I've recently been running a game server from my desktop, as well as a web page to accompany it.I use the ports 80/8123(HTTP)/5900(VNC)/50500(GAME)/5839(ADMINISTRATION).What's the best solution to protect my server from security threats? On a side note, I plan on adding a MySQL server later, but I want to keep it local only.
View 9 RepliesCan anyone tell me some current and future threats to the authentication methods used in Linux system. Modules like PAM(Pluggable authentication method), SASL, Kerberos, Shared secrets, shared passwords etc.
View 2 Replies View RelatedI am facing problem on my Linux server, those runing php sites, most of the time hacker upload file in my website and take the control, and hack the sites, shoot the thousands of mail etc
View 7 Replies View RelatedI have just configured Centos 5.5 LocalMailServer with fetchmail and sendmail , Proxy with Squid and FileServer with samba. Now my concern is security.. How can i protect my server with outside attack. Will I need to block some ports or I need special tools or script so no one from outside can attack my machine. My machine is working on intranet with local ip only.. No web server or static ip exists. Machine is connected with ADSL router to access internet.
View 5 Replies View RelatedI was looking for a way to protect my samba server for limiting access to certain domains.Can I use the parameterhosts allow = example.comor something like that or is there another way to do the job for domains
View 4 Replies View RelatedI'm looking for a most possible, secure solution to transfer data using rsync over Internet between 2 linux server.
I have 3 option: SSH, IPSEC and Kerberos.
Which one in your opinion should be most secure solution?
I was wondering if firestarter (software firewall) works out of the box or does it need some kind of configuration in order for it to provide protection? Is firestarter even needed with ubuntu?
View 6 Replies View RelatedI would like to know how to protect networks against VPN attacks? How does big industries do it? What does the government tend to use? Are any tools open source that I may get?
View 1 Replies View RelatedI want to start using videos/music files downloaded from untrusted sources (BT,Sharing Forums, etc.). Haven't made this a habit b4 because of the security risks. I want to take steps to reduce the risk & protect my computer from anything malicious. What are some good choices for this? The biggest step I took so far is using Ubuntu since it's very virus resistant, but other threats do exist out there (rootkits, malicious scripts, etc.). When downloading files from untrusted sources, who knows what may be hidden inside.Some options I'm thinking about:
1) Using a VM (with Ubuntu installed inside) & playing the files inside the VM. If anything malicious happen, it would be trapped inside & I could easily revert to a clean snapshot.
2) Using AppArmor to restrict what the files or program used to play the files can/can't do. AA seems very complicated though.
Are the above overkill? Would it be sufficient enough to just open these files on a non-admin user account since no access to root or sudo?
I want to password protect evolution. How would I do that? I want to allow anyone to access all my other software, but my business email needs to be privateMy current solution seems to be to setup another account. But all the user switching and other what not seems a little much for one program.
View 2 Replies View RelatedI've already read and tested the various guides for pasword portecting the menu items. What I need is a little bit different. I need to protect the whole boot menu so normal users cannot select any entry at all and only let the default entry boot.
View 4 Replies View RelatedI create music and usually gets sold world wide. I have some distributors that have been able to access a private server and get the new tunes I make to download via ftp. Well that server is getting full and I was trying to create another directory on my website itself.I created the directory. made the ".htaccess" file. Then I tried to make the htpasswd file but my server just keeps saying no command by that name.
View 8 Replies View RelatedI am planning a trip for a few days and I will be staying at an inn with Wifi access. All the guests are allowed to use it. A friend of mine has been there, he told me there are several other private spots around the house, i.e. lots of other people using Wifi. My friend told me the inn uses WEP, so who knows how many times their access point has been hacked and accessed without permission...
My concern is that I will be there for a few days with my notebook, I will have to work once in a while, connected to the Internet. Is there some precaution I should take to protect my notebook from intruders? Is it advisable to install a firewall in my notebook (iptables?) or am I just overreacting? Is it possible for one of the guests or neighbors to break into my notebook?
are there any programs that will protect my computer on the Internet. Just started using fed 10 from windows so i am not sure what i need to do. I am using an acer aspire 5630 laptop.
View 1 Replies View RelatedI was wondering how to password protect certain file folders?
View 6 Replies View Relatedim currently trying to configure SE Linux policy for a folder so that only my user with root privileges can access it and not just root but i don't know the commend to run on the folder to change its permissions
View 4 Replies View RelatedI would usually just root the permissions to 000 but I need to password protect a folder on a usb drive and then open it on windows.
View 1 Replies View RelatedThis might sound really stupid, so you'll all have to excuse my lacking knowledge. I read that USB attacks get more and more common, like putting in an USB stick with a malicious autorun script on it, and it's game over. Can AppArmor protect devices and limit their access to the file system?
View 5 Replies View RelatedWe are trying to define an appliance based on Suse for an application server and Web server Apache, so we would like to know configuration best practices for network and security, is there any paper/doc about best practices?
View 3 Replies View RelatedI'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
View 3 Replies View RelatedOn April 10, 2010, I upgraded some packages on my Ubuntu 9.04 server. This included an upgrade to "ufw 0.27-0ubuntu2". I rebooted the server, and all appeared to be fine.
Now I've noticed that UFW is not logging blocked packets since that reboot. It used to do this. It is still logging the allowed packets that I've configured it to log.
Here's what a "ufw status verbose" says code...
I'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
I followed this how to to make a NFS server: [url]
So it means: exports looks like this:
Quote:
Here are some quick examples of what you could add to your /etc/exports
For Full Read Write Permissions allowing any computer from 192.168.1.1 through 192.168.1.255
It means that if sbdy arrives with a linux machine, puts the ethernet cable into the router, then logs as root on his machine, and mount the exports. He can do almost everythg, with permissions chmod'ing ...
Is that LAMP, or i am wrong for nfs kernel servers, the ultimate users/password servers against that to prevent those physical approches /logins?is there good how to ?
I want to know how can I test my server security with hping3 tool I want to make a virtual DoS or DDoS or SYNK attack in my LAN to test my server security and ability against these attack .Is hping3 a good solution for this or not if yes how can I do this which option of this can make such these attacks?
View 4 Replies View Relatedif there is any free software there used to protect Fedora from spyware and virus?
View 8 Replies View Relatedubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?
View 5 Replies View RelatedTo avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies View Related1. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
Conky can be used to display a variety of information on the users desktop. I wanted to use Conky instead to display the current status of security as reported by:
SANS Internet Storm Center
IBM Internet Security Systems
Symantec Threatcon
McAfee Threat Center
I therefore created 4 small scripts which download the current status from these sites, and set the colour of those status's depending on the current value.The conky configuration allows for a semi-transparent background - though this is optional.Attached is an example image showing the 4 different colours.Also attached is an archive with the 4.sh files, .conkyrc and draw_bg.lua (from here http:[url].....