I'M A NOVICE and some days ago my web server was down (apache issue) and I found the following file called .bash_history in the folder /var/www/ :
cd /tmp
ls
wget [MODERATED]
[code]...
However, configured a website on a dedicated server using WHM/cPanel. The site was uploaded using the master account for the website.
The security issue is public users are able to upload files on to my server via the website. They could even access the root and execute whatever they want on the server.
I have consulted with 2-3 Linux experts. According to them, the PHP user has rights to execute anything on the server or upload & store files in whichever folder they want.
Can I protect my folders to avoid file uploads via the website. The application has security vulnerabilites. However, I want to prevent hackers to enter my site until the vulnerabilities are fixed.
Is an ubuntu live cd totally secure from intrusion? Stated another way, even if someone knows my ip address, can the live cd environment be hacked into in any way so that another could monitor what I am doing on my computer? From my understanding the live cd is read only, so that would prevent anything malicious being installed on it. I am curious if there are other ways a box running a live cd could be tapped into.
View 6 Replies View RelatedHow to detect intrusion in my desktop ubunta 9.10 version ? which command that could direct tell me about any change in my files ? I would like the procedures that protect my system from intrusion , i am using firestarter and keep tracing the network by using netsta -tap ?
View 2 Replies View Relatedsoftware to use against Intrusion and such. The thing is that I don't want to have several anti virus programs running at the same time due to collision.
View 9 Replies View RelatedMy desktop (the system AIDE runs on) is reguarly updated, and the file output can become enormous, making it hard, if not impossible, to track down out of place files. I have recently thought of uninstalling it since I can't tell what is out of place and what isn't, but before I do that I wanted to ask everyones opinion regarding what would be the best way to handle such a program on a desktop that has some core files changed reguarly. This sytem is running Gentoo, so updates affect a number of directories.
View 6 Replies View Relatedthe following security alert made me checking my httpd.conf:
Code:
Summary:
SELinux is preventing the http daemon from reading users' home directories. Detailed Description: SELinux has denied the http daemon access to users' home directories. Someone is attempting to access your home directories via your http daemon. If you have not setup httpd to share home directories, this probably signals an intrusion attempt. Even though in httpd.conf there is a line that reads
Code:
LoadModule userdir_module modules/mod_userdir.so
in the same conf-file the access to home-dirs is disabled:
Code:
<IfModule mod_userdir.c>
[Code]....
I had a student, and she has done some work on her account on my lab computer, but has left the country and is un-contactable.
I have full administrator privileges for this machine, and it is running Ubuntu LTS 10.04
She has a folder which was copied from a windows formatted external hard drive (Probably NTFS) onto her home partition on my machine.
I can open all of her files, except for those in this folder.
As I see it the problem is either something to do with the permissions of the files (coming from NTFS), or some kind of Ubuntu security that I am unaware of?
Here are my attempts to open it code...
I'm working in Ubuntu 9.04 Desktop with Apache installed. I have a directory /var/www/test:drwxrwxr-x 5 root www-data 4096 2010-01-04 13:51 test And I've added myself as a member of the group www-data. Problem though is when i go into /var/www/test I still can't do anything, whether it's creating a new file or directory or editing files there. The files within the directory are also 775 and setup under group www-data.
View 2 Replies View Relatedafter installing Debian, I typed the command:
Quote:
update-rc.d -f exim4 remove
to avoid automatic start of this mail server (I use qmail). After several months, I did a reboot and exim is started! Looking at the history, I found this command:
Quote: dpkg-reconfigure exim4-config
Maybe this command has restored the init script of exim?
Is there any way to avoid internal and data fragmentation?
View 5 Replies View RelatedI have created a linux machine and installed some softwares on it with root user privileges . I used to login with root user credentials for doing the various task.
Later i have realise that this is not the best practice to follow and there should be a new user with less privileges to be created for doing the day to day task.
I have read the steps to create the user but will that new user sufficient enough to do the task that i m doing it through root user?
Will my software allow the new user to work on them?
