Security :: Prevent Same User Ssh To The Multiple Server
May 23, 2010how to prevent same user from ssh to multiple linux server at a same time , anyone of you have the script or how to do that ?
View 16 Replies
ADVERTISEMENT
Security :: Prevent A Non-root User From Shutting Down, Rebooting Or Suspend The System?
Mar 3, 2010I'm using Gnome and I'd like to still have the ability to reboot/shutdown from one particular account as well as root. How would I modify the chmod command to add this ability?Also, I have a few users who just will hold the power button in to shutdown the machine. How can I keep them from doing this?// Pruned from the vintage 2007 Prevent a non-root user from shutting down, rebooting or suspend the system thread. Please create new threads instead of resurrecting ancient ones.
View 2 Replies View RelatedServer :: Prevent Ssh Connection For A User?
Jun 9, 2009I have a user name is nicole. I want to prevent ssh connection for this user. How can i prevent ssh connection for this user?
View 9 Replies View RelatedUbuntu Servers :: Multiple User For A Web Server?
Jan 15, 2011create an Apache web server with multiple user accounts, for work. Each user needs to be able to upload his/her files via SSH Each user needs his/her own web directory, (preferably in their home directory for ease with permissions) There web directories need to be password protected Only one user account (mine) should be allowed remote SSH control. It needs to be easy to add new users to the system.
View 1 Replies View RelatedCentOS 5 Server :: Postfix Multiple Domains One User?
Jun 2, 2010I am currently running a apache/postfix email service on my server. I am using aliases for two addresses for example:
trscookie@serverone.com
trscookie@secondserver.com
so the emails no matter which domain receives the email trscookie always will receive the email.
However I am unable to work out how to 'reverse' this process, for example.
If i was to go to secondserver.com/webmail I would like the emails to get sent from trscookie@secondserver.com however they are currently all coming from serverone.com. Is it possible to configure this so that it is sent from the correct domain?
Here is my main.cf:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
[Code].....
Ubuntu Security :: Multiple Passwords \ Possible To Have Two Passwords For One User Account In 9.10?
Jan 7, 2010I wonder if it is possible to have two passwords for one user account in 9.10. I have a long login password (5 words about 45 characters with spaces caps). I would like to set a shorter password for Authentication, sudo, etc. While retaining the original for logging in.In short:Have long password to login to computer.Have short password for everything after login.
View 6 Replies View RelatedSecurity :: Block Particular Web Site Form Multiple Hosted Server And Allow Others?
Aug 17, 2010I am having a web server (apache) and 3 sites are hosted in it, named as www.web1.com,www.web2.com and www.web3.com.
I need to restrict www.web2.com to Internet users and allow only to local network. At same time I need to allow www.web1.com and www.web3.com to both Internet and LAN users.
Software :: Prevent A User To Log In?
May 11, 2011Formerly I add a user to the file "/etc/ssh/sshd_config" and run service sshd reload, so that this user can login.Now the user is gone and I have to block this user. I did as follow:1. Take out the user name from "/etc/ssh/sshd_config" and run 'service sshd reload' again. But this user can still log in.
View 3 Replies View RelatedSecurity :: IP Assignment To Authorized User Only Through DHCP Server?
Jan 15, 2010I've a DHCP server in RHEL 5 and 100+ users in my network. I mapped 30 users MAC address with ip. Rest are getting ip address automatically. In my network, users tend to move from one department to another frequently. I've created scopes according to departments. (i.e. Dept A - 172.19.54.10-172.19.54.30 and so on for other departments).
1) I want to configure DHCP server in this way, that a client have to autheticated by DHCP server before receive and IP address.
2) Second, Whether DHCP server have free IPs in scope, but only clients can obtain IPs those MACs are mapped, rest should not without authentication or authorization.
Ubuntu Security :: Change Default User Name Server
Aug 1, 2010I installed Ubuntu Server and want to change the default user name to increase the difficulty of accessing the server.Is it possible to do this? If not, can I effect the same change by creating a new user and transferring over permissions, files, and etc.?
View 7 Replies View RelatedSecurity :: Get IP Assignment To Authorized User Only Through DHCP Server?
