Security :: What The Bottom Account Is. No Name
Mar 31, 2010here is the what i ran:
Code:
lastb | awk '{print $1}' | sort | uniq -c | sort -rn | head -5
5 fauz
1 btmp
1
what the bottom account is. no name?
ADVERTISEMENT
Fedora Security :: Gui Ids - Display A Quick Little Notification On The Bottom Right Hand Corner Of Screen
Apr 6, 2009I might get harassed for making this windows/linux comparison, but i'm seriously wondering why i cant find any application that can display a quick little notification on the bottom right hand corner of my screen whenever there's some intrusion attempt.
For example, sometimes I can see that in my /etc/logs/secure (or something like that) there's someone who's trying to attempt to connect to me using random usernames/passwords from different servers. The only time I know this has happened is when i actually open the file with gedit. Is there anything like (norton for windows) that can display little notifications (with or without eye candy)??
Ubuntu :: Monitor Off Center - Bottom Of Tool-bar On The Bottom Of The Screen Is Cut Off
May 22, 2010So about an hour ago I put my computer on standby. For whatever reason I couldn't bring it back so I restarted it. It works fine except now Ubuntu has pushed my display down. This means that the bottom of my tool-bar on the bottom of the screen is cut off, and there's a black bar on the top. I'm using a T.V. screen so there is no way I can manually adjust it. I also plugged my desktop back into an old monitor and it was off-center downward too.
View 1 Replies View RelatedSecurity :: Encryption - Two Passwords Associated With One Account ?
Mar 11, 2011Is it possible to have two passwords associated with one account, one that is the actual one, and another one, a duress password, that upon entering gives a similar (desktop) environment with "decoy data"?
The idea is to have the bogus password go to an encrypted home drive that looks as if it were the real deal, but it is wiping particular sensitive (encrypted) data that is visible only with the real password in the background, so that the actual data that need to be protected are not compromised. While the person who unlocked the computer tries to find the information on it between all the rubbish files, the real files are securely wiped. The files are very sensitive in nature, so it's better to have then destroyed than have unauthorized people access them, in the event of that happening.
I happen to know that TrueCrypt has a similar option but that requires an entire decoy operating system (and I think that might be a bit conspicuous), but is there a native linux way to do it?
Ubuntu Security :: Setting Up A New Account On System
Sep 6, 2010Basically in addition to the first installation account on my system (my account) ive also set up another user alongside my own. Its not a admin account but 'desktop user' account but in the group id section this account comes as '1001'-what does this 1001 mean? Furthermore are there any risks i should know about arising from setting up another account on my pc?
View 9 Replies View RelatedUbuntu Security :: Set Two Password For 1 User Account?
Dec 27, 2010i use ubuntu 10.04, is there a way to set two passwords for 1 user account
View 2 Replies View RelatedUbuntu Security :: Unknown User Account 'dtc'?
Mar 12, 2011I started up my computer and suddenly, I saw that there was a new user account. I didn't create it and no one else uses my computer (let alone has access to user account creations). It was called dtc. It didn't seem to have any privileges and the only file in its home folder was called Examples. Should I worry that I might have some kind of malware? I deleted the user and the folder (and it came back after a while). It's main group is dtcgrp. The User ID is 1004.
View 2 Replies View RelatedSecurity :: More Than One Person Is Sharing A User Account?
Dec 6, 2010Is there software or mechanism that can help the administrator determine if more than one person is using the same user account via a shared password?
View 8 Replies View RelatedSecurity :: Unlock Test User Account?
Aug 18, 2010I ran a test where I login a test user several times using the wrong password to see that he gets locked out after several attempts. Now that I got the test user locked out, how do I unlock the test user? I tried passwd -u <test user>, but it says passwd: Error (password not set?).
View 4 Replies View RelatedSecurity :: Unlocking An Account After Too Many Failed Attempts?
May 20, 2010How does one unlock an account when it is locked by too many failed attempts for login?
View 1 Replies View RelatedFedora Security :: Administrative Login In User Account?
