Ubuntu Security :: How To Reset / Allocate IP Address

May 19, 2011

For a while now, I have been trying to reset my IP address in Ubuntu but I have had no luck. The reasons why I want to reset it and get a new one is because my service provider waits weeks to change it. I am concerned it has fallen into some unsavory hands. Also, can you be hacked if the would-be attacker is unaware of your IP address? Are there other means of locating your computer on the web without an IP address or webserver?

View 6 Replies


ADVERTISEMENT

Ubuntu Security :: AppArmor Failed To Load - Could Not Allocate Temporary File

Jan 7, 2010

I get the error message in the subject line, followed by a red failed message.

However, once the system is finished booting, I can log in and

Code:
sudo /etc/init.d/apparmor start
and it starts normally.

View 7 Replies View Related

Security :: Address Space Randomization On 2.6.28-15-generic Ubuntu 9.04 - Finding Base Address?

Sep 14, 2009

Im an academic (university networks and security lecturer) studying/teaching network and operating system security, and inspired by the work of Hovav Shacham set about testing ASLR on linux. Principley I did this by performing a brute force buffer overflow attack on Fedora 10 and Ubuntu 9. I did this by writting a little concurrent server daemon which accidently on purpose didnt do bounds checking.

I then wrote a client to send it a malicious string brute forcing guessed addresses which caused a return-to-libc to the function usleep with a parameter of 16m causing a delay of 16 seconds as laid out in [URL] Once I hit the delay I new I had found the function and could calculate delta_mmap allowing me to create a standard chained ret-to-libc attack. All of that works fine. However .... To complete my understanding I am trying establish where I can find the standard base address for ubuntu 9 (and other distros) for the following, taken from Shacham:-

Quote:

[code]....

/proc/uid/maps gives me some information but not the base address ldd also gives me the randomised starting address for sections in the user address space but neither gives me the base address. Intrestingly ... when a run ldd with aslr on for over (about) 100 times and checked the start point of libc I determined that the last 3 (least significant) hex digits were always 0's and the fist 4 (most significant) where between 0xB7D7 and 0xB7F9. To me this indicated that bits 22-31 were fixed and bits 12-21 were randomized with bits 11-0 fixed. Although even that doesnt define the boundaries observed correctly.

Note: I am replicating the attack to provide signatures to detect it using IDS, and for teaching purposes. I am NOT a hacker and if needed to could reply from my .ac.uk email address as verification.

View 1 Replies View Related

Ubuntu :: Reset High Speed USB Device Using Ehci_hcd And Address 2?

Jul 12, 2011

is this normal to see in dmesg multiple times after booting (screenshot)

Code:
lsusb
Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

[code]....

View 2 Replies View Related

Ubuntu Security :: Is Posting The Hardware Address A Security Risk

Feb 28, 2011

When posting results from ifconfig, it shows the hardware address of etho, etc. Would you consider that to be a security risk ?

View 9 Replies View Related

Ubuntu Security :: How To Reset The Iptables

Jan 14, 2010

i ran this

Code:

iptables -N rate-limit
iptables -A rate-limit -p tcp -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 3 -j RETURN
iptables -A rate-limit -j DROP
iptables -I INPUT 1 -p tcp --dport 22 -j rate-limit

i am no longer able to ssh in to the machine , how can i reset iptables and firestarted back to default?

View 3 Replies View Related

Security :: /var/log/Xorg Permissions Reset During Re-Boot?

Jan 28, 2010

I was curious if anyone has addressed this issue before. I have set the permissions to /var/log/Xorg.0.log as follows:

Code:
-rw-r----- 1 root root 00000 Jan 00 00:00 /var/log/Xorg.0.log
I have done a lsof and the file is being opened by root. I have set Roots umask to 0077, yet after a reboot

[code]....

View 1 Replies View Related

Server :: Reset Security Context For Cgi-bin By Mistake?

Feb 9, 2011

I reset the security context for my cgi-bin to httpd_sys_content_t.How do I set it back to the proper context?

View 1 Replies View Related

Fedora Security :: Reset The Root Password By Booting Into Single Usermode By Editing Grub

Apr 17, 2009

Being able to reset the root password by booting into single usermode by editing grub. This is a MAJOR flaw. I know it makes no real difference against internet bourne attacks, but even so I must say I found it shocking. The only way I've found to stop this is to encrypt the entire HDD, so noone could get into single user mode without first knowing the encryption key/password.

