Ok i think Tor has some way of making the dns queries anonymous by default. I did the DNS nameserver spoofablity test here at [URL] and the results i got showed about 30 different dns servers. Normally when i carry out this test on my standard isp connection or the vpn i use i just get one dns servers settings consistently.
View 1 RepliesI use Ubuntu 10.04 and I want to be able to move around the system without having to frequently enter my password. For example, when waking up the system from a power save state or when accessing Synaptic Package Manager I do not want to be asked to enter my password. There is nothing on my system that matters if its security is breached. Is there a way to turn off these requests for a password?
View 9 Replies View RelatedI've lately been getting some strange nfs mount requests for non existant users' home directories on a F14 machine to my file server (CentOS).The message log on the file server shows the following
May 23 03:10:53 data mountd[4835]: can't stat exported dir /export/home/httpd: No such file or directory
May 24 03:21:13 data mountd[4835]: can't stat exported dir /export/home/httpd: No such file or directory
May 25 03:26:53 data mountd[4835]: can't stat exported dir /export/home/httpd: No such file or directory
[code]....
i've tried blocking ping requests with iptables.. and it didnt work Quote: iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
also tried editing sysctl.conf.. which worked perfectly but after i restarted the system i was able to ping my ubuntu machine from my lappy here is what i added to sysctl.conf and then executed it with sysctl -p
Quote: net.ipv4.icmp_echo_ignore_all = 1 here is another atempt to block.. this one worked too... but again after the restart i was able to ping my machine.. Quote: echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
I've been trying to configure ufw to drop ping requests for a couple days now, and I can't figure it out. I've tried a couple different methods in some different guides, still nothing. Anyone know how to do this?
View 4 Replies View RelatedBelow is the print out of requests, with the website address "#.com". The requests are listed in the order in which they appear on the stats page. What does it mean?:
Code:
#.com/
#.com/?Mode=debug
[code]....
In my logs for Apache I have lots and lots of failed attempts for incorrect incarnations of [URL]. None of them are anywhere near my alias for the index.php but yet phpmyadmin is broken. Is there away I can mess up robots like this. Send IP's that create multiple wrong page requests on my server back to their own IP address maybe? I would then just set thresholds to decide how strict to be. I did try fail-to-ban before but it is cryptic. I don't have it on this particular server.
View 2 Replies View RelatedI have suspicious requests in my haproxy logs from multiple sources to the same target. I could deny them in /etc/hosts.deny, but there are too many to keep track of. Is there a way to deny all requests to a specific target either in haproxy or through iptables?
Here's an example of the request: Apr 12 15:11:37 127.0.0.1 haproxy[28672]: 41.105.42.150:27072 [12/Apr/2011:15:11:37.315] web_servers frontend_farm/######## 3/0/1/1/169 404 1073 - - --NI 3/3/2/1/0 0/0 "GET /images/comment_icon.gif HTTP/1.1"
I've commented out my amazon instance id for security purposes. The request is for comment_icon.gif which does not exist. All requests go to that. The source IPs are from different countries as well. Blocking a certain country won't work either. Basically, if there was a way to send all requests for comment_icon.gif to /dev/null or something it would work.
I upgraded to Mythbuntu 9.10 from 8.10 and things went fairly well. No major problems during the upgrade. The system is just a mythbackend server. The only things that access it are for myth and for the smb mounts for mythtv. Every couple days, the system stops responding to network traffic. No myth connection, no smb, no pings even. All I have to do is wiggle the mouse on the system and everything comes back up instantly. I noticed that after it comes back up, the time is off by hours.
View 1 Replies View RelatedI have a crawler on my VPS VMWare Server (also tried it on my dedicated server). After many requests about 200.000/6h my network is gone. I use lynx to get any website outside of local network and any site is not responding - also tried to obtain IP address instead of host name - no results. I can get every local site. For example when I am on 190.24.2.1 I can obtain a page which is placed on 190.24.2.5 but obtaining 191.54.23.34 is not possible.I tried many things such as changing TCP timeouts to less, restarting virtual machine and no results. After few hours - 4-5 hours I get network working. It is not working as fast as it should but it is ok.