Sep 25, 2009I am a new Linux user and have a question about the administrative authentication. When I am logged in as a user and I need to do something that requires root privileges the little password window comes up and I enter the root password. My question is how long are the root privileges granted for?I noticed that a few minutes after finishing checking out the firewall configuration tool and closing the window that I was still able to re-enter the fire wall tool and other administrative tools. How do I log out of the root privileges without logging out and then back into my account?
View 2 Replies View RelatedGeneral :: Security - Change OpenSSH Account Password
Feb 15, 2011I suppose that my main Linux user account password serves as my SSH password as well. Is there a way I can modify this? As it turns out, I'd like to have a REALLY secure SSH password for obvious reasons, but a less secure local password, as it makes typing in passwords a heck of a lot easier on a machine. Is there a way I can change my account password in SSH without changing my Linux user password?
View 2 Replies View RelatedUbuntu Security :: Running Wine Under A Different User Account?
Jan 2, 2010I've written an article on my site which lays out steps for installing Wine and running it under its own, separate user account, so that Windows applications cannot access personal files (particularly those in your home directory).[URL}..i'm hoping that there are people on this forum who know Ubuntu inside-out, as I'd like to know how effective the described method is at trapping Windows applications so that they cannot read or write personal files or directories.
The way I understand it, once the process is running under user account wine, it's stuck with the access privileges of user wine. But are there ways in which a rogue application could break out of this prison and gain access to whatever it wishes? I'm guessing that such behaviour would mean someone customising Windows software to recognise Linux, and that such a thing is very unlikely, but I'm still interested to hear what gurus of the Ubuntu internals think of this method.
Ubuntu Security :: Spam Received From Own Hotmail Account
May 3, 2010After reading everything that says you don't need an anti-virus for Linux. OR Linux doesn't get viruses. Guess what I have a Virus. I don't know which one, but it is sending out spam emails from my webmail, MSN, account. I do not have a local client installed. I am guessing it is linking into MSN through Pidgin, getting the addresses there, and sending the spam, somehow, through MSN. Actually one MSN and one Hotmail account. I also have not been able to find an anti-virus program for Ubuntu. There do not seem to be any listed in the software repositories that Ubuntu links into. How do I get rid of it? My contacts are starting to get upset.
View 9 Replies View RelatedUbuntu Security :: SSH Keys - Can I Create With Root Account
Aug 25, 2010Can i login to my server using my root account and create a public+private key for one of my users and then manually paste it into his authorized_keys file and give him the private key?
The user im giving it to has a chrooted FTP account...
Is it still ok that i used the root account to create it? He is not going to have root access or nothing is he? This is not a security breach in any way is it?
The user doesn't have shell access to create their own so this is the only way i can think of doing it...
Also what access should the user have to their .ssh folder + the authorized_keys file...?
Are they allowed to read the key? What about write?
Ubuntu Security :: Break In Through Disabled Root Account?
Nov 11, 2010If root is disabled by default, how is it possible that someone managed to SSH into my computer using root? I never enable/set password for root, it's always left as the default as per a fresh install and I always use sudo for any admin tasks.Auth.logFirst there are a whole load of failed attempts then...
Code:
Nov 8 11:07:32 Morris-Desktop sshd[3601]: Failed password for root from 94.243.50.53 port 4360 ssh2
[code]...
Ubuntu Security :: Add Users Other Than Initial Account I Created?
Mar 10, 2011I set up a linux 10.10 desktop to run as a "server" for me. I then loaded Xrdp so that we can remote connect to the machine. My issue now is, i need to add users other than the initial account i created, but when i log into the desktop remotely, it will not let me add a new user. I cant seem to use any of the boxes in the User Settings command box. Does anyone have any suggestions?