View 14 Replies View Related

Fedora Security :: FC11 Is Set By Default To Reset The IPTables Firewall To ACCEPT Across The Board Each Restart?

Jul 16, 2009

How come FC11 is set by default to reset the IPTables firewall to ACCEPT across the board each restart?

View 4 Replies View Related

Fedora :: Unable To Reset Using Either The Reset Option In Gnome Shell Or The Command Using A Terminal?

Jun 3, 2011

I'm unable to reset using either the reset option in gnome shell or the command using a terminal. When I select it the shell exits and displays the graphic "exploding" and then it just sits there. Shutdown works fine; just no reset. Any ideas? I've installed from the DVD. I booted the live CD and it resets just fine so I know it's no my hardware

View 1 Replies View Related

Ubuntu Security :: Use Address Not Ip In Iptables?

Jul 24, 2010

i need to open this address ftp.nai.com, is there a way to use address not ip in iptables?

View 7 Replies View Related

Ubuntu Security :: Allow Foreign IP Address In Hosts?

May 30, 2011

I found this IP address in my hosts.allowQuote:ALL: 119.42.68.232I cannot find any other evidence of intrusion.

View 4 Replies View Related

Security :: Can I Allow SFTP For ANY But SSH For Some IP Address

Jul 20, 2010

Can I allow SFTP for ANY , but SSH for some IP address

View 6 Replies View Related

Security :: Proftp Log MAC Address?

Mar 11, 2011

how do you configure proftp to log MAC address on LAN, not just IP?

View 4 Replies View Related

Ubuntu Security :: Block Device By Bluetooth Address?

Apr 22, 2010

Is it possible somehow to block some bluetooth device with specif address (mac) ?
(like iptables block by mac)?

View 3 Replies View Related

Security :: Netstat Output Has No Address?

Apr 19, 2011

I've never seen the type of output from netstat and don't have a clue what it means.Quote:

tcp 0 0 :::8009 :::* LISTEN 31673/java
tcp 0 0 :::22 :::* LISTEN

[code]...

View 7 Replies View Related

Ubuntu Security :: Contact Form - Encode Email Address?

Feb 5, 2010

I get a lot of spam recently and I think is from my contact page... how do I encode my email address so that It won't be picked up by spam bots?

View 3 Replies View Related

Ubuntu Security :: NMap Lists Unknown Local IP Address

Jul 18, 2010

I wouldn't call myself paranoid, but I do try to keep reasonably secure on my home network (WPA encryption, router firewall, etc.). I also occasionally use nmap to make sure I don't see any unknown computers logged into my network. The problem is I have five computers that all use DHCP on the network and they are not all up all of the time. At most, there are two to three online at any one time.

So, my question is: Do any of the IP addresses remain in the router's database for a computer that has gone offline (shutdown)?

The reason for my question is that today I ran nmap on my home network and noted an IP address that was not currently up on the network. It is, however, an address that is frequently assigned to one of the computers when it is online, but that address was not up at the time I ran nmap. Just trying to make sure my network is not being used by some nearby computer.

View 5 Replies View Related

Fedora Security :: 'send' Address Can Be Spoofed

Oct 16, 2009

I'm behind a modem router with firewall and SElinux enabled by default - but checking my mail this morning I noticed several ' delivery failures ' ( allegedly ) from hotmail referring to mail I hadn't sent. When I checked the spam folder for the on-line side of my mail account there were more failure notices. Two points that may be relevant, one is the recent Hotmail exploit, the other is that this only occurred with the address I use for railway matters, and some people cc to everybody, so it's odds on that address is on a good few computers. On one occassion when I checked my spam folder on-line I found spam which claimed to be from myself, so I know the ' send ' address can be spoofed, is this the explanation, or is it a new kind of attack linked to the Hotmail exploit?

View 13 Replies View Related

Fedora Security :: Blocking And Allowing IP Address For FTP?

Jul 15, 2010

I want to ask about securing the FTP connection... I have one server that Installed with Redhat Linux Fedora 6.

And now, i want to securing the FTP access, so only the selected IP will be allowed to connect. Do anyone know how to do this?

Another thing is, my server using Webmin 1.3 to manage the server and there not installed / not configured yet with Frox FTP, ProFTPD Server, WU-FTP Server... even there is such thing in my Webmin...

Can i make use one of the three FTP i mention above, and if yes, will it be affecting the current FTP access?

