I am having a small issue with finding and installing an IRC server program for ubuntu 10.10. I would like to know if anybody has any input on what the most simplistic and secure irc server program out there is, and how I would install and configure that said program.
View 1 RepliesI'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
we have a remote linux server and its /var/log/secureile is fully filled with unauthorized ssh users,of course they cannot able to log in successfully but they were making continuous ssh requests to log in, it some times results in server down problem. so how to secure our server from their ssh attempts.i know blocking unauthorized ip addresses can solve this problem and we can also change the ssh port numbers but what are the other possible ways of solving this.
View 4 Replies View RelatedI set up my ubuntu server with iptables that only allows ssh in the input chain (and of course established connections) with only the mac adress of my laptop allowed to connect, set up a key with a long passphrase and installed pam_abl plugin. ICMP echo is blocked by default.
The only problem is i log all other attempts to connect to the server and i see a lot of traffic going to ports 445 and 5900.
My question is: Is there a possibility that these attempts could succeed and is there any way to further ensure this server?
I have been doing a whole lot of reading on any kind of home server. I want to have a secure home server that I can access from school by a domain name. At first I was looking at FTP, but I need something secure and it seemed like the software that supported SFTP has to be purchased. Then I started looking at SSH stuff, but I also realized that I want to use a dynamic DNS, so I started reading about that.
Basically, now my head is so information-logged I can't figure out what and how I should do this. If anyone could give me some very step-by-step-procedure links (or information) that show me how to set up a secure home server that I can access with a domain name through the internet that also uses a DDNS, that would solve all my problems.
Ok im new, i know apparmor is running. i was looking for firestarter but their isnt one.....how do i secure this server? i want a good firewall and some virus protection!. also do i need this?
View 9 Replies View RelatedI'm trying to setup an open-source project, I have a couple of developers on the team but nobody has experience with Apache. I would like to setup a simple home server for Bugzilla on Ubuntu 10.04, so my question is, is there a server that comes secure out-of-the-box so that simply adding files to /htdocs would suffice?
View 1 Replies View Relatedwhat is the best option to securing server via firewall and iptables?
View 9 Replies View RelatedI now have a windows box connected to the internet via the server.
Question is - how do I know if the linux box is secure?
Are there any things that I have to config now - I am slowly moving on to configuring the dns and dhcp server - but is there anything else I should have done?
I am running UFW, which is set to deny everything but SSH on port 22, OpenVPN on port 1194 and HTTPS on port 443. SSH is set to only allow private key logins, and the root account is disabled. I have AppArmor running for all of my daemons (OpenVPN, Apache2, OpenSSH) and I have Fail2Ban running.
Is there anything else I can do to secure my server from the Internet (it is directly connected, there is no NAT between the Internet and my server).
I have a minecraft server running on a P4 box running Ubuntu server 11.04 64bit. Now would it be secure, if I allowed ufw to allow outgoing? Or would this be a huge flaw someone could exploit?
View 6 Replies View RelatedIs it possible to using 2 envelope options on fetchmail? Here is fetchmailrc configuration :
envelope "Envelope-To"
envelope "X-Apparently-To"
how to setup a secure and reliable server, i have three ubuntu 10.10 servers a Dell PowerEdge 850,1850 and 2850 which has a Dell PowerVault 220s attached to it.The Dell PE850 Server Consists of:
Intel Pentium D 3.0GHz
4 GB RAM
Eventually 2x250GB Sata Hard Drives
The Dell PE850 Server Consists of:
2xIntel Xeon Processors 3.4GHz
4 GB RAM
2x76GB SCSI Hard Drives RAID 1
The Dell PE850 Server Consists of:
2xIntel Dual Core Processors 2.8GHz
4 GB RAM
6x76GB SCSI Hard Drives RAID 5 (pretty sure)
Dell PowerVault 220s
I would like to setup a reliable webserver, mail server, DNS and Dynamic DNS, DHCP, SQL, FTP, Samba (with Roaming Profiles), PXE Boot Server.I know how to setup most of the server modules, i would just like to know the best way to do it tho. I also want to no how to setup the secuity of the system correctly, and setup and partition up my hard disks to allow for the best reliabilty, even when a server crashes.I would like to now how to set these servers up from start to finish in a sence.
