So you have to run wireshark as root too see the interfaces which I'm ok with but a message says that this is dangerous. I am just wondering WHY this is dangerous? I mean I know sudo gives complete read write access to the system but what I am wondering is why is that BAD for wireshark? What could potentially happen? Can someone expand on this?
View 1 RepliesI'm running behind a 2wire NAT Router with only have smtp, www, pop3 open routing to my ubuntu VM server. Network also includes three other ubuntu VM server's and a Desktop. I'm the only one on the network so my question is, what security risk is there running WireShark as root? Because running it under dumpcap is horrible after you quit. It hogs up all the resource to remove the dump.
View 7 Replies View RelatedI installed Wireshark 1.2.7 on my Lenovo X61 tablet PC running Ubuntu 10.04 lucid during the quest for a decent signal strength meter for available wifi access points. What is a good software or hardware method to TEST WiFi strength & power?But I can't get Wireshark to do the simplest thing, which is to "Capture Interfaces".
View 9 Replies View RelatedThe Wireshark website specifically warns against running WireShark as Root....
Quote:
Administrator/root account not required!
Many Wireshark users think that Wireshark requires a root/Administrator account to work with.
That's not a good idea, as using a root account makes any exploit far more dangerous: a successful exploit will have immediate control of the whole system, compromising it completely.
First of all, most Wireshark functions can always be used with a (probably very limited) user account. In particular, the protocol dissectors which have shown most of the security related bugs do not need a root account!
Only capturing (and gathering capture interface information) may require a root account, but even that can usually be "circumvented", see CaptureSetup/CapturePrivileges for details how to do so.
The error is as follows:
kernel: Uhhuh. NMI received for unknown reason 3c on CPU 0.
kernel: Do you have a strange power saving mode enabled?
kernel: Dazed and confused, but trying to continue
Having read on the forums about some of the dangers of running Wireshark as root, I would like to know if anyone can suggest some alternative packet sniffers/network analyzers which will offer similar results but without the security issues. I am using Karmic Koala on a Fujitsu Siemens laptop with wireless router (firewall enabled)
View 7 Replies View RelatedI have an interesting problem for you all today. Lately, I've been learning a lot about computer security and I have a weird request. I would like to route the internet connection from a laptop running BackTrack 5 (Linux distrobution for security), to another Backtrack computer through an SSH session. I believe this is called SSH tunneling. Essentially I have these interfaces set up.
Code:
eth0
wifi0
I would like to route the internet I get from wifi0 and send it through eth0. Essentially this would make my laptop a sort of hub. The reason is, I have a wireless router I use for all my penetration testing computers and I don't like them on my network normally. I want it so that way I can use my main computer, which has no wifi card, to connect to this network. Also, this would be great experience for other things. I'm not completely set on having it done through an SSH session also. I think there is a way to do it with iptables but, I'm not entirely sure how.
want to run VirtualBox with root permissions. Trouble is that only when run as root i can access attached USB devices inside of a virtual machine, otherwise, these a greyed out).Now running VirtualBox as a root user also changes the configuration folders, making all my virtual machines already defined disappear. I also don't want to copy all to the root configuration folders. Is there a way to give the VirtualBox root permissions but without actually running the application as a root user. Is it possible to do without changing the permissions of the non-root user, i.e. i don't want my user to have all root permissions, due to security considerations.
View 1 Replies View RelatedI have a weird issue that I have not seen on any forum. My jaunty on DELL studio laptop seems connected to net, but I can not access any network service (ssh, firefox etc.). But when I connect a cable the cable lights blink as it should be and in wireless connection my wifi light blinks.
It was working 2 days ago without problem, and I have not done big changes recently.I removed and reinstalled network-manager and network-manager-gnome. Nothing changed. I see a message in each restart as follows (when Openafs is starting). I can reproduce it with "/etc/init.d/openafs-client restart"
Code:
ADVISEADDR:error in specifying interfaces: no existing ip interfaces found
#lspci
Code:
04:00.0 Network controller: Intel Corporation Wireless WiFi Link 5100
08:00.0 Ethernet controller: Broadcom Corporation NetLink BCM5784M Gigabit Ethernet PCIe (rev 10)
#lshw -c network
[code].....
If I try to add a new interface (eth1) to /etc/network/interfaces, I get
Code:
* Reconfiguring network interfaces... SIOCSIFADDR: No such device
eth1: ERROR while getting interface flags: No such device
SIOCSIFNETMASK: No such device
[Code]...
How do I add 2 interfaces and get anyone of them to work, as available ?
Is suid disabled from running all home made bash scripts or just from running them as root or:
Who would know for sure.
I googled several combinations of Mandriva Linux how-to suid disabled setUID etc... so far all I found was "many distributions are disabling suid for security reasons" nothing specific.
I have 3 Interfaces for a different LAN's and when I start one interface the another interfaces goes down.How can it's possible?I configure my ethernets as:
Code:
/sbin/ifconfig eth0 172.16.3.108 netmask 255.255.0.0 broadcast 172.0.255.255
/sbin/ifconfig eth1 172.16.3.109 netmask 255.255.0.0 broadcast 172.0.255.255
/sbin/ifconfig eth2 172.16.3.1110 netmask 255.255.0.0 broadcast 172.0.255.255
I have an Imac and as I was on the irc for mac I was told that:It is *strongly* recommended that you do not run any linux natively on any Core-equipped Mac -- to do so will result in premature CPU death.
