Ubuntu Security :: Errors Re-configuring Bastille?
May 21, 2011
I recently installed Bastille as one of several programs to protect my new install. When I was going through the configuration, I was under the impression selecting to disable single user login would still allow me to login using my root password. On the graphical login screen it does not work.When I boot in recovery mode (I had a dual-boot installed), I can login in fine, but this is in a command line/terminal like screen. I attempted to re-configure Bastille using this screen, and here are my lackluster results.Command:/usr/sbin/InteractiveBastille -cThis command takes me through the questioning phase, but at the end I receive this error message when trying to save the new configuration.Failed to open log file /var/log/Bastille/action-log: Permission Deniedand ERROR: couldn't not write to etc/Bastille/config (exact wording!)I am not sure how to remedy this. I am tempted to try to uninstall Bastille and try something else, but I do want to have a security package as I file share.
View 3 Replies
ADVERTISEMENT
Jul 16, 2010
I just ponder can anybody shed some light to me how to manually disable service such as FTP,SSH,etc in which Bastille is doing.If all the services can be manually disable,which mean Bastille is just a tool to help newbies like me to use it.
View 9 Replies
View Related
Mar 24, 2010
After running Bastille to harden my server, Samba stopped working. It had asked me if I would like to disable Samba during the configuration and I selected 'no' so it should not have done this.
When I tried:
Code:
sudo /etc/init.d/samba restart
Nothing happened. I found in the script, if it does not detect smbd and nmbd running, it just exits -- no error message, just simply does nothing.
I found that /usr/sbin/smbd and /usr/sbin/nmbd both had all permissions removed. I set them back to 755 and restarted samba normally.
View 1 Replies
View Related
Jun 20, 2010
I'm running Ubuntu 10.04 LTS as a VM in Hyper-V, and accessing it via VNC with a machine in the same broadcast domain. I'm using OpenVPN to connect to XeroBank. I have instructions for configuring iptables to permit establishing and using the XeroBank connection, while blocking all other traffic on eth0. I've followed them successfully. I need to also permit the VNC connection, and haven't managed that. FWIW, the VM is at 192.168.111.12::5900 and the workstation is 192.168.111.2.
The attachment to this post lists the recommended contents for each Shorewall file. Which files need changed, and what do I add to each?
View 3 Replies
View Related
Jan 17, 2010
I am currently trying to make my computer as secure as it can possibly be. I am configuring the firewall to be restrictive by default, but I have some programs that are still unable to connect to the internet.
1. Pidgin Internet Messenger (I use AIM and MSN)
2. Skype
View 3 Replies
View Related
Oct 16, 2010
how can I configure a new "stored secret" in Seahorse? Or System > Preferences > Passwords and encryption keys, in a free translation from Brazilian Portuguese "Senhas e chaves de criptografia"? For instance, let's say I want to add a stored secret to be used with Skype: in Seahorse (Ubuntu 10.10), I clicked on Files > New > Stored secret, select the "login" keyring, type "Skype" in the description field and my skype password in the "Password" field and finally click "Add". But when I right-click the new secret > Properties, I can't change or type anything in the "Details" or "Applications" tabs, So, how can I inform Seahorse how, when or with what should it use my secret?
View 2 Replies
View Related
Mar 3, 2009
I new in Linux, I have a Centos5 since sunday and well I have to configure the iptables security of this cpu, I read a lot of examples of iptables in the internet and also another Thread from here but Really a don't know what to do, I saw lots of codes but first of all I don't know where I have to write that and my teacher don't want to help me in this homework. I tried to write the codes in applications --> accessories --> Terminal
View 3 Replies
View Related
Aug 17, 2010
I have just installed SSL certificate for my private domain (it runs on a private ip in a local network). I got the trial SSL from thawte. I have successfully installed the certificate.
View 1 Replies
View Related
Feb 23, 2011
I have just complied Snort 2.9.0.4 under Ubuntu 10.10 x86_64 installed with all Lamp package.The syntax i used to compile Snort as follows below
[Code]...
View 2 Replies
View Related
Apr 7, 2010
The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped. Software customers can use the same list to help them to ask for more secure software. Researchers in software security can use the Top 25 to focus on a narrow but important subset of all known security weaknesses. Finally, software managers and CIOs can use the Top 25 list as a measuring stick of progress in their efforts to secure their software.
View 1 Replies
View Related
May 28, 2011
I have created a firewall script to work via iptables on debian. This script is a derivative from the script on [url] and a course I'm following at school.
I'm not looking for a perfect solution or someone to grade my work. how to improve this script. while running this script I get a lot of errors back.
Quote:
View 11 Replies
View Related
Jan 24, 2011
I have a few mail servers (CentOS 5.5) that are running OSSEC Active Response (2.5.1) on Iptables (1.3.5-5.3.el5_4.1). We are currently having a problem where we get loop hook errors:Jan 24 04:15:03 servername kernel: iptables: loop hook 1 pos 464080 00000022 this is the firewall-drop.sh we are currently using:
Code:
#!/bin/sh
# Adds an IP to the iptables drop list (if linux)
# Adds an IP to the ipfilter drop list (if solaris, freebsd or netbsd)
# Adds an IP to the ipsec drop list (if aix)
[Code]...
View 4 Replies
View Related
Jan 2, 2010
This is a transcript I get emailed at least once every day, usually about 3 to 10 a day recently.
Transcript of session follows.
SMTP server: errors from unknown[ip address]
<boring stuff snipped>
In: RCPT TO: <server@my domain>
Out: 550 5.1.1 <server@my domain>: Recipient address rejected: User unknown in local recipient table
Session aborted, reason: lost connection Now I cannot seem to find anything via Google, as when I put "server@" anywhere in the string, I just get web hosting or other kroomst. The emails usually come from legit places, usually hotels. Does this mean they are sending bad emails, i.e. they have a Trojan/worm, or is this a live hack attempt?. I believe the later, as I might get upto 3 domains from the one ip address, which is always, NOT associated with the listed domain. Not causing me any issues, except I have been getting a lot recently.
View 4 Replies
View Related
May 31, 2011
I have two things going on with my computer where I'm getting (error?) messages.
One is:
"The password you use to log in to your computer no longer matches that of your log in keyring."
This is in a window that pops up on my desktop after I log in and I have to enter my old password to get in the rest of the way.
I found this: url link and followed the path given in post #2. There, in the list, I find an entry named "uname@host" which shows my new/ changed host name. When I double click it and expand the "password" section at the bottom of the window I find that the password is indeed my new password, not the old one (you can tick box to "show password").
The other is, and I think this is connected:
When I use sudo in the terminal I get: "unable to resolve host"
I went to:
Code:
cd /etc; less hosts
and in the second line what I see is the old host name and not the new. I think that if I can correct this second thing, both will be resolved?? Or is that file even relevant to the situation??
If that is true, I want to make sure I go about it in the right way and not end up locking myself out of my own computer or something stupid like that.
View 9 Replies
View Related
Feb 22, 2010
I',m executing ping, but it didn't work, in order to find the mistake in my network I would like to know how to see the errors:
Code:
18 packets transmitted, 0 received, +12 errors, 100% packet loss, time 17038ms, pipe 4 I want to see this +12 errors. Could I do that?
View 2 Replies
View Related
Aug 25, 2009
Does anybody know if there is a quick and easy way to simply disable samba security to avoid "Access Denied" errors when trying to access shares via Windows XP?
View 2 Replies
View Related
Feb 26, 2010
I am running Valgrind on my program. It shows me two errors but mentions only addresses against them and not actual code even on a debug build.
The output is
==23002== Memcheck, a memory error detector.
==23002== Copyright (C) 2002-2005, and GNU GPL'd, by Julian Seward et al.
==23002== Using LibVEX rev 1575, a library for dynamic binary translation.
[code]....
View 1 Replies
View Related
Jul 22, 2010
Can anybody tell me what kind of fsck errors are found on a system?
View 5 Replies
View Related
Jan 28, 2010
I installed Ubuntu a few months ago on my Dell inspiron 1318. All works really well, however my only only problem with the setup is the boot selection screen. Is there a way to put Vindoz in the first spot instead of Ubuntu? I use them about 50-50 of the time but would still prefer windows as default because my wife uses that with her accounting software and she goes nuts when she turns it on and it goes to Linux.
View 3 Replies
View Related
Feb 8, 2010
my windows key on the keyboard is lying idle. can i do something about it? erm...use it to open the GNOME menu?
how to do it, i mean implement the shortcut.
View 9 Replies
View Related
Feb 1, 2010
when i try to copy this script to the cgi folder, i get an error
casper@casper-laptop:~$ cp /home/casper/hello.cgi /usr/lib/cgi-bin
cp: cannot create regular file `/usr/lib/cgi-bin/hello.cgi': Permission denied
casper@casper-laptop:~$
#!/usr/local/bin/perl
# hello.pl -- my first perl script!
print "Content-type: text/html
";
print <<"EOF";
[Code]....
i am running apache on ubuntu ibex - is there something that i have to setup to run cgi scripts on ubuntu? it runs ok from the command line - but i want to open it up in a web browser.
View 4 Replies
View Related
Oct 12, 2010
I installed Ubuntu 10.10on a Compaq via USB. Everything works fine except NO INTERNET. Even a simple LAN connection is not rcognized. What needs to be done?
