am arp spoofing 5 machines from 192.168.100.41 to .45 and also honeypot is monitoring this range too. But I have setup a real machine with webserver in between this range and gave IP address 192.168.100.45.Now logically as arp and honeypot both are monitoring this range so they capture this request as below from log:
PHP Code:
arpd[1690]: arpd_lookup: no entry for 192.168.100.45
arpd[1690]: arpd_send: who-has 192.168.100.45 tell 192.168.100.10
arpd[1690]: arpd_send: who-has 192.168.100.45 tell 192.168.100.10
arpd[1690]: arp reply 192.168.100.45 is-at 08:00:27:00:76:e5
arpd[1690]: arp reply 192.168.100.45 is-at 08:00:27:00:76:e5
code....
Now arpd is redirecting the traffic to honeypot machine as there is a real system with real MAC address. But from 192.168.200.10 I can also view the webpage of 192.168.100.45 machine. But most of the time it says "Connection Timed out".
Should it be acting like this or it shouldn't be showing me the webpage at all?
View 1 Replies
View Related
Jan 21, 2011
I run apache on a non standard port(82).I just installed unity to play around with it and while I was playing with it I installed prixfixe through software center to edit the menus.While prixfixe was installing my computer was acting very slow which was odd, but not completely unusual.During this time I ran ps aux which showed that my apache server was taking up most of the processing power.I was about to stop my web server,but I waited just in case the web server was updating a few things (I run ampache).
My computer finished installing the software and then I ran some command with sudo (I can't remember what the command was), but it threw back some message saying "setid blabla". I restarted my computer and when I got to my gdm my normal user account did not show up. There were no accounts and the restart/shutdown buttons didn't work.Now I'm running on a livecd and checking out my apache access logs, apache error logs,and kernel logs,but nothing looks out of place..
View 9 Replies
View Related
Jul 14, 2010
A friend has a embedded system (korg recorder) with a ata drive in it, that crashed. We are trying to come up with ways to retrieve the data off of the drive. I'm asking in security as this seems like it would be close to forensics, hence security. Hints on software for linux to help either recover files, move files, copy/clone the drive? I'm not so concerned about the korg's os on the drive, as we can create a new blank drive and install that, its the data that is critical, that needs to be recovered. The original korg os was only recognizing drives up to 100gbs so I'm guessing this might be a fat16 filesystem if that helps. Well, that and the program installed to the drive to run it in the korg is an exe.
View 2 Replies
View Related
May 6, 2010
I need to be able to decrypt data, like simple text files, that have been encrypted and base64 encoded with my public key.I need to use openssl so i do:
Code:
$cat encrypted | openssl enc -base64 -d > ./answer.txt
and i get exactly the same data as before the command was run. Am i right in thinking that i need to decode before decrypting? I tried decrypting, before i realized that i had to decode first,using this command:
[Code]...
View 5 Replies
View Related
Feb 27, 2011
For example would a website log the mac address of my ethernet adapter and my computer name?
View 4 Replies
View Related
Apr 15, 2011
For those with IT jobs, how do you handle security monitoring for your company?
1.How do you determine what to monitor-- The most vulnerable assets, most critical or something else?
2.What kind of data do you collect for security monitoring purposes?
3.What tools and techniques do you use to analyze the data?
View 6 Replies
View Related
Mar 20, 2011
Is LUKS the best data/system encryption? Or is there one that is even better and stronger?
View 1 Replies
View Related
Dec 8, 2009
I am currently trying to turn off ordered data mode for ext3 filesystem. I want to shred some files and apparently this won't work with journaling on.
I can't seem to find any good explanations of what exactly "ordered data" means in terms of data recovery/security...or at least none that are written in simple n00b terms. It is all written in terms of disk crashes and whether old data will mix in with the new. It doesn't say whether one's cousin will be able to poke around and find some thought-it-was-deleted porno if he's on the computer.
Can someone step me through the process of turning this off using tune2fs? (if that is the best way to do it!) Do I have to revert to ext2? Can I turn it back on later? Will I lose data (for example, does the drive need to be reformated?) once this change is made? And how does one find, read, and delete/shred the journal itself? Is "ordered data" even a real problem for data recovery?
View 7 Replies
View Related
Apr 18, 2010
Folks:What can I use to encrypt all data on my USB flash drive? If possible, could I use something that has a public Key, so I do not have to type in a password to access the information when I plug the drive into my machie, but will not open or display contant if the drive is plugged into anyone else's machine, unless they have the public key?
View 7 Replies
View Related
Jul 10, 2010
Does anyone know of any software that can monitor the Apache logs for certain phrases or keywords then send an alert when found? For example I know an attempt to hack has been made when I see log entries like this....
/admin/
/admin/phpadmin/
/phpadmin/
But by the time I see it, the attempt has long since failed or succeeded. What I need is a way for my server to alert me WHILE someone is entering these phrases. I realize there may be a "hit" to performance but my server is not that busy anyway (except for hackers).
View 3 Replies
View Related
Aug 2, 2010
i was thinking that is there a way to check data flow for viruses? i mean if i set up calm av in my internet sharing server could it detect anything in incoming and outgoing data ?!!
View 2 Replies
View Related
Dec 6, 2010
I have a windows install that is totally hosed, bluescreens, etc. I want to try to force mount it from Ubuntu to get whatever data I can, but it won't allow me to mount. It keeps telling me to run chkdsk /f and reboot twice. But that's not possible. I was wondering if there are any ntfs tools for Ubuntu or any data recovery tools I can use to get what I can from this drive.
View 3 Replies
View Related
Mar 24, 2011
I have a friend that has a computer running UBUNTU he has not used in a while and has forgotten the user name and password for it. Is there away to retrieve the data from this hard drive?
View 2 Replies
View Related
May 18, 2011
As I'm interested in user-behaviour-information-security I would like to know what I�ll have to turn off or to uninstall to make the ubuntu-pc-usage as anonymous as possible (no musicbrainz, cddb, or alike).I want ubuntu not to send any data to third-party-users.
View 6 Replies
View Related