View 1 Replies View Related

Fedora Security :: Blocking Ip Address Range?

Dec 31, 2010

I'm assuming that the following should block the complete 178.123.xxx.xxx address range.

Code:
iptables -I INPUT -s 178.123.0.0/24 -j DROP
Then I believe that I need to save this change.

Code:
service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]

However, I'm not so sure that it is actually working based on the fact that there continues to be access to my wiki from that address range. The following is after I made the firewall change.

Quote:

178.123.177.61 - - [31/Dec/2010:04:24:40 -0500] "GET /mywiki/Opera%20Web%20Browser?action=edit&editor=text HTTP/1.1" 200 6346 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
code....

Let me state that I'm new at this iptables thing. I did some reading and decided that I need to make the above change to the firewall but it doesn't seem to make a difference.

View 12 Replies View Related

Fedora Security :: Any Way To Block IP Address Access?

Jul 27, 2011

I recently set up a web server at home, using a non-standard port, due to my ISP blocking 80. I just checked my log files, and I see a TON of entries indicating that a file was not found "proxy-1.php", "proxyheader.php", etc. I do not have these files, not intend to have them as part of my website. I did a whois looking by IP address for several of these, and they all seem to come from an ISP in China. Is there a way to BLOCK any IP address outside the US (that is somewhat simple to do?)

View 5 Replies View Related

Security :: Blocking A Specific IP Address From Server?

May 8, 2010

I would like to COMPLETELY block a specific IP address using iptables. I found this one:

Code:

iptables -A INPUT -p tcp -s xxx.xxx.xxx.xxx -j REJECT --reject-with tcp-reset

Will this work? How do I undo the changes later?

View 2 Replies View Related

Security :: Blocking An Ip Address Range Within Iptables?

Mar 30, 2009

I am setting up a iptables firewall on one of our servers, and I would like to block a range of addresses from getting into the system. I am using a script that does a BLACKIN and BLACKOUT methodology for specific addresses. One example is the following:

Code:

$IPTABLES -A BLACKIN -s 202.109.114.147 -j DROP
...
$IPTABLES -A BLACKOUT -d 202.109.114.117 -j DROP

What would be the correct syntax to use if I wanted to block an entire remote subnet from getting into the server?

View 4 Replies View Related

Security :: Properly Set Up Ssh To Only Allow One IP Address To Login Remotely?

Apr 6, 2010

properly set up ssh to only allow one IP address to login remotely

View 2 Replies View Related

Security :: Block Any IP Address Who Failed To Connect More Than 3 Ssh

Mar 25, 2010

how to block any IP address who failed to connect more than 3 ssh?

View 5 Replies View Related

Security :: Racoon Address Bind Failure?

Mar 11, 2010

I did not use below configuration in my racoon conf,

remote anonymous {
exchange_mode main;
lifetime time 1 hour;
proposal {
encryption_algorithm 3des;
hash_algorithm md5;

[Code]...

I've pruned your post from where you originally posted. In the future, please check the dates on threads which you're thinking about posting in. If you see they are dead (inactive for a few months or more) just let them rest in peace and start your own thread. You can always include links to reference the dead thread if you need to, as I've done here.

View 1 Replies View Related

Security :: The Server Was Hacked From So Called Tor IP Address?

Nov 14, 2010

I always use professional services to secure my servers. Everything was fine for years but a week ago my server got hacked.I don't know how the hacker got my username/password - it was not something like admin, password.9 months ago my PC was infected with some virus which connected to the FTP server by using password which was saved in CuteFTP and infected all index files with some javascript. Then I changed the user/FTP password and didn't save it anymore in Cute FTP. Of course, I checked all the folders and re-uploaded all infected files. Is it possible that this virus uploaded some hidden file which was able to get the new password for this account?

The server was hacked from so called Tor IP address. I am tiref of worrying about server security and now have an idea to get a static IP address from my ISP and to allow logins only from this IP address. What do you think about it? This idea looks good for me but are there any risks to lose access to the server. Can ISP provider change the static IP address for some reason?

View 9 Replies View Related

Ubuntu Security :: Restrict Root Logons To The SSH Server To A Single Ip Address?

Feb 26, 2010

Is it possible to restrict root logons to the SSH server to just a single ip address (or maybe a range?) I have other users connecting to the server daily so restricting ALL access to a single ip i cannot do. I need root enabled (for my own reasons) but want to lock it down a bit more.

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved