I am using openDNS on my current Linux box and I was wondering if their is a way to force the DNS settings to stay the same even if ROOT tries to change it (since my dad wants content filtering password protected and I still want my computers root access...)
i have a computer with 3 users on it, and a folder using samba that everyone on the network has access to. Lets say that, the folder is stored in /etc/sharedfolder. What happens is, when user1 puts a folder in it, then logs off, user 2 attempts to modify it and fails, because permission is set to 755, and they are not in the same group. (even if they were, it should still need to be 775) Anyway, my current solution is, every 5 minutes a crontab changes permission like so: chmod 777 -R /etc/sharedfiles && chown useradmin:superadmin -R /etc/sharedfiles Which works, but seeing as there is getting close to a gig in there, this is a bad solution, as it eats up the computers resources. Solutions that i think might work:
1) create a script that only changes permissions that need be changed. 2) change file permission settings to force all documents to inherit parent document settings
I have a CentOS 5 server in which I use Virtual Hosting and each domain has its own user/pass for login to upload files. The path is /var/www/vhosts/domain name]/httpdocs/What im attempting is setting up the creation of the [domain name] folder from an administration backend under PHP, which I am developing. What Im worried about is if I allow PHP to run command line commands such as mkdir, then what is stopping anyone from doing the same from their php files on my server??? What is the best way to properly setup my server to allow automated creation of the domain structure within my folder system
I would like to restrict a few selected accounts to minimum of 15 characters passwords. Other accounts,however, should still be able to login with 8 character passwords. This is in RHEL 5. Does anyone know how to go about it? I have checked PAM documentation and pam_cracklib.so has an option minlen. As per its documentation, minlen can force users to use 15 characters, but it forces every account on the system. I might be wrong too.
I set up an ASUS WL-500gP with original ASUS firmware to my LAN with IP address 192.168.1.1. If I navigate to address [URL] in my Firefox address bar, an Authentication required window opens up asking for "User name: " and "Password: ". Correct "User name: " is "admin" and correct "Password: " is "pA55w0Rd". They work fine if I type them in manually to the Authentication required window, but for some reason I can't get in using the hydra with words.txt password file, which contains "pA55w0Rd":
In my Open-Suse server I have a script, where makepasswd output(by default it generates similar passwords: cGyTbqpr, tpJ1LA, 33EXdo) is redirected to mkpasswd(which uses DES by default) in order to generate salted hash of this previously generated password. I would like to test the strength of this system. I have a quad core CPU, and if I start John The Ripper like this(I want to use -incremental:all flag):
john -incremental:all passwd
..only one core is utilized at 100%. Is there a possibility to make all four cores to crack this password? Or is this possible only after reprogramming John The Ripper? Or what is the algorithm for generating passwords with with -incremental:all flag? I mean if John generates passwords randomly in brute-force mode, then it's smart to start four different John processes simultaneously because then one of those four will find the password firs
I am ashamed that I am causing other people troubles, but apparantly my server is involved in attacking the servers of other people.
I have to admit that I am not too familiar with using a CLI, or Linux for that matter, but I have a Debian server running under Plesk 10, which is colocated.
Now I have received messages from the datacenterm which state that my server is involved in brute force attacks.
The messages show a lot of lines like this:
The only I get from my hoster is to back up all domains and re-install the machine.
I want to resolve this asap, but do not agree with that action for two reasons: the machine just had a fresh re-install 2 months ago, so if it is a flaw in the OS, I will get the same flaw back, and if it is not OS related but due to a domain, I will get the problem back by putting back the backed-up domains.
But now I'm stuck: what steps should I follow to try and find the cause of this evil and make sure that my machine will not bother other machines anymore?
I realize that this probably will be a steep learning-curve, but please bare with me and help me to resolve this.
What have I done so far?
1) There are a number of live sites on this server, either running WordPress or Joomla, I have made sure they are all updated to the latest release.
2) I have manually looked at the source code of the index-files of those sites, haven't seen anything strange, like redirects.
3) I have used online scanners to check all sites for malware, all have been reported back to be clean.
4) I have run the Plesk-version of RKhunter, and that gives me certain warnings which I cannot (or do not) understand:
I received the first report of these attempts about a week ago and immediately changed the Plesk/SSH password to a 200bit password generated with KeePass, hoping that would keep out any evildoers.