Jan 21, 2010A DHCP server in RHEL 5 and 100+ users in my network. I mapped 30 users MAC address with ip. Rest are getting ip address automatically. In my network, users tend to move from one department to another frequently. I've created scopes according to departments. (i.e. Dept A - 172.19.54.10-172.19.54.30 and so on for other departments).1) I want to configure DHCP server in this way, that a client have to autheticated by DHCP server before receive and IP address.2) Second, Whether DHCP server have free IPs in scope, but only clients can obtain IPs those MACs are mapped, rest should not without authentication or authorization
View 2 Replies View RelatedRed Hat :: Samba Error : Server Not Using User Level Security
Dec 22, 2010i am trying to setup a very basic samba share on RHEL.after editing smb.conf ,testparm output is ok,(though it shows STANDALONE SERVER.)the directive i have used are
workgroup=MYGROUP
hosts allow=192.168.0. //my network
[storage]
path=/var/ftp
[Code]...
Security :: Block User Accounts Who Has Not Logged In To The Server Last 2 Months?
Mar 1, 2011We have 4 servers having rhel 5.2. We have several users logged in on one of them. We have nis server/client running on them and have common home area mounted on all of them. Now we want to disable/block the accounts of the users who have not accessed our servers in last 2 months from today.What logic should we apply to do so? We were checking stat of .bashrc of each user but is not correct logic. We are going to write shell script for the same. We dont want to do anything in users home area or their files.
View 11 Replies View RelatedSecurity :: Avoid Www-data User Intrusion On Debian Server?
Dec 13, 2010I'M A NOVICE and some days ago my web server was down (apache issue) and I found the following file called .bash_history in the folder /var/www/ :
cd /tmp
ls
wget [MODERATED]
[code]...
Security :: PAM Module - Allow A User To Connect To A Server Via SSH With Any Login Name Or Password
May 5, 2010My goal is this: Allow a user to connect to a server via SSH with any login name or password without checking to see if that account exists on that server. Their account would be captured by a universal account say, 'generic_user', and then they would be directed to one of my python scripts with the username and password they supplied for initial login. At this point my script would capture their SSHD process ID and allow/deny their existence based upon a MySQL/Subscription check.
The part I'm having trouble with is with PAM and allowing the user to login with any credentials and be successfully authenticated under the generic account. Beyond that, everything is great.
Security :: How To Prevent Duplicate UIDs
Oct 8, 2010I have been learning Linux for the past few months and just recently started with Bash programming. Using scripts it is possible to find users with duplicate UIDs but is there any way or script why which duplicate UIDs can be prevented altogether.
View 7 Replies View RelatedFedora Security :: Setting Up Server To Store User Login Information
Mar 18, 2010I wanted to set up Computer Lab. loading Fedora 11 OS and one system acting as a Server to store Users(Student) Login Informations. When students do a programs, all programs (eg, C++ programs) files should be saved in the local fedora system but when login to the system, the login should be validate by a Server System.
View 5 Replies View RelatedGeneral :: Prevent Root User From Editing Log Files (/var/log/*)
Feb 10, 2011what if the root user by mistakenly stops/starts any service and tried to remove those traces from the log files and save those log files. Then how can we ensure that our log file is trusted. Is there any way where even the root(superuser) also cant edit/modify the contents of the /var/log/* files.
View 2 Replies View RelatedUbuntu :: Prevent Nomal User To Reboot/shutdown?
May 15, 2010i searched the forum about this subject, i found many post but nothing useful. i also wonder why a normal user is not prompted to authenticate as root to perform these tasks. i thought the file /etc/sudoers but i don't think this is the point. i tried the group "shutdown" but does not exist. i read that this is expected in ubuntu server so it should exist even in the desktop version, i guess.
View 3 Replies View RelatedGeneral :: Prevent A User From Seeing A File In A Directory Listing?
May 3, 2011I have, for example, a folder called "MyFolder" and it contains 3 files: MyFile1, MyFile2, MyFile3. The only file that I do NOT want a particular user/group to even see that it exists is, for exmple, MyFile2.So, when they do a directory listing on MyFolder, they should only see MyFile1 and MyFile3. How can this be done in Linux? The important thing is that it is not just preventing them from "executing" MyFile2, but to prevent them from even knowing that it exists by not including it in a directory listing.This is a simpified example using one file, but in reality, I have lots of files and some of those that I want to block are also subfolders.It is very important for me to hide the existence of certain files/folders when the user does a directory listing. It's also important that the files stay in their current folder (that is, I can't use a workaround which requires moving all the files into a separate folder and then securing that folder).