I am going to set up a file server on Ubuntu. I have searched a while, but can't seem to find a guide to what I want. The requirements specifications are the following:File server: possible to upload, change and download files.Linux (Ubuntu) clients, Windows clients if possible.Access restriction to deny access to other than registered users.Only the user should be able to read the content of the files.Ideally root should not be able to see the individual files, but in worst case it is ok for root to see the files.Root should not be able to open the files.Point 1-3 is easy to find out how to set up. But I can't seem to find a way to deny root to view the files. The only solution I can think of is to encrypt files or a whole folder, but I don't know how to set it up.
The setup is for a home network, but the server used as a file server will have a web server as well. If someone manages to get access to the server I don't want them to be able to read the files.
I'm learning to secure my server in the best way I can think of: By learning to attack it. Here's what would like to accomplish. I have SSH set up on a linux box in a offline lab environment.
Username: root
Password: ajack2343d
Now, I know I can simply brute force this as I know the password, but there has to be other ways, and I wish to learn them.
I have created a Joomla! website on a subdomin that I host. The site has a mangement section URL... and I am trying to secure the administrator section only using SSL/https.So far I created the self-signed certificate and installed mod_ssl. I have added a *:443 virtual hosts in my httpd conf .This is really confusing me because the page exists, it works for http and https is just another protocol. Its almost like ssl does not have permission to access those files... Is there something im missing in ssl.conf or http.conf?I am not entirely sure I am going about this the right way.
I had a quick search through the joomla forums and found lots of errors, but not really any instructions. I have done some google searches and there seems to be about 10 different ways to skin the cat.
I created a website in my apache server. I just need to secure that when everyone try to access any folder on my root directory, it will show "Forbidden".
View 3 Replies View RelatedAt my work we have a windows 2008 that serves as a "bounce pc" i cant find any better word (thats directly translated from the word we use in my language) What i mean by that is that if we want to access the server net and so on we first have to rdp to a w2k8 computer and from their ssh/rdp/www futher to admin. The few admin have their own account and can be logged on at the same time, also with the rdp client you can mount your local c: witch can be very useful when you need to transfer file to the servers (they don't have access to the Internet). Now im looking for a similar service but for linux, suggestions?
The client that you connect with should be available to as many platforms as possible?
I am running Maverick (desktop edition - don't like the netbook remix) on my Acer Aspire One AO532h. I can deal with not being able to print, but not being able to get on my secure wireless network is getting to be a bother.I have AT&T DSL and am using an AT&T 2701HG-B 2Wire Wireless Gateway DSL Router Modem. If I had known that this particular 2Wire router-modem was so crappy, I'd have bought my own and tried wrestling around with that.I recently secured my wireless network and had to change the encryption from WEP to WPA so my iPad could get on it. Both my Mac desktops, the iPad, and an old Windows laptop are working fine, but not my Acer (or my XBox, for that matter). I've searched and searched for a solution and called AT&T (no Linux support :), all to no avail.
When I try to connect to my network, it goes and goes and either says that it can't connect, or shows that I'm connected, but with no signal/net capability.
I've set up a server for the first time today and I'm reading up on how to secure it. But I was wondering if anyone here would give me some tips from personal experience on what to do before going online with my website for the whole world to see. I'm running Ubuntu Server edition and Apache. Am I good to go with default settings or is there anything recommended that I should first do?
View 9 Replies View RelatedSo I have the burned ubuntu CD, and I'm attempting to install it on a system that has one HDD with XP/Vista on it, and another that is completely formatted and unpartitioned. However, when I boot to the ubuntu CD, I can use the menus from the bottom, and select the language when initially prompted, but I can't select any of the menu options except for boot from first hard drive.
View 1 Replies View RelatedIs it possible to secure samba server with kerberos? I want to know whether we can use kerberos authentication to secure samba user name and password so that mo one can sniff that information. configuration or any URL link from I can get the exact configuration.
View 1 Replies View RelatedI am just about to undergo a new peice of freelance work myself on Bind 9, but it has been ages since I have done this, this was on my own LAN with port 53? Blocked from outside, so mine is not public facing.
