Security :: Way To Force The DNS Settings

Oct 18, 2009

I am using openDNS on my current Linux box and I was wondering if their is a way to force the DNS settings to stay the same even if ROOT tries to change it (since my dad wants content filtering password protected and I still want my computers root access...)

View 2 Replies


Ubuntu :: Change File Permission Settings To Force All Documents To Inherit Parent Document Settings?

Aug 21, 2011

i have a computer with 3 users on it, and a folder using samba that everyone on the network has access to. Lets say that, the folder is stored in /etc/sharedfolder. What happens is, when user1 puts a folder in it, then logs off, user 2 attempts to modify it and fails, because permission is set to 755, and they are not in the same group. (even if they were, it should still need to be 775) Anyway, my current solution is, every 5 minutes a crontab changes permission like so: chmod 777 -R /etc/sharedfiles && chown useradmin:superadmin -R /etc/sharedfiles Which works, but seeing as there is getting close to a gig in there, this is a bad solution, as it eats up the computers resources. Solutions that i think might work:

1) create a script that only changes permissions that need be changed.
2) change file permission settings to force all documents to inherit parent document settings

View 9 Replies View Related

Security :: Proper Security Settings For Virtual Hosting Of Domains?

Jan 30, 2010

I have a CentOS 5 server in which I use Virtual Hosting and each domain has its own user/pass for login to upload files. The path is /var/www/vhosts/domain name]/httpdocs/What im attempting is setting up the creation of the [domain name] folder from an administration backend under PHP, which I am developing. What Im worried about is if I allow PHP to run command line commands such as mkdir, then what is stopping anyone from doing the same from their php files on my server??? What is the best way to properly setup my server to allow automated creation of the domain structure within my folder system

View 3 Replies View Related

Ubuntu Security :: Brute Force Program With Gui?

Nov 8, 2010

im looking for a good brute force program that has i gui. i used to use brutus on windows but now im only running ubuntu so i need to find one.

View 3 Replies View Related

Security :: Force To Use Default Profile Into Ssh Connection?

Jun 14, 2010

Is there any setting to connect ssh server using default profile.

for example if I run

ssh user@ssh_server_ip '/bin/bash --norc --noprofile'
it will skip user's login profile(/etc/profile,/etc/bashrc,~/.bashrc,~/.bash_profile)

Can i do some settings in ssh server that deny profile skipping by client.

View 1 Replies View Related

Security :: Force Squid To Log Urls Allowed As An Exception?

Aug 10, 2010

Squid acl rules can be configured to allow specific ip's to get full access, or rather skips the blocked site list.

acl <tag> src x.x.x.x
http_access allow <tag>
http_access deny blocksites

From all the ways i tried, squid does not log these urls. Is there a way to have squid log the urls requested from allowed ip's?

squid ver : (squid/2.6.STABLE21)
OS : CentOS 5.5

View 1 Replies View Related

Security :: Force Password To 15 Characters On A Selected Accounts?

Apr 5, 2010

I would like to restrict a few selected accounts to minimum of 15 characters passwords. Other accounts,however, should still be able to login with 8 character passwords. This is in RHEL 5. Does anyone know how to go about it? I have checked PAM documentation and has an option minlen. As per its documentation, minlen can force users to use 15 characters, but it forces every account on the system. I might be wrong too.

View 5 Replies View Related

Security :: THC Hydra And HTTP Brute-force Cracking?

Mar 29, 2011

I set up an ASUS WL-500gP with original ASUS firmware to my LAN with IP address If I navigate to address [URL] in my Firefox address bar, an Authentication required window opens up asking for "User name: " and "Password: ". Correct "User name: " is "admin" and correct "Password: " is "pA55w0Rd". They work fine if I type them in manually to the Authentication required window, but for some reason I can't get in using the hydra with words.txt password file, which contains "pA55w0Rd":


[root@ ~]# cat words.txt


View 2 Replies View Related

Security :: John The Ripper Brute-force Attack And Multi-core Processors?

Feb 19, 2010

In my Open-Suse server I have a script, where makepasswd output(by default it generates similar passwords: cGyTbqpr, tpJ1LA, 33EXdo) is redirected to mkpasswd(which uses DES by default) in order to generate salted hash of this previously generated password. I would like to test the strength of this system. I have a quad core CPU, and if I start John The Ripper like this(I want to use -incremental:all flag):

john -incremental:all passwd

..only one core is utilized at 100%. Is there a possibility to make all four cores to crack this password? Or is this possible only after reprogramming John The Ripper? Or what is the algorithm for generating passwords with with -incremental:all flag? I mean if John generates passwords randomly in brute-force mode, then it's smart to start four different John processes simultaneously because then one of those four will find the password firs

View 2 Replies View Related

Security :: My Server - Deb5 And Plesk10 - Is Involved - Causing - In Brute Force Attacks

May 6, 2011

I am ashamed that I am causing other people troubles, but apparantly my server is involved in attacking the servers of other people.