I would be glad if someone points me to a guidelines on what should be my next step?
i have just installed Ubuntu,i'am really concerned about security,i have no idea about linux.In windows, i use kaspersky internet security to protect the computer, so any time i want to log on my bank web, i use virtual mode or secure mode,and also virtual keyboard offered by kaspersky,i ve never had a problem,this way i think i protect myself against fishing.
Is there anyway to protect myself from the fishing attack in Ubuntu?
I will be setting up a computer for people who have very little experience using computers and I want to limit their ability to break things. I'm thinking Linux is the way to go but I don't know what distribution to use. I don't know anything about their hardware other than it is an old laptop. I don't have a lot of experience with Linux, but I would think that without sudo there is not a lot of things you can break.
What would be a good Linux dist that has everything out of the box? (flash, vnc, office, etc) How should I set up the user account to avoid giving them too much power, yet still allowing the computer to be useable for daily tasks? (Will they be able to update software?) I also want to be able to control the machine remotely since I won't have physical access after I set it up, so I am looking into ssh, vnc, (or a better alternative?).
Google just announced the release of Jarlsberg, a microblogging app specifically designed to be full of bugs and security flaws.The app is being released through Google Labs and Google Code University as a security tutorial for coders. Google is encouraging programmers to try their hands at exploiting weaknesses in Jarlsberg as a way of teaching them how to avoid similar vulnerabilities in their own code.
View 1 Replies View RelatedI have recently started using Ubuntu, so far I am quite satisfied with the switch in OS. This time my question has more to do with privacy, govt. sniffing of private/personal communications, Internet censorship and what to do about these issues. I live in a South American country where the govt. wants to impose Internet censorship such as the one currently in place in Iran, Cuba or China. They plan to set up a single node for all Internet communications out-going and in-coming. I would not be surprised if they are already monitoring people`s communications illegally.
1. what can be done to avoid being censored? they will be able to monitor my email accounts, facebook, twitter and so on. They want to force the Internet Service Providers and telecom companies to censor their users, since those companies will be responsible for the content of the emails, sms, tweeter messages, etc.
2. What can I do to avoid their censorship of certain contents which are critical of the govt. or contrary to the regime`s views? I need to be able to read what other people are saying beyond the borders of this country. We can`t tolerate living with this ban. Certain contents coming from abroad will be blocked.
3. How can I protect my email and bank operations? Is a proxy server an option? I really don`t know what a proxy server is, how much it would help us avoid govt. sniffing in private matters for political reasons.
4. what additional measures can be taken? is using encrypted messages an option to communicate with my relatives in order to prevent the govt. from reading my emails?
I have a server A that needs to connect to another server (B) to transfer data everyday.[A] ==SFTP==> [B]
I am using SFTP for the data transfert between A and B. I configured B to allow authentication only with a key, not with password. However, anybody who acccess the filesystem of A, could steal the password.
So I thought I could password protect the private key from A. But in such a case, I need to store the password somewhere on A, so the server A can access the private key to connect to B. Finally, it is endless: i always have to store somewhere a secret on A. Is there another solution that allow to have an authentication between A and B without storing plain text secret on the server A ?
Having to write my user password every time I want to do anything. I DO know I'm doing something risky for the system, that's why I have Linux. Is there a way to avoid to rewrite the password again and again, like start with superuser permissions?
View 2 Replies View RelatedI'm looking for a most possible, secure solution to transfer data using rsync over Internet between 2 linux server.
I have 3 option: SSH, IPSEC and Kerberos.
Which one in your opinion should be most secure solution?
how to prevent same user from ssh to multiple linux server at a same time , anyone of you have the script or how to do that ?
View 16 Replies View RelatedI've a DHCP server in RHEL 5 and 100+ users in my network. I mapped 30 users MAC address with ip. Rest are getting ip address automatically. In my network, users tend to move from one department to another frequently. I've created scopes according to departments. (i.e. Dept A - 172.19.54.10-172.19.54.30 and so on for other departments).