View 4 Replies View RelatedSoftware :: Prevent User From Deleting Files On Pureftpd?
Feb 20, 2010Code:- '-K': Allow users to resume and upload files, but *NOT* to delete or renamethemDirectories can be removed, but only if they are empty. However,overwriting existing files is still allowed (to support upload resume) . Ifyou want to disable this too, add -r (--autorename) .This is pretty much what I want to do, but I only want this done to ONE user on the server. I have many user accounts, but only one of them I want to prevent users from issuing the "delete" command and deleting everything.
View 2 Replies View RelatedFedora Security :: Prevent Firefox With SELinux?
May 11, 2009I am new to Fedora 10, and to SELinux too.
I would like to know how can I prevent from users with role user_r to connect to Internet with firefox.
Ubuntu Security :: Why Few Firewalls To Prevent System
Jul 14, 2011Windows have many firewalls to prevent the system. But Ubuntu have few. Why is it so? Is it not needed to prevent Ubuntu or if it is prevented?
View 5 Replies View RelatedSecurity :: Prevent Ddos Apache Attacks?
Jan 25, 2011recently my Apache server crashes very often; by watching the error log,I've notice several signs of intrusion.So, I think the problem can be a denial of service attack against my machine.My distribution is Debian Lenny.
View 2 Replies View RelatedSecurity :: Prevent Spying Keyboard Input?
Oct 16, 2009I just made a script to read out /dev/input/event3 into a file (My keyboard is identified here [ Machine is a laptop which runs on slax-atma distro ]). Then used a hexdump to convert the binary into hex. After that used a gwak script to print out the keys corresponding to each keyboard input. So now when I put this in my rc.local , It is taking down all the keys I press. Including login passwords (In short, each and every keys I press).Isn't this a big security risk, because intruder who has a physical access to my machine or has root password can put this file in rc.local and run a script to mail him all the details like my passwords, account and PIN numbers.
View 14 Replies View RelatedSecurity :: How To Prevent The Execution Of Malicious Commands
Oct 16, 2010how to prevent the execution of the following commands or how to set a policy or rule that prevents the execution of the following malicious commands
dd if=/dev/zero of=/dev/sda
rm -rf /
Security :: Prevent Users From Changing Their Password?
Jul 17, 2010I use the following method for preventing the users from changing their passwords , is there any other method other than this ?ls -l /usr/bin/passwd-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwdso we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwdnow normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
View 9 Replies View RelatedFedora Security :: Prevent People From Unauthorized Access?
Mar 19, 2009I'm doing a research to protect my pc from physical access. What I'm facing here is that my company created a program for fedora 8 and plans to sell the unit away. We created a function where you can configure the program using any web browser from a network so we do not want anybody to have access to the fedora except for out personnel.
Based on my research, I've found [URL] this guide to protect people from accessing grub and single user. I am currently researching on preventing others to clone the harddisk. I would like to know if there are any other methods to prevent people from unauthorized access to fedora.
Ubuntu Security :: MoBlock Does Not Prevent Browsing To Blocked IPs?
Mar 11, 2010I have installed MoBlock as instructed here: [URL]
After installation I created my own list file in /etc/blockcontrol/custom-blocklist.p2p and have the following uncommented at the bottom of /etc/blockcontrol/blocklists.list:
Code:
locallist /etc/blockcontrol/custom-blocklist.p2p
The list contains the following 2 entries:
Code:
Yahoo:98.137.149.56
Google:74.125.47.147
When I do:
[Code].....
Recently I just noticed that the locallist rules seem to have no effect. I will always get "destination port unreachable" even if the locallist entry in blocklists.list is commented out.
However, whenever I try to browse to that IP, even when blockcontrol is on, even by typing the IP into Konqueror (not the domain name), it lets me go there every time. How can I know that my other applications will not to do the same thing? How can I lock this down and test it empirically to be sure?
Ubuntu Security :: Prevent Kernel Initramfs Extraction?
Jul 16, 2010I'm writing here because it's mainly a security issue even though it's rather kernel related.
I'm compiling my own vanilla kernel with an initramfs included in the bzImage. That image contains encryption keys for the rest of the system. Even though it's not for everybody the initramfs image can be extracted from the kernel, decompressed and the keys extracted.
I'm looking on a way to prevent this.