I have to admit that I am not too familiar with using a CLI, or Linux for that matter, but I have a Debian server running under Plesk 10, which is colocated.

Now I have received messages from the datacenterm which state that my server is involved in brute force attacks.

The messages show a lot of lines like this:


The only I get from my hoster is to back up all domains and re-install the machine.

I want to resolve this asap, but do not agree with that action for two reasons: the machine just had a fresh re-install 2 months ago, so if it is a flaw in the OS, I will get the same flaw back, and if it is not OS related but due to a domain, I will get the problem back by putting back the backed-up domains.

But now I'm stuck: what steps should I follow to try and find the cause of this evil and make sure that my machine will not bother other machines anymore?

I realize that this probably will be a steep learning-curve, but please bare with me and help me to resolve this.

What have I done so far?

1) There are a number of live sites on this server, either running WordPress or Joomla, I have made sure they are all updated to the latest release.

2) I have manually looked at the source code of the index-files of those sites, haven't seen anything strange, like redirects.

3) I have used online scanners to check all sites for malware, all have been reported back to be clean.

4) I have run the Plesk-version of RKhunter, and that gives me certain warnings which I cannot (or do not) understand:




I received the first report of these attempts about a week ago and immediately changed the Plesk/SSH password to a 200bit password generated with KeePass, hoping that would keep out any evildoers.

View 14 Replies View Related

Security :: REDHAT Missing Functionality - Force User To Change Password On Login?

Mar 16, 2011

I have now been trying to find an answer for the following for a while and can't seem to get anything.On previous linux distros we had the option available "passwd -e" which allowed us to force the user to change their passwords upon the next login.s functionality however seems to be excluded from latest linux distros (currently using RHEL 5.4)...Does anybody know how the same effect can be achieved and perhaps any idea on why this option was removed as it was great for securing passwords

View 5 Replies View Related

Ubuntu Security :: Firewall Settings In A Network With It And XP

Jan 18, 2011

I run a small (cabled) network between a desktop with XP with two printers hooked to it and a laptop with Ubuntu 10.04.1 64b. I can approach and use these printers from my laptop and filesharing works also. BUT ... this only works when my Ubuntu firewall (Gufw 10.04.5) is switched off. I am operating behind my router_modem which has a hardware type of firewall switched on at all times so I presume I'm safe. Now my questions:

1. Is this really safe enough?
2. What kind of settings would Gufw need to be able to use it AND use my mini-network for printing? I have no experience whatsoever with firewall rules and settings.

View 1 Replies View Related

Ubuntu Security :: IPTABLES Default Settings ?

Sep 1, 2011

I am currently trying to best configure my Natty Narwal linux distro. At boot, the system is configured to automatically connect last Wifi network. When I connect to the WIFI however a whole bunch of instructions are loaded in the IPTABLES.

View 1 Replies View Related

Security :: UFW Settings For Simple File Server

Dec 20, 2010

I would like to set the firewall in Ubuntu Server 10.10 up to be very secure but perform these tasks:

1. File server to windows 7 and windows xp machines both over ethernet and wireless via a router.
2. Print server for these 2 machines.
3. Auto backup these 2 machines.

So far I have set the server up with a static ip, do the 2 windows machines need static ip's as well? I don't need remote access to the server, only over the lan. I thought this may be all I needed to do:

$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing
$ sudo ufw allow ssh
$ sudo ufw allow Samba
$ sudo ufw allow rsync
$ sudo ufw enable

But would this block auto updates to the server and auto backup of my files?

View 4 Replies View Related

Ubuntu :: Windows Services And Security Settings For Samba?

Jan 28, 2010

I have been trying to get my Samba 3.x NAS to connect to my Windows XP laptop. I can see the server though I cannot open it and see the shares. I have run various tests on the network and Samba (ping, smbclient) though still cannot find why I can't connect.

I can access the NAS via webmin, so I am thinking I need the security or the services settings on the XP machine. Is there a list somewhere of the Windows XP services and security settings required to share files?

View 4 Replies View Related

Ubuntu Security :: Locking System Proxy Settings

Mar 3, 2010

I installed DansGuardian. In order for it to work I set the system wide proxy. However it is really easy to get around DansGuardian by going to preference proxy setting. How do I password protect this setting so it requires a password to change proxy setting? Preferably a different password than the normal sudo password if possible. If not I at least want the sudo password protecting it! I run multiple browsers so doing it via the system rather than the browser made the most since.

