Ubuntu Security :: How To Upgrade To GPG 1.4.10
Mar 5, 2010In Synaptic the highest release is 1.4.9.
View 2 Replies
ADVERTISEMENT
Ubuntu Security :: How To Upgrade To Clam-av 0.96.5
Nov 30, 2010I can't upgrade from debian. What should I had in APT line? How do you upgrade the engine of clam-av.
View 9 Replies View RelatedUbuntu Security :: How To Upgrade BIOS In 10.10
May 22, 2011I have established that there is a BIOS virus in this machine (I have basically done every test that can be done) And I found the flashing utility for upgading and everything, now the only problem left is installing it Whenever I try this happens.....
Code:
./BIOSUpdate/FTS_FlashBIOSUpdateLinuxBootDisk_500110_1005782.SH
Flash FirstBIOS Update Diskette
V5.00 R1.10.2164.A1
[code]....
Now I did that while logged in as root....
sudo ./BIOSUpdate/FTS_FlashBIOSUpdateLinuxBootDisk_500110_1005782.SH
I also tried above command logged in as root and the 'normal' admin account. the usage instructions that I obtained from the manufacturer are: The BIOS Update File is a .sh file (Shell Script), which enables you to create a bootable disk to update the BIOS.The script only works if there is a C-Compiler installed at usr/bin/cc and the user has write access on dev/fd0 (e.g. if not filed as Root).
Ubuntu Security :: Enigmail Not Working After Upgrade?
Nov 13, 2010I recently upgraded to Ubuntu 10.10. This was a clean install, so all packages are up to date.
I'm using Thunderbird 3.1.6 with Enigmail 1.1.2.
Thunderbird works OK, but if I try to create an encrypted message, I get an error saying that the Enigmime module is not available. When I checked the Enigmail 'About Open PGP' details, it showed the following message:
Running Enigmail version 1.1.2 (20100630-0917)
Warning: Enigmime module not available
ERROR: Failed to access Enigmime service!
Enigmime Service not available
Ubuntu Security :: ClamAV Cant Upgrade Or Install??
Dec 10, 2010what a horrendous piece of software. Ive been at it 3 days trying to do something that ought to be simple and everytime i solve one problem another problem arises. at first I removed the old clamav 9.5 or something. I got the latest ubuntu release btw, and Clamav used to work when i first installed it in the previous ubuntu release. anyway, it asked me to upgrade, so since synaptic doesnt have the latest, i downloaded from sourceforge. I did the whole ./configure gave me errors like need build-essentials-- which i then did, error: need zlib.dv--- I did that one too. Now two more errors that i need to fix so I can compile it.
View 1 Replies View RelatedUbuntu Security :: Clamav 0.97 New Version Upgrade Available
Feb 8, 2011I checked on clamav web site but no way to install it yet on Maverick.
View 4 Replies View RelatedCentOS 5 :: 5.6 Upgrade - Security For Remote Access?
Aug 19, 2011I setup a remote web server yesterday evening, which had Centos 5.3 on it. This went well, and I did this mostly over vnc, to get a GUI. However, I hadn't realised that there was a pending cron job to 'yum upgrade'. So, come 2am, 5.3 turned into 5.6. I carried on the install today, but after some time (I'm not sure exactly how or when), I lost the ability to run any GUI system config tools that required root login. I also lost the ability to run anything graphical - emacs, for example, when I was already root in an xterm.
/var/log/secure isn't telling me anything. It claims that it's running the config tool on my behalf, but nothing happens. If I try to run emacs, I get a message saying that the X server isn't responding. Could this be related to the upgrade? It feels like a PolicyKit problem - I've seen something similar on 6.0 for remote access over vnc - but 5.6 isn't running PolicyKIt.
General :: Upgrade Kernel Of Auditor Security Collection?
Apr 21, 2011i want to upgrade my kernel of auditor security collection which i have installed on my hardisk.The kernel version is 2.6.11.
View 12 Replies View RelatedSecurity :: CentOS 5.5 Upgrade - IPTables SSH Auto Blocking
Jun 6, 2011I have a fiberoptic broadband 20MB synchronous pipe at my home. Over summer at my place of employment its pretty much dead for 3 months so when I'm not busy I play around on my home server. I have my 20mb pipe going directly into my wrt54gl, from there I have a wired connection going to my server (Centos 5.3 recently upgraded to 5.5 through updates.) It serves as a file server(Samba, SSH). My wrt54gl handles natting port 22 to my server. I have my wireless AP setup to hand out leases from .2-.20 and my server has a static of .100. Dyndns.org handles my name resolution via their free account method.