View 9 Replies View RelatedUbuntu Security :: Guest Account Able To Authenticate As Root
Jun 25, 2011I am trying to use a guest account in Ubuntu 10.10 however I am unable to stop the guest account from authenticating as a superuser and gaining root permissions dispite removing all permissions from the user-group control panel. The new guest account I created is not part of the admin group. However, with my new guest account I am unable to start a guest session from the panel, AND if I use the guest session from the panel I dont have the problem with the guest session being able to authenticate. How do I prevent super user authentication from an account in this situation? It seems that any account can authenticate and my /etc/sudoers file looks like this:
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
# Allow members of group sudo to execute any command
# (Note that later entries override this, so you might need to move
# it further down)
%sudo ALL=(ALL) ALL
#
#includedir /etc/sudoers.d
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
Security :: Account Lock After Failed Login Attempts
May 25, 2010I'm trying to lock an account after a number of failed login attempts in a RHEL5.
This is the relevant configuration in /etc/pam.d/system-auth
In the logs I can see how the count of failed logins increase and exceeds my deny option but the account isn't locked
Do I need any other option in the PAM file? Is there any other way to lock an account?
Security :: Custom Login Script For *shared Account* (using SSH)?
Mar 2, 2011There is a shared account (not by choice, and not my choice). I ssh into it, along with many other users.Some users share the password, others use the public key method (each user has their own pair of keys).I have a number of shell preferences that I would not want to affect other users. So changing .bashrc, .profile, .kshrc, etc types of scripts in the shared account is not practical, because changing them would affect everyone. What would be a practical way to have a script execute automatically, only when logging in by way of my private (id_rsa) key? Could I perhaps change the .profile in a way that it runs some commands only if my public key was used to authenticate the login?I've considered this:ssh sharedUser@host 'bash -s' < my_local_script.shbut it simply terminates when done. I want it to hand the shell over to me.Also, when many users are logged in, the "w" command shows several users with the same shared username. Is there anything I can do to make my own session distinct? E.g. instead of showing username "sharedUser",
View 3 Replies View RelatedSecurity :: Disable Account Lockout For A Specific User?
Oct 5, 2010I am using Red Hat LDAP (version 3) and I have passwordLockout set as "on" at global level. Is there a way to disable account lockout for a specific user?
View 1 Replies View RelatedSecurity :: How To Configure Guest Account (for Computer Repair)
Jan 26, 2011I spill my soda on my keyboard and ended up in a 4 day war with my pc.Now my tab, capslock, left shift, and down vol no longer works. I'm going to take it into the shop in the next couple of days to probably replace the keyboard. (If only lenovo kept the easy access keyboards like ibm had on the thinkpads). Something tells me that they will want to log in and test out the keyboard. So I created a guest account with a simple password. I changed my normal user home dir to 770 permissions and changed guest's shell to /bin/rbash. (both found in other posts.) Is there anything else I should do to secure the computer while it is in the shop?[I use su, sudo isn't configured to work (its a dependency so I can't uninstall)]. I have a pretty decent root password.
View 10 Replies View RelatedSecurity :: Create Fully Isolated User Account?
May 16, 2010I need to create such an account that the user wouldn't be able to r/w any file which doesn't belong to it, even if access mode is set to o+rw. I guess normal chmod/chown won't help here... How can i do this?
View 2 Replies View RelatedUbuntu Security :: 9.04 Jaunty Encrypted Account And Password Changing?
Mar 10, 2010When I first installed 9.04 (from scratch), I chose the option to have my entire account encrypted... I used the same password as my login password, and wrote down the key hash that it displayed for me just like instructed... everything was working terrific...Well, yesterday, I wanted to change my account password. I changed my account password, and it took effect immediately (I tested it by using "sudo -s" to see if I could elevate to root from the terminal... worked just fine). Being satisfied with my new password, I shut my computer down...
The next time I started it up and tried to log in to my account, it I put in my username and password and pressed enter, and it accepted it just fine, and started to boot to my desktop... it then immediately prompted me with something about "your session lasted less than 10 seconds, try starting in failsafe mode" or something along those lines, and immediately booted me out and back to the gdm login screen... I thought it was just a glitch so I tried again... same thing... gave me the "less than 10 seconds" prompt and booted me back to the gdm...