1) I want to configure DHCP server in this way, that a client have to autheticated by DHCP server before receive and IP address.
2) Second, Whether DHCP server have free IPs in scope, but only clients can obtain IPs those MACs are mapped, rest should not without authentication or authorization.
I installed Ubuntu Server and want to change the default user name to increase the difficulty of accessing the server.Is it possible to do this? If not, can I effect the same change by creating a new user and transferring over permissions, files, and etc.?
View 7 Replies View RelatedA DHCP server in RHEL 5 and 100+ users in my network. I mapped 30 users MAC address with ip. Rest are getting ip address automatically. In my network, users tend to move from one department to another frequently. I've created scopes according to departments. (i.e. Dept A - 172.19.54.10-172.19.54.30 and so on for other departments).1) I want to configure DHCP server in this way, that a client have to autheticated by DHCP server before receive and IP address.2) Second, Whether DHCP server have free IPs in scope, but only clients can obtain IPs those MACs are mapped, rest should not without authentication or authorization
View 2 Replies View Relatedi am trying to setup a very basic samba share on RHEL.after editing smb.conf ,testparm output is ok,(though it shows STANDALONE SERVER.)the directive i have used are
workgroup=MYGROUP
hosts allow=192.168.0. //my network
[storage]
path=/var/ftp
[Code]...
We have 4 servers having rhel 5.2. We have several users logged in on one of them. We have nis server/client running on them and have common home area mounted on all of them. Now we want to disable/block the accounts of the users who have not accessed our servers in last 2 months from today.What logic should we apply to do so? We were checking stat of .bashrc of each user but is not correct logic. We are going to write shell script for the same. We dont want to do anything in users home area or their files.
View 11 Replies View RelatedMy goal is this: Allow a user to connect to a server via SSH with any login name or password without checking to see if that account exists on that server. Their account would be captured by a universal account say, 'generic_user', and then they would be directed to one of my python scripts with the username and password they supplied for initial login. At this point my script would capture their SSHD process ID and allow/deny their existence based upon a MySQL/Subscription check.
The part I'm having trouble with is with PAM and allowing the user to login with any credentials and be successfully authenticated under the generic account. Beyond that, everything is great.
Take a physical user FRED. FRED is a linux user ( known by linux on his laptop ) FRED is a Samba user ( Known by samba on the samba pdc server ) When he logs locally (with username/password) on its standalone laptop (with no network), he is known as FRED:user. He access his data in /home/FRED/. When he logs through samba (with username/password) on the domain MY_DOM, he is known as MY_DOMFRED:MY_DOMdomain user. He access his data in /home/MY_DOM/FRED/. ) Is it possible that the human FRED has only one repository and have full access to its repository regardless of how it was connected. If yes, how to do it
2) If not, Is it possible that the human FRED has full access to /home/FRED/.............. and /home/MY_DOM/FRED/.
I wanted to set up Computer Lab. loading Fedora 11 OS and one system acting as a Server to store Users(Student) Login Informations. When students do a programs, all programs (eg, C++ programs) files should be saved in the local fedora system but when login to the system, the login should be validate by a Server System.
View 5 Replies View RelatedI've moved a web site from one server to another.I'm also moving the domain name to the new server.In Apache I've got the web site configured up and running with no problems. What I'd like to know if this is possible. I'm wanting to avoid a complete web site rewrite. I've looked into mod_rewrite but I don't think this is right.I only want the web site to look aesthetically pleasing. So if it's not possible so be it. (I'm not a programmer but do have access to the code)
View 2 Replies View RelatedI have successfully build .deb im my box and it is running well. But during the debuild process I got followingdpkg-shlibdeps: warning: dependency on libatk-1.0.so.0 could be avoided if "debian/retrovol/usr/bin/retrovol" were not uselessly linked against it (they use none of its symbols).
dpkg-shlibdeps: warning: dependency on libdl.so.2 could be avoided if "debian/retrovol/usr/bin/retrovol" were
[code]....