I am wondering where is the problem. Have I got to configure linux? Am I missing something? Maybe some router stack is blocking my ip? (Other crawlers put on same VPS are working properly, but after 6 hours they also crashes)I also notices that I can get like 30.000 web sites per hour (some with errors, some with no response, some with timeout surely) but this number decreases hour by hour and finally reaches zero.Can you help me and suggest where may ba a problem?My system: Ubuntu 10.04 LTS Server, 1GHz, 512 MB RAM, 5 MB/s.
Background:I have a small PC104 running opensuse 11.1. I'm writing a small client/server application for debugging purposes using mono and WCF. All the client does is make a request for information every 100ms.Problem:After about 20 requests the server quits responding to the client. Even if the client is running on the same machine. I've run the exact code on another laptop running opensuse as well as a laptop running windows and everything works great. Hopefully that closes the option that it is a code, mono, or opensuse flaw.Is there a kernel option or a network option that anyone knows about that might cause this sort of behavior?
View 3 Replies View RelatedMy computer shares an internet connection using an ADSL router.There are other three machines.I have set up a Apache server for learning purpose and I want it to be inaccessible from anywhere else including the PCs in the network.When I enter my ip-address assigned in the network (192.168.1.1xx) from other computer,I get my ppages and I dont want that.
How can I block HTTP requests from other computers?
I have installed bootpd-dd2 and enabled and configured it with xinetd. 1. Made sure that their is a bootptab file and it is configured. 2. Tested the bootpd is working by runing the command /usr/sbin/bootptest cmdbfs .3. tail -f the /var/log/messages and saw the requests from the test.4. rebooted a machine that is configured to pxe boot.there is no messages by bootpd when a request is made.request is picked up by network monitor on a seperate computer on the proper udp port
View 9 Replies View Relatedhow efficient and effective are these snort, argus, ossec etc etc for an organization having 3500 PC Network, connected through 700+ Cisco Devices (Layer 2 and Layer 3), and scattered on 130 different sites (geographically)? what should be the combination of products and what should be the architecture for an efficient forensics activity?
View 2 Replies View Relatedim using firefox 3.5.7 with ubuntu 9.10 but firefox since 3.5.6 and 3.5.7 keeps crashing a lot-just now it crashed my entire system-the whole screen went black. So to that end is use of opera or chrome secure for ubuntu?
View 9 Replies View Relatedhow to cross-reference it but searching on 'Could not initialize the browser's security component' will find it. Then look at the last 3 entries. Me and two other users have been unable to use Thunderbird since yesterday's update.
View 2 Replies View RelatedSo I downloaded a movie from megaupload and a pop up came up with [URL]....that bounced me to[URL]..but that webpage did not display. Normally, on Windows, I would have an anti-virus that would likely give me some sense of good or bad websites. On Ubuntu, I am not quite sure. Do I need a malware scanner for the firefox browser? I have the standard package from the 10.04 distro with the latest updates...
View 5 Replies View RelatedI am trying to use apparmor to restrict my file browser, which is Thunar to only let me view the files that are in the home directory and also removable media.I tried following the apparmor sticky with no success.I created the profile and tried editing it and it either started and let me do pretty much everything or did not start at all. Would it be possible for someone to help me step by step to set up a profile for thunar that would only show the home directory and removable media.
View 2 Replies View Relatedwhats the most secure firefox browser for karmic that i can use from a PPA source ? that source must be trustable.could you tell me the PPA for the one in question as well ?