I have now been trying to find an answer for the following for a while and can't seem to get anything.On previous linux distros we had the option available "passwd -e" which allowed us to force the user to change their passwords upon the next login.s functionality however seems to be excluded from latest linux distros (currently using RHEL 5.4)...Does anybody know how the same effect can be achieved and perhaps any idea on why this option was removed as it was great for securing passwords
I run a small (cabled) network between a desktop with XP with two printers hooked to it and a laptop with Ubuntu 10.04.1 64b. I can approach and use these printers from my laptop and filesharing works also. BUT ... this only works when my Ubuntu firewall (Gufw 10.04.5) is switched off. I am operating behind my router_modem which has a hardware type of firewall switched on at all times so I presume I'm safe. Now my questions:
1. Is this really safe enough? 2. What kind of settings would Gufw need to be able to use it AND use my mini-network for printing? I have no experience whatsoever with firewall rules and settings.
I am currently trying to best configure my Natty Narwal linux distro. At boot, the system is configured to automatically connect last Wifi network. When I connect to the WIFI however a whole bunch of instructions are loaded in the IPTABLES.
I would like to set the firewall in Ubuntu Server 10.10 up to be very secure but perform these tasks:
1. File server to windows 7 and windows xp machines both over ethernet and wireless via a router. 2. Print server for these 2 machines. 3. Auto backup these 2 machines.
So far I have set the server up with a static ip, do the 2 windows machines need static ip's as well? I don't need remote access to the server, only over the lan. I thought this may be all I needed to do:
I have been trying to get my Samba 3.x NAS to connect to my Windows XP laptop. I can see the server though I cannot open it and see the shares. I have run various tests on the network and Samba (ping, smbclient) though still cannot find why I can't connect.
I can access the NAS via webmin, so I am thinking I need the security or the services settings on the XP machine. Is there a list somewhere of the Windows XP services and security settings required to share files?
I installed DansGuardian. In order for it to work I set the system wide proxy. However it is really easy to get around DansGuardian by going to preference proxy setting. How do I password protect this setting so it requires a password to change proxy setting? Preferably a different password than the normal sudo password if possible. If not I at least want the sudo password protecting it! I run multiple browsers so doing it via the system rather than the browser made the most since.
I have LTS 10.04 with firefox 3.63 and the cookie settings are not there. Does anyone else have missing privacy settings. I dont like the idea of tracking cookies and want to do what I can to get rid of them.
I am administrating a system with about 40 or 50 users, and we recently jumped ship from windows to ubuntu. Most of my users are getting along fine, but it seems every few days, i have to help someone who accidentally changed something, and now their account (or more rarely, the machine) is unusable, and has to be reset.
I know configuring /etc/sudoers is a huge step toward fixing my problem, but that still will not completely solve it. What I would like to do is prevent users from making ANY changes to the system (aside from their work files and the like), including themes, icons, desktop, background, etc.
I have a server with 14 IP's on eth0. I'm using virtual interfaces to handle the IP's, but the iptables don't seem to work on the virtual interface. It blocks ports that I want open. I'm not that great with iptables, I use what I have because it works for me, but as far as tweaking it, I'm pretty lost.
My iptables: # Simple Firewall configuration # # Set default policies -------- *filter :INPUT ACCEPT [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] # # Internal Networks ----------- #-A INPUT -s <private.class.C>/24 -d <private.class.C>/24 -i eth1 -j ACCEPT # # Loopback -------------------- -A INPUT -s 0/0 -d 0/0 -i lo -j ACCEPT # # Accept established connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # # Services -------------------- # # For SSH gateway -A INPUT -p tcp -s 0/0 -d 0/0 --dport 22 -m state --state NEW -j ACCEPT # # For SMTP gateway -A INPUT -p tcp -s 0/0 -d 0/0 --dport 25 -m state --state NEW -j ACCEPT # # For FTP server -A INPUT -p tcp -s 0/0 -d 0/0 --dport 20 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 21 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 53 -m state --state NEW -j ACCEPT # # HTTP services -A INPUT -p tcp -s 0/0 -d 0/0 --dport 80 -m state --state NEW -j ACCEPT # # HTTPS services -A INPUT -p tcp -s 0/0 -d 0/0 --dport 443 -m state --state NEW -j ACCEPT # # POP-3 services #-A INPUT -p tcp -s 0/0 -d 0/0 --dport 110 -m state --state NEW -j ACCEPT # # IMAP services -A INPUT -p tcp -s 0/0 -d 0/0 --dport 143 -m state --state NEW -j ACCEPT # #PLESK #-A INPUT -p tcp -s 0/0 -d 0/0 --dport 8443 -m state --state NEW -j ACCEPT # #Games -A INPUT -p tcp -s 0/0 -d 0/0 --dport 28960 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 28960 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27666 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27666 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 28961 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 28961 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 28962 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 28962 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27015 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27015 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27016 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27016 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27017 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27017 -m state --state NEW -j ACCEPT -A INPUT -p tcp -s 0/0 -d 0/0 --dport 27020 -m state --state NEW -j ACCEPT -A INPUT -p udp -s 0/0 -d 0/0 --dport 27020 -m state --state NEW -j ACCEPT
# Disallow fragmented packets -A INPUT -f -j DROP # # Log & Block broadcast packets -A INPUT -d 255.255.255.255/0.0.0.255 -j LOG -A INPUT -d 255.255.255.255/0.0.0.255 -j DROP # Log & Block multicast packets -A INPUT -d 22.214.171.124 -j LOG -A INPUT -d 126.96.36.199 -j DROP # # Log and drop all other incoming packets -A INPUT -j LOG -A INPUT -j DROP # COMMIT
I installed Ubuntu 9.10 netbook remix on my Acer Aspire One D250 computer. The broadcom wireless NIC succeeds in connecting to the network but only if I remove the WPA-PSK security in the Netgear router settings. What do I need to change in order to be able to secure my network?