I have a Mac Pro, iMac, Macbook, and a Toshiba Laptop with 64bit 7 running off wireless along with our cell phones, and my XBOX 360 also is wired directly for the gaming speed. I use all of the computers around my home to access the samba shares via unc path for file sharing and or working on projects. I had originally planned to upgrade the wrt54gl with a cisco e3200 or an e3000 but unfortunately I've come to find out dyndns and the e lines of cisco wireless AP's dont work with dyndns and get banned. So I would have to install the daemon on my server and put it as a directly connected server to my WAN link and install a second ethernet card and pass traffic through my server for the rest of my home which I am not going to do.
All of the previous sentence because it would update dyndns with a 192.168.x.x address since its not directly connected. I use a combination of putty.exe and vnc viewer to tunnel 5900 through port 22 to my server. So from anywhere I am at I can access my screen securely and then rdp or vnc to the desktop of my local LAN computers. This allows me to only have port 22 open. I've been looking at my ssh logs and noticed I have been getting hit alot with ssh scans. I want to implement an iptables firewall on my linux machine just for the purpose of further securing port 22. I dont necessarily need natting on the iptables firewall but all I need is ssh in and out, web in, and samba out to local ip's only.
For SSH this is what I want. I want to allow SSH from any IP but if it tries to login more than 3 times in one minute I want to block that IP for a full minute before it can try 3 more attempts. I also would like log to a file but have been having issues getting that to work as well. That way when I review logs and I see that an ip tries three times and then waits a minute and tries three more, etc... I can permanently block that ip or range of ip's by adding it to the iptables script. Here is my current iptables script and it doesnt seem to be working for me. I have played with this and read for almost two weeks and still cannot get it to work correctly.
Code:
#!/bin/bash
# In order to use this iptables firewall script you must have iptables installed. You also must be using a 2.4.x series Kernel, with iptables suppport compiled into it, which is standard for most newer linux distributions.
# If you need help compiling iptables into your kernel, please see our kernel Compile/Upgrade Guide located at [URL]
# Once the script has been edited with all your relevant information (IP's Network Interfaces, etc..) simply make the script executable and run it as root.
# chmod 700 fw_rules.sh
# ./fw_rules.sh .....
# Our final trap. Everything on INPUT goes to the dropwall
# So we don't get silent drops.
$IPT -A INPUT -j dropwall
Debian Installation :: Packages (Security Sensitive) In Aptitude Safe Upgrade?
Feb 17, 2011Today I ran
aptitude update && aptitude safe-upgrade
Like I regularly do, and I see these two packages need to be upgraded:
login passwd
Since these packages seem kinda security-sensitive I would like to know exactly why I would need to upgrade them. I checked Debian's security list but couldn't find anything relevant, and the links to the changelog for both packages are broken:
The requested URL /changelogs/pool/main/s/shadow/shadow_4.1.4.2+svn3283-2+squeeze1/changelog was not found on this server.
Where can I see what is changed in these packages so I can safely upgrade?
Ubuntu Security :: Check For Updates To The Current Version Of Rkhunter And Upgrade To A New Version?
Sep 18, 2010How do i check for updates to the current version of rkhunter and if possible upgrade to a new version?
View 2 Replies View RelatedUbuntu :: Upgrade Manager Calls These Things "Important Security Upgrades"
Mar 17, 2011when i got my starling netbook 6 months ago it worked perfectly. due to upgrades since then i now have problems with printing, sound and videos. there are probably solutions to all of these things if i spent hours here on the forum asking questions, and trying different solutions, but it seems like a lot of work.
upgrade manager calls these things "important security upgrades". are they really important to security? would my computer be dangerously vulnerable to attack if i never did an upgrade?
Fedora Security :: Cannot Open /var/db/sudo After Sudo Package Upgrade?
Sep 16, 2010A day ago I finally got around to upgrading the PackageKit installation that had been sitting for a week and a half, so I found a new upgrade for sudo available - the one that gives the sudoreplay command, I forget which version number it is exactly. When I try to use the sudo command I get this notice in my terminal:Code:Can't open /var/db/sudo/me/1: Permission deniedI didn't get it before. What do I have to do to make it open? I'm using SELinux in enforcing mode if that helps.
View 1 Replies View RelatedUbuntu Installation :: Upgrade From 10.04 To 10.10 Error "Could Not Calculate The Upgrade An Unresolvable Problem Occurred While Calculating The Upgrade"
Feb 12, 2011I keep getting the following msg as I try to upgrade from 10.04 -> 10.10 ... "Could not calculate the upgrade An unresolvable problem occurred while calculating the upgrade: E:Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages. This can be caused by:
* Upgrading to a pre-release version of Ubuntu
* Running the current pre-release version of Ubuntu
* Unofficial software packages not provided by Ubuntu
If none of this applies, then please report this bug against the 'update-manager' package and include the files in /var/log/dist-upgrade/ in the bug report." I don't think any of the issues above apply - can anyone offer advice on how to get around or "force " the upgrade
Ubuntu Security :: Login Panel Is Worse From Security View Point
Jan 19, 2010ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?