View 2 Replies View RelatedThe cryptographic underpinnings of the Internet, as presently constituted, are messy, chaotic and rather randomly constructed. And that infrastructure is not only ripe for a variety of attacks, but is not easily fixable, a group of experts said Friday. At a forum on browser security sponsored by a Washington policy think tank, a group of technologists and policy experts from industry and government outlined the serious architectural and implementation problems with SSL, the certificate authority infrastructure and the way that browsers handle certificates. It was not a pretty picture. The problems extend from the way that CAs issue certificates to how certificates are handled by the major browsers to the way that attackers are able to take advantage of the weaknesses throughout the system.
View 1 Replies View RelatedOnline, I see many security alerts firefox but none related to Opera or other browsers. Is Opera more secure than Firefox?
View 3 Replies View RelatedBrowser can't find server at att.yahoo.com so no internet. My folding at home client with Stanford can't download {an upload went ok}. I have 2 other fedora boxes & 3 windows boxes thru the same router and they are all fine.
I can manually ping Stanford ok,
Add/remove software within fed. works ok.
I can type in 192.168.0.1 & get the page for my router
The only thing I did between working & not working was to install
Nvidia Cuda driver for my GTX275
My guess is something in the firewall got tweaked. but I've compared it to 2 working boxes & nothing jumps out at me.
I have a F11 box serving xdmcp. I log into them machine remotely with xming. As far as I can tell, all x clients work fine, EXCEPT for sealert. I get occasional selinux alerts, but I cannot use the sealert browser on my remote machine. When I try to run the browser, I get this: sealert -V -b
2010-03-05 11:27:49,841 [dbus.proxies.ERROR] Introspect error on :1.61:/org/fedoraproject/Setroubleshootd: dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Message did not receive a reply (timeout by message bus) 2010-03-05 11:27:49,842 [dbus.proxies.DEBUG] Executing introspect queue due to error 2010-03-05 11:27:49,842 [dbus.ERROR] could not start dbus: org.freedesktop.DBus.Error.ServiceUnknown: The name :1.61 was not provided by any .service files
I see the bug at [URL].. but it does not mention the browser, nor does it say what the fix/workaround is..Im going to stab in the dark and start relabeling things, but anyone know what's really wrong?
I was recently connecting securely to the website where I have my mail account, and I connected through Tor. When doing so firefox presents me with the screen saying that the connection is untrusted and it can't verify the certificate. So I cancelled. I'm using torbutton and I turned torbutton to off and connected again with no problem. Then with torbutton on again, same thing (untrusted).
Is it possible the exit node I was going through is doing a man in the middle attack? However later when connecting through tor I did NOT get the warning about the site being untrusted. I really don't know what exit node I was using when I got the certificate warning and what exit node I was using when I did not recieve the warning. I don't know how long I stay on the same node or how/when it changes.
We have a web server running apache and a custom web app that we log into from a web browser and it ask you to except the certificate and all is well. I now have an user who is using a window server 2008 and he wants to manually import the *.cer file into his browser to be able to login. My question are:
1 - What is the file that is being imported into the browser? *.pem *.crt
2 - I see on our server that we have our certs I believe located in the /etc/pki/tls/certs. The openRADIUS servers that I have created, this is the directory to where it is stored.Is this the typical placement for certs.
3 -If the files is a .cert or *.pem than could I use openssl to convert them to the appropiate *.cer file for IE7
A researcher at security firm Alert Logic has published code that could be used to compromise some versions of Google's Android Operating System. The exploit, if properly adapted, could make Android phones vulnerable to remote attacks and compromises.
View 2 Replies View RelatedOne of my user wants to be able to upload file via browser to the server. For that, i need to grant apache read and write access to a folder. How much secure is allowing apache to grant complete read and write access to a folder ?
View 2 Replies View RelatedTo avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies View RelatedAs it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
The default Firewall ufw is not enabled by default at the time of installation and it has to be enabled by the user.Isn't this a security risk or is the user whether ufw is enabled or not secured from external threats?I am not much knowledgeable about network security But I am trying to understand the Ubuntu mentality behind this default setting.
View 4 Replies View Related