So I know Linux has iptables, I'm rather new to linux, and I'm wondering, are the stock settings with Ubuntu/Kubuntu safe? Is there anything I need to do make them more secure? I tried adding rules myself for some things but ended up just not being able to do anything so I had to reset back to stock with iptables -F. Should I be safe running as-is?
I just erased WinXp and installed Ubuntu on old laptop. I intend to use it later ot connect to public Wi-Fi. Do i need to install a firewall GUI and make any special settings? I didn't encrypt home folder during installation. I probably should have done it. But i am already low on system resources (224MB ram, 1.2Ghz CPU). Would that use up any additional resources? Would it make computer run slower? Can i still encrypt the home folder after i installed the system?
I have been investigating some security precautions over the past several months. I use Ubuntu now instead of windows and FIrefox browser also. I have installed BetterPrivacy, WOT, NoSCript and a few other add ons. I have SELinux, ClamAV, AIDE, and chkrootkit installed for Ubuntu.
When we browse certain web sites, we get an error about the server being reset. However, when I put the Ubuntu install cd in and browse with Firefox, obviously with no add ons or settings changed, we can browse to the site with no problems. We are trying to be secure on the internet and I don't want to lower or get rid of any of the settings / add ons we added. What would cause servers to reset when using Firefox / Ubuntu with browser add ons / OS addons?
I have NTFS-protected directories under Windows. However under Linux, even though I'm not logged in as a Super-User, Ubuntu cheerfully mounts all NTFS partitions on this machine and EVERY computer on my home network. This gives my GUESTS complete access to all machines connected to my network: Nautilus -> Windows Network -> Workgroup -> Clicking on any computer Name gives access to windows' administrative shares C$, D$, etc. I've always known that Linux ignores Windows security, but... what is the solution?
I'm using RHEL 5 with the Enhanced Security. Using the suggest NISPOM Red Hat documented settings (located on the system; copy - paste) I have managed to audit failed file open accesses however, this setting only retained if I enter it at the command line (/sbin/auditctl -a ). If I reboot the system or restart the service all my -a (not -w) located in the /etc/audit/audit.rules are not retained.
I wish to setup a network that works like windows but for with lunix of course!. It will need to be able to handle security/DNS/DHCP & Document store from one location. I've been doing some reading and have found that I think I need to be using one of the following:
LDAP NIS Kerberos
I have looked at a few Linux based OS's. I did notice that when you install fedora live desktop it gives you the option to connect to one of the above. So I am looking for a complete solution.
1. How to setup fedora to act as server for my needs (or other Linux build)
2. Add fedora/linux mint machines to server to use new security settings. (or other linux build)
1: I changed some settings in "local security", about file permits or something, and now I can't run Yast to fix it, not even see it. Neither can I add or remove any software. And the ugliest part is that I can't even shut down the pc. It pops up a shaking error message about authentication stuff. How do I fix this?
2: It also throws en exception whenever I try to install my monitor's driver, a HannsG, which is an .exe file. I was told I should run .exe files through Wine, but this wont work either. Is there another -and more appropriate- way to execute this files?
I am using Fedora 13 x86_64 on a Acer Aspire 7730ZG laptop with: 01:00.0 VGA compatible controller: nVidia Corporation G98 [GeForce 9300M GS] (rev a1) I have kmod-nvidia-188.8.131.52-147.2.4.fc13.x86_64-195.36.31-1.fc13.2.x86_64 installed from rpmfuison when I plug in the hdmi cable to the tv, my tv says the resoultion is at 720p, and I can not get any of the resolutions settings to look right on seperate x screen with the nvidia X server settings gui. my tv is a vizo 42inch. also another question is their a way to set the video card to output at 1080? this might be part of my problem?