View 5 Replies View Related

Ubuntu Security :: Firefox Missing Privacy Settings

Jun 16, 2010

I have LTS 10.04 with firefox 3.63 and the cookie settings are not there. Does anyone else have missing privacy settings. I dont like the idea of tracking cookies and want to do what I can to get rid of them.

View 1 Replies View Related

Ubuntu Security :: Can't Unlock Gdmsetup To Change Settings (10.04) / Fix It?

Aug 5, 2010

When lauching gdmsetup I can't unlock it to change settings. nothing happens when clicking on "lock" button

the same problem in Ubuntu Software Center 2.0.7. nothing happens when I pull "Install"
(no authorization starts)

there are no authorization window in admin-shares too

It started when I have changed the type of ubuntu login - I have changed from gdmsetup settings from "password" to automatic authorization.

I checked the the PolicyKit Agent. It seems to working (and autostarting) with such command:

View 2 Replies View Related

Ubuntu Security :: Prevent Users From Changing Settings

Jun 15, 2011

I am administrating a system with about 40 or 50 users, and we recently jumped ship from windows to ubuntu. Most of my users are getting along fine, but it seems every few days, i have to help someone who accidentally changed something, and now their account (or more rarely, the machine) is unusable, and has to be reset.

I know configuring /etc/sudoers is a huge step toward fixing my problem, but that still will not completely solve it. What I would like to do is prevent users from making ANY changes to the system (aside from their work files and the like), including themes, icons, desktop, background, etc.

View 2 Replies View Related

Security :: IPtables Firewall Settings With Virtual Interface

Aug 12, 2010

I have a server with 14 IP's on eth0. I'm using virtual interfaces to handle the IP's, but the iptables don't seem to work on the virtual interface. It blocks ports that I want open. I'm not that great with iptables, I use what I have because it works for me, but as far as tweaking it, I'm pretty lost.

My iptables:
# Simple Firewall configuration
# Set default policies --------
# Internal Networks -----------
#-A INPUT -s <private.class.C>/24 -d <private.class.C>/24 -i eth1 -j ACCEPT
# Loopback --------------------
-A INPUT -s 0/0 -d 0/0 -i lo -j ACCEPT
# Accept established connections
# Services --------------------
# For SSH gateway
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 22 -m state --state NEW -j ACCEPT
# For SMTP gateway
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 25 -m state --state NEW -j ACCEPT
# For FTP server
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 20 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 21 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 53 -m state --state NEW -j ACCEPT
# HTTP services
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 80 -m state --state NEW -j ACCEPT
# HTTPS services
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 443 -m state --state NEW -j ACCEPT
# POP-3 services
#-A INPUT -p tcp -s 0/0 -d 0/0 --dport 110 -m state --state NEW -j ACCEPT
# IMAP services
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 143 -m state --state NEW -j ACCEPT
#-A INPUT -p tcp -s 0/0 -d 0/0 --dport 8443 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 28960 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 28960 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27666 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27666 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 28961 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 28961 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 28962 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 28962 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27015 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27015 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27016 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27016 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27017 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27017 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -s 0/0 -d 0/0 --dport 27020 -m state --state NEW -j ACCEPT
-A INPUT -p udp -s 0/0 -d 0/0 --dport 27020 -m state --state NEW -j ACCEPT

# Disallow fragmented packets
# Log & Block broadcast packets
-A INPUT -d -j LOG
# Log & Block multicast packets
-A INPUT -d -j LOG
# Log and drop all other incoming packets

View 18 Replies View Related

Ubuntu Networking :: Remove WPA-PSK Security In The Netgear Router Settings?

Jan 1, 2010

I installed Ubuntu 9.10 netbook remix on my Acer Aspire One D250 computer. The broadcom wireless NIC succeeds in connecting to the network but only if I remove the WPA-PSK security in the Netgear router settings. What do I need to change in order to be able to secure my network?

View 2 Replies View Related

Ubuntu Security :: Firewall - IPTables Stock Settings Safe?

Apr 15, 2010

So I know Linux has iptables, I'm rather new to linux, and I'm wondering, are the stock settings with Ubuntu/Kubuntu safe? Is there anything I need to do make them more secure? I tried adding rules myself for some things but ended up just not being able to do anything so I had to reset back to stock with iptables -F. Should I be safe running as-is?

View 4 Replies View Related

Ubuntu Security :: Install A Firewall GUI And Make Special Settings?