View 2 Replies
View Related
Aug 11, 2010
I am using ubuntu 10.04. I installed inetutils-inetd,rsh-server & rsh-client. Created user "user1".disabled firewall using the command $ sudo ufw disable
$ su user1
$ cd ~
$ vi .rhosts
Entered ip address of another host and saved
$ chmod 600 .rhosts
[Code]...
When I issued 'tail -f /var/log/messages', I got no messages. do I have to disable any other services to do this work.
View 11 Replies
View Related
Apr 10, 2011
I've just been given a Microsoft Wireless Media Desktop 1000 keyboard and I'm trying to configure it for ubuntu. Unfortunately I can't find any preinstalled keyboard layouts that work and can't find any software that assists in such a task.
View 1 Replies
View Related
Jan 8, 2011
I am trying to configure my wireless network on my laptop running Ubuntu 10.10 and am having a bit of difficulty. I am a complete Linux newb, but want to learn it, hence the reason I'm trying to set this up. Here's the vitals:It is a Gateway 600 YG2 laptop. It was previously running Windows XP, but I installed Ubuntu 10.10 in place of it (not a dual boot, I removed XP altogether).I have an old wireless card that I'm trying to resurrect. I haven't really used the card in a couple years, but it seems to still work, I just can't connect to my home's wireless network. The card is a Linksys WPC11 v2.5. When I plug it in, Ubuntu recognizes the network, but won't connect to it. My home network uses WPA encryption and the only connection type that Ubuntu's network manager is giving me is WEP and then it asks for a key -- I have no idea what that key should be.
So, basically, I'm asking, is there a way I can instead connect through WPA? I've tried creating a new connection in network manager, but that won't work, it keeps falling back to the WEP connection and asking me for a key. I have tried to install the XP driver using ndiswrapper but I don't know if that's working or not. Is there a way to tell if:A) the card is working as it shouldB) the correct drivers are installed (again, I installed the XP one using ndiswrapper NET8180.INF, but I'm not sure what to do next)
View 1 Replies
View Related
Jan 1, 2010
I am experiencing trouble configuring suPHP on my Ubuntu 8.04 web server. I've googled around quite a bit and the general consensus is that you first disable php5, then install the suphp module (I did that from the repo). I configured one of my Vhosts to use suPHP_UserGroup, but I get the following error:
Invalid command 'suPHP_UserGroup', perhaps misspelled or defined by a module not included in the server configuration
I know the module is loaded, so I'm not sure why I'm getting this error. Is a Vhost the right place for this setting? Note that I installed from the repository instead of compiling from source if that makes any difference. Any insight on this issue? I can provide configuration files if need be.
Edit: After some extended googling, from what I understand I have to recompile suPHP using the 'paranoid' mode. Am I correct?
View 1 Replies
View Related
Jan 20, 2010
I have an Ubuntu 9.10 server that is normally headless, but has a TV-Out that I want to start using. I've installed xorg, but when I test it with either startx or just X, I get the following:
Code:
X: warning; process set to priority -2 instead of requested priority 0
X.Org X Server 1.6.0
Release Date: 2009-2-25
X Protocol Version 11, Revision 0
[Code].....
View 2 Replies
View Related
Jan 20, 2010
I have ubuntu 9,10 and 7 repositorie disks I bought from osdisc.I installed ubuntu next to widows xp 3.I can't seem to connect to the internet or configure my system to do so.My us robotics usb 2.0 modem works great in xp but not at all in ubuntu.Is there someone out there willing to help me step by step?Or in anyway possible.Directions on how to or where to go for help.I'd really like to not be dependent on Microsoft completely. My telephone number is 903-566-3590. My fax is 9035660030. My address is 12862 Sandy Point Drive Tyler, TX 75707
View 1 Replies
View Related
Feb 2, 2010
I'm new to Ubuntu and installed Apache, Tomcat and PHP using separate packages. All work well but it seems that the default doc root for Apache and PHP are in different places as:The following command to start Apache: sudo /usr/local/apache2/bin/apachectl start brings me to the "Test Page for Apache Install" and shows the Apache logo--successful--when I hit URl....Also, could someone please tell me how to stop PHP from starting Apache on boot?
View 5 Replies
View Related
Mar 18, 2010
I am using Ubuntu 9.10. I just got a Linksys WRH54G wireless router. I want to protect my wireless connection by putting a password to it but when I enter the Router's default IP address (192.168.1.1) into my browser to open the 'Utility Welcome screen', the browser does not respond.
According to the Router's manual this is because PC' TCP-IP is not set to automatically obtain the IP address.
View 9 Replies
View Related