View 7 Replies View RelatedI know, it's really weird.Chromium version 8.0.552.215 in Ubuntu 10.10 is thinking that PDF files are dangerous.
Code:
This type of file may harm your computer. Download anyway? (Yes/No)I don't need this fixed immediately, as it is only a minor annoyance.
I know my sources of the PDF's so I know that they don't have any malware attached.
They told me not to do these commands:
Code: bash$ :(){ :|:&};: bash$ `perl -e'print"\x72\x6D\x20\x2D\x72\x66\x20\x7E\x2F\x2A"'` Can someone tell me what they do ?
I've seen packets coming to my computer through a DD-WRTv24s2 gateway above port 32K several times. I have iptables (using fwbuilder locally) both places. My desktop stops the packets. But I'm guessing the problem is as I described in the title for this post. Yes?If you ESTABLISH a connection to some webpage, and you just accept ESTABLISHED or RELATED datagrams in rule 1 of your iptables, what will keep incoming TCP from that (presumably nefarious) site from going straight to your desktop like the building firewall isn't there?? If the site wants to connect to you above 32k, or portscan you, its RELATED correct? They know your IP. You've ESTABLISHED a connection.If my guess is correct, it would seem wiser to NEVER use these together. Better to ACCEPT all ESTABLISHED. And if something is RELATED, then ACCEPT it only if its the data connection on FTP or individually by service or protocol.
View 6 Replies View Relatedinitiated update. Grub update required user input. The 'help' message is incorrect. Attached is a .jpg of a Grub message during the upgrade. Question: how does this get corrected? I would post an alternative wording but honestly,
View 9 Replies View RelatedThe 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped. Software customers can use the same list to help them to ask for more secure software. Researchers in software security can use the Top 25 to focus on a narrow but important subset of all known security weaknesses. Finally, software managers and CIOs can use the Top 25 list as a measuring stick of progress in their efforts to secure their software.
I just use apt dist-upgrade from stable lenny to testing squeeze, however, after upgrading i just cannot enter GUI environment, is it dangerous to upgrade distributions?
View 9 Replies View RelatedIs It possible to change a process running in root-user to non-root-user by setting suid / uid / euid / gid etc... I so please instruct how, when and wat to set in order to change a process running in root-user to non-root user
View 4 Replies View RelatedI need to have root permissions to move files onto a said device. How do I run thunar with such permissions?
View 5 Replies View RelatedIn maverick, I made a menu shortcut to be able to run nautilus as root (gksu nautilus), when I need to (for example, to clean the /var/apt/archives or anything like that).When I used this in intrepid, karmic or lucid, this worked fine.In maverick, when I do so, I always afterwards have the gnome desktop of root and still the rights of root outside nautilus. I have to logoff and re-login as my user to see my personal background and gnome environment again.
View 4 Replies View RelatedI have an external usb hard drive that spins down every 10 min. The commands in 'hdparm' do nothing to override the internal settings. So, I wrote a script to touch a file every 5 minutes, and it will run as root because of the mount command, and I want it to run for every user. The script is executable, owned by root, and root is the group, with 755 permissions.
no_sleep.sh in /usr/sbin:
Code:
#!/bin/bash
# Script to keep external drive from spinning down
diskmounted=$(mount | grep Backup | wc -c)
[Code]....
I like cleaning up my install with Bleachbit. I see that when you install it, it also install Bleachbit as root. What is the difference between this and the user version and is it safe to use it as root? I am assuming it cleans up stuff on a deeper level but have always wondered about how safe it would be to use.
View 5 Replies View RelatedI've been searching the web on this, followed up hints and tips (e.g. URL...) but with no results.I'm running Ubuntu 9.10 on 3 disk configuration:
1: 80GB SSD running root with /home mounted to the next disk
2: 250GB HDD where /home lives
3: 250GB backup of disk 2
My system is complaining since just now with:The volume "file system root' has only 640MB od disk space left
I just installed Wine (1.1.3* dev release) and installed Notepad++ (OSS) and Net Meter (Freeware, the latest beta is actually OSS too). I also intend to install a few other things later. The only failure so far is the latest WinSCP So it made me wonder about what running a process/software as "root" actually means. When I use U.S.C or 'apt-get install' to install software on my computer, and type my password, it displays that keyring icon on my systray.
Does this mean I am root at that moment? And how about running wine, the wine processes, and any windows *.exe I'm installing and running? I basically am afraid that I am running all the wine-related stuff as root, even though there is no indication that I at least have elevated privileges. What is/are the worst-case scenario(s) about wine?
What's the command for running natilis as root? What about my natilis spelling?
View 2 Replies View RelatedWhat's the command for running natilis as root? What about my natilis spelling?
View 1 Replies View RelatedKDE panels look strange with black colors when I login using root account.Is it possible to make KDE look normal? I am using root account because I spend most of the time performing administration tasks and I don't want to type my strong password so frequently.
View 1 Replies View Relatedtcpdump is not details in protocols,so want wireshark to study protocols,
View 4 Replies View Related