Ubuntu Security :: Is It Safe To Use Apt-get Trough Untrusted Proxies/mirrors?

Jul 10, 2010

What if someone tampered with some important security updates, and suddenly you get a rootkit instead?

View 4 Replies


ADVERTISEMENT

Debian :: Aptitude Safe Upgrade - Untrusted Packages

Jul 4, 2010

I am new to Debian (just used Gentoo until now), I run a little server for our company and clients. Unfortunately our hosting company switched us from a Gentoo system to a Debian Lenny box with Confixx and stopped maintaining it. So I will need to do the house keeping, which worries me a bit. Today I started and ran: aptitude update && aptitude safe-upgrade and got a huge list with packages to upgrade. Unfortunately, I am not confident, if I will break something upgrading (Confixx, apache) as I get the following warning message:

WARNING: untrusted versions of the following packages will be installed!
Untrusted packages could compromise your system's security.
You should only proceed with the installation if you are certain that this is what you want to do.
mysql-client mysql-server-5.1 mysql-client-5.1 mysql-common mysql-server-core-5.1 mysql-server libmysqlclient16
Do you want to ignore this warning and proceed anyway?
Is it safe to ignore it and upgrade the needed packages?

View 14 Replies View Related

Ubuntu Security :: How To Protect From Untrusted Files

Oct 8, 2010

I want to start using videos/music files downloaded from untrusted sources (BT,Sharing Forums, etc.). Haven't made this a habit b4 because of the security risks. I want to take steps to reduce the risk & protect my computer from anything malicious. What are some good choices for this? The biggest step I took so far is using Ubuntu since it's very virus resistant, but other threats do exist out there (rootkits, malicious scripts, etc.). When downloading files from untrusted sources, who knows what may be hidden inside.Some options I'm thinking about:

1) Using a VM (with Ubuntu installed inside) & playing the files inside the VM. If anything malicious happen, it would be trapped inside & I could easily revert to a clean snapshot.

2) Using AppArmor to restrict what the