But this project is, what should I setup to make this truely secure, just to recap on my thoughts aswell, forward resolving is Domain -> IP is not it? Then Reverse is IP->Domain is not it?
My server is suddenly getting giving the following error: Quote: Secure Connection Failed An error occurred during a connection to inenergy.dvrdns.org. SSL received a record that exceeded the maximum permissible length. * The page you are trying to view can not be shown because the authenticity of the received data could not be verified. * Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site. I had been trying to configure the server to do secure logins (before Christmas) , but I don't think I had completed the configuration and I'm not sure how to reset it so that I can start again.
View 1 Replies View RelatedI am quite new to Squirrelmail but got it working at the first place. Then, with the intention to secure login and data flow, I downloaded and installed the secure login plugin. However, just right after that, I started to get "the connection was interrupted" messages in firefox. I guess that it has something to do with SSL, probably I need to configure that in Apache, not sure. Unfortunately the README and INSTALL files are rather compact in the plugin and I struggle to find a step-by-step tutorial on what needs to be done in order to make it work.Would someone be able to give me a hint on where to find such an information or tell me what else I need to do besides the 3 points written in INSTALL?
View 1 Replies View Relatedmy /var/log/secure file is not getting updated with ssh logins from yesterday.Even the login from my own ip is not updated.
View 2 Replies View RelatedGetting connection reset or time out when trying to rdesktop to a Win2003 server that has been upgraded to use SSL for server authentication. (See [URL]). Works fine connecting to other Win2003 servers, just not the secured ones. I'm using Rdesktop version 1.6.0 on Linux Fedora and also SUSE. To connect to the secure servers, Windows clients use the updated RDP client - version 5.2. As a workaround, I attempted to set up an SSL tunnel for rdesktop but wasn't successful in connecting through that either:
ssh username@10.10.10.10 -L 1024:winserver.work.org:3389
rdesktop localhost:1024
Has anyone been able to use rdesktop to connect to a win server that has been configured to use SSL server authentication for RDP connections?
I'm trying to find a program that will allow me to run my own server for secure storage. Ideally, this server will allow me to set up separate users. I've heard of solutions that will automatically email the user when a file is placed in their folder, and the email will contain a link with a session ID that expires after a preset time.
Security is a big deal here as well. Something above and beyond SSL would be ideal, like GPG or PGP, so nothing is ever transmitted in plain text.
This would be a server that is accessible from the internet, and would probably be running on a CentOS system.
A vague description, I know. I'm going off of what others have told me they've seen/used in the past. Now I have a boss that wants to use something similar, but trying to find anything that sounds like this has proven quite difficult. I'm hoping someone here knows of something that might work.
however, until this morning I had only been using my wired connection with no problems but when I tried to connect to my home's WPA secured wireless network, it just would not connect. The network manager sees the network and when I click on it, a window pops up asking for authentication. I enter the passphrase, but still it will not connect. I'm using a Lenovo X61 LAPTOP (not tablet).
View 5 Replies View RelatedI used to be able to connect to my uni secure access vpn by navigating to the appropriate page, logging in and clicking "start" by "Network Connect" etc. etc.
After an update to firefox it had been failing, giving me a "session timeout" MsgBox. I have tried clearing history etc and reinstalling firefox. I have also tried different browsers with no success.
So, I have since upgraded to 9.10 and now I get "Setup Failed, Sorry" in the bottom left of the screen (where "Done" is displayed once a page has loaded)...
I am now trying a different approach. I have downloaded ncui-6.5R2.i386.rpm and unpacked it fine. I have tried running it, without success and have also run the diagnostic - I will post results below:
When I try and run ./ncsvc I get the following:
Code:
ncsvc> Failed to setuid to root. Error 1: Operation not permitted
So I did a sudo ./ncsvc , which gives:
Code:
mkdir(/root/.juniper_networks) failed: Permission denied
I am pretty sure that my password above is correct - I re-tried it and got the same message... I can definitely do, e.g., sudo apt-get update fine.
I then ran all of the tests available in ncdiag (./ncdiag -A) which gave the following info which might be useful
Code:
NC Diagnostics for Linux.
Version 1.0.
Release Date/Time: Dec 9 2009 04:36:09
[Code].....