I thought maybe my filesystem became corrupted, but I didn't give up... I attempted to login to my fiancee's account, and it worked just fine! Using her account, I was able to quickly and safely boot into her desktop environment with no errors...I opened a terminal and used the "su" command to access my account... When I did this, it gave me some kind of error and told me to run ecryptfs (can't remember exactly which command... now). I ran ecryptfs and put in my NEW password... it told me that the passphrase was incorrect. So just out of curiosity, I ran it again, and this time put in my OLD passphrase, and it worked immediately! At this point, I realized that my gdm login password got changed, but my ecryptfs passphrase did not, and the two were not matching up (I assume that on login, gdm passes this password on to ecryptfs, and that when the two did not match up, it was booting me out with the whole "session lasted less than 10 seconds" prompt...)...
So what I did at this point was, while logged into my girlfriend's account, I "su"'d into my account, and used the passwd command to change my password back to my OLD password... once the password was changed back successfully, I restarted my computer and tried to log into my account from the gdm... worked perfectly this time with the old (original) password...When you change your session password, shouldn't it automatically change the encyrption password to match? Or at the very least, warn you that if your account is encrypted, you must take further steps to make these two passphrases match? Also, what command would I use to change my "ecryptfs" password to manually match my session password?
Ubuntu Security :: Remotely Creating A Desktop Account On Another System?
Mar 25, 2010I am at my own desktop and I have root access on my own desktop.
I also have root access on a Desktop Ubuntu system (192.168.5.10) on the LAN. I need to create another desktop user account on that 192.168.5.10 system.
So I logged into that system with: ssh -Y myself@192.168.5.10
Then I did: sudo users-admin
This brings up the Users Settings but the Add User and Unlock buttons are disabled. How do I enable these buttons?
Ubuntu Security :: Resolving An Account Password With Pam-script When Using Passwordless SSH? Possible?
Oct 6, 2010I'm trying to configure a process triggered by an SVN post-commit hook which will log into a different host and carry out an SVN update on a file path on that host before exiting. An earlier attempt mounted the remote filepath on the SVN host using sshfs and performed the update locally. This worked but it was incredibly slow (minutes to complete an SVN update).
So, Plan B was to set-up a passwordless login for the user the script runs as and then use pam-script to script a checkout from a repository using the same credentials. The problem is, passwordless SSH login using private/public keys appears to bypass the PAM authentication system or at least interact with it in a way that no environment variables (including the SSH user's name and pass) are resolved by the authentication script being used by pam-script.
I've tested the pam-script behaviour for normal log-ins and it exposes these variables fine. This leaves me in a Catch-22 with trying to script access on one host to perform actions on another while avoiding user/pass prompts or the need to store plaintext passwords on the remote host.
Anyone know if there's a way to resolve a user account password via PAM when using passwordless SSH or, another approach I could take to perform scripted tasks on the remote system requiring authentication? Ideally without storing the passwords on the remote system (at least in unencrypted form).
Ubuntu Security :: Turn Off The Password Recovery For User Account?
Nov 12, 2010I remember my password very well and have no need of password recovery. Everywhere I look it's how to recover and I don't want that. The kind where you boot into root recovery console to change the password.
View 4 Replies View RelatedUbuntu Security :: Encrypt Files Uploaded To Dropbox Account?
Nov 30, 2010It says on the dropbox site that files are stored encrypted on their servers-but can anyone vouch for this?
Is there something in the repos i can use to encrypt the files before i upload them to dropbox? Annoying that truecrypt cant do this...
Security :: [LDAP] Account To Manage/create Only Specific Users?
Oct 19, 2010Is there a possibility in openldap to allow a user to only create/manage specific LDAP users?For example user "mailadmin" may only create/manage mail accounts in LDAP that are named like "m1342895"? Or a specific list of user accounts that are in a specific group?
View 1 Replies View RelatedGeneral :: Basic Security Practices For Desktop Ubuntu - Use A Limited Account
Apr 30, 2010Most of us know the basic security practices on Windows:
Use a limited account
Set a password
Disable unused services
Uninstall bloatware
Antivirus / Antimalware
etc.
I haven't ran linux as my main desktop computer before, so I don't know how to properly secure it. I have heard linux is supposed to be more secure than Windows, but I know that the default settings of anything are rarely secure. What are some things I should do as a new Linux user to secure my desktop system from attack?