Aug 19, 2010

I just erased WinXp and installed Ubuntu on old laptop. I intend to use it later ot connect to public Wi-Fi. Do i need to install a firewall GUI and make any special settings? I didn't encrypt home folder during installation. I probably should have done it. But i am already low on system resources (224MB ram, 1.2Ghz CPU). Would that use up any additional resources? Would it make computer run slower? Can i still encrypt the home folder after i installed the system?

View 3 Replies View Related

Ubuntu :: Pages Not Loading With Security Settings In Firefox And System / Fix It?

Dec 28, 2010

I have been investigating some security precautions over the past several months. I use Ubuntu now instead of windows and FIrefox browser also. I have installed BetterPrivacy, WOT, NoSCript and a few other add ons. I have SELinux, ClamAV, AIDE, and chkrootkit installed for Ubuntu.

When we browse certain web sites, we get an error about the server being reset. However, when I put the Ubuntu install cd in and browse with Firefox, obviously with no add ons or settings changed, we can browse to the site with no problems. We are trying to be secure on the internet and I don't want to lower or get rid of any of the settings / add ons we added. What would cause servers to reset when using Firefox / Ubuntu with browser add ons / OS addons?

View 2 Replies View Related

Ubuntu :: Linux Ignoring Windows NTFS Permissions & Security Settings?

Apr 26, 2010

I have NTFS-protected directories under Windows. However under Linux, even though I'm not logged in as a Super-User, Ubuntu cheerfully mounts all NTFS partitions on this machine and EVERY computer on my home network. This gives my GUESTS complete access to all machines connected to my network: Nautilus -> Windows Network -> Workgroup -> Clicking on any computer Name gives access to windows' administrative shares C$, D$, etc. I've always known that Linux ignores Windows security, but... what is the solution?

View 9 Replies View Related

Security :: Audit.rules Does Not Retain Certain Settings After Reboot Or Service Restart?

Jan 11, 2011

I'm using RHEL 5 with the Enhanced Security. Using the suggest NISPOM Red Hat documented settings (located on the system; copy - paste) I have managed to audit failed file open accesses however, this setting only retained if I enter it at the command line (/sbin/auditctl -a ). If I reboot the system or restart the service all my -a (not -w) located in the /etc/audit/audit.rules are not retained.

View 6 Replies View Related

Fedora Installation :: LDAP - NIS - Kerberos - Add Mint Machines To Server To Use New Security Settings

Dec 10, 2009

I wish to setup a network that works like windows but for with lunix of course!. It will need to be able to handle security/DNS/DHCP & Document store from one location. I've been doing some reading and have found that I think I need to be using one of the following:


I have looked at a few Linux based OS's. I did notice that when you install fedora live desktop it gives you the option to connect to one of the above. So I am looking for a complete solution.

1. How to setup fedora to act as server for my needs (or other Linux build)

2. Add fedora/linux mint machines to server to use new security settings. (or other linux build)

View 3 Replies View Related

OpenSUSE :: Yast Won't Start After Changed Some Settings In "local Security"

Aug 20, 2010

1: I changed some settings in "local security", about file permits or something, and now I can't run Yast to fix it, not even see it. Neither can I add or remove any software. And the ugliest part is that I can't even shut down the pc. It pops up a shaking error message about authentication stuff. How do I fix this?

2: It also throws en exception whenever I try to install my monitor's driver, a HannsG, which is an .exe file. I was told I should run .exe files through Wine, but this wont work either. Is there another -and more appropriate- way to execute this files?

View 9 Replies View Related

Ubuntu :: Reset Compiz Settings From Command-line To Default System Settings?

Jan 31, 2010

Did you play too much with compiz and after-a-while you realize that certain functions are not working anymore?

Well, just follow the steps below:


gconftool-2 --recursive-unset /apps/compiz



Restart your PC / lappy


View 4 Replies View Related

General :: Fedora 13 - Cannot Get Any Of The Resolutions Settings To Look Right On Separate X Screen With The Nvidia X Server Settings Gui

Aug 21, 2010

I am using Fedora 13 x86_64 on a Acer Aspire 7730ZG laptop with: 01:00.0 VGA compatible controller: nVidia Corporation G98 [GeForce 9300M GS] (rev a1) I have kmod-nvidia- installed from rpmfuison when I plug in the hdmi cable to the tv, my tv says the resoultion is at 720p, and I can not get any of the resolutions settings to look right on seperate x screen with the nvidia X server settings gui. my tv is a vizo 42inch. also another question is their a way to set the video card to output at 1080? this might be part of my problem?

View 14 Replies View Related

Copyrights 2005-15, All rights reserved