View 5 Replies View RelatedUbuntu Security :: Selecting The 'Available To All Users' Option In Network Mgr Mess With Security?
Oct 15, 2010To avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?
View 3 Replies View RelatedUbuntu Security :: Basics Of Good Security Of Small Commercial Website?
Jan 17, 20111. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
Ubuntu Security :: Updated Browsers Using Update Manager Have Lost Security Login Pages For Web Mail?
Mar 3, 2011i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :
!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM
[code]....
Ubuntu Security :: Internet Security Status Feeds Via Conky?
Mar 29, 2010Conky can be used to display a variety of information on the users desktop. I wanted to use Conky instead to display the current status of security as reported by:
SANS Internet Storm Center
IBM Internet Security Systems
Symantec Threatcon
McAfee Threat Center
I therefore created 4 small scripts which download the current status from these sites, and set the colour of those status's depending on the current value.The conky configuration allows for a semi-transparent background - though this is optional.Attached is an example image showing the 4 different colours.Also attached is an archive with the 4.sh files, .conkyrc and draw_bg.lua (from here http:[url].....
Ubuntu Security :: Guidance On Installing Basic Security Software?
May 29, 2010I just installed Ubuntu on a desktop. Can anyone give me some guidance on installing basic security software? In particular, I'm looking for a firewall, antivirus, and anti-spyware/malware utilities.
View 2 Replies View RelatedUbuntu Security :: Changing Password Seem To Be Potential Security Hazard?
Aug 3, 2010I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...
When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.
So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.
If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.
Ubuntu Security :: Router - Port Forwarding And Network Security
Nov 11, 2010As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
Ubuntu Security :: Is Posting The Hardware Address A Security Risk
Feb 28, 2011When posting results from ifconfig, it shows the hardware address of etho, etc. Would you consider that to be a security risk ?
View 9 Replies View RelatedUbuntu Security :: Installing LAMP Server On Laptop - Security?
May 8, 2011I'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
View 3 Replies View RelatedUbuntu Security :: Why Isn't Ufw Enabled By Default For Network Security At Installation
Jun 7, 2011The default Firewall ufw is not enabled by default at the time of installation and it has to be enabled by the user.Isn't this a security risk or is the user whether ufw is enabled or not secured from external threats?I am not much knowledgeable about network security But I am trying to understand the Ubuntu mentality behind this default setting.
View 4 Replies View RelatedUbuntu Security :: Best Solution To Protect Server From Security Threats?
Jul 22, 2011I've recently been running a game server from my desktop, as well as a web page to accompany it.I use the ports 80/8123(HTTP)/5900(VNC)/50500(GAME)/5839(ADMINISTRATION).What's the best solution to protect my server from security threats? On a side note, I plan on adding a MySQL server later, but I want to keep it local only.
View 9 Replies View RelatedUbuntu Security :: Wireshark Security Root Privileges?
Mar 25, 2010Having read on the forums about some of the dangers of running Wireshark as root, I would like to know if anyone can suggest some alternative packet sniffers/network analyzers which will offer similar results but without the security issues. I am using Karmic Koala on a Fujitsu Siemens laptop with wireless router (firewall enabled)
View 7 Replies View RelatedUbuntu Security :: Thunderbird Security Vulnerability Updates
Apr 2, 2010So yesterday I receive a copy of the SANS @RISK security vulnerability newsletter, and, lo and behold, Mozilla's Firefox and Thunderbird are on it yet again. (Yeah, I know, shocking, isn't it?)So I quickly check what versions I have installed. Yup: Vulnerable.I check whether updates are available.These are pretty serious "remote code execution" vulnerabilities and the status is "vendor confirmed, updates available." So why isn't my 9.10 desktop's update manager telling me updates are available?
View 9 Replies View RelatedUbuntu Security :: Security - Change Home Priviledges?
Jun 15, 2010I have read that to improve security in Ubuntu a good fix is to make the /home folder tree non-executable by default. This would mean that malware could not run in the /home tree without changing the setup.Is this a viable change, or is it just icing on the cake, any one any thoughts on this.
View 9 Replies View RelatedUbuntu Security :: Security Changed In Remote Desktop?
Jul 6, 2010I always use VNC to check my server for updates, and this morning I started the xvnc4viewer to vnc into my server and it keep asking for a password. I never setup a password because I do this local from my laptop, and I am the only one who uses my laptop. I had to go to my server and check the setting in System > Preferences > Remote Desktop and found them all changed. There was a password setup and there was a check mark in the you must confirm each access to this machine there some security update that changed all these setting? Sometimes when I do updates I don't know what is being changed on my server
View 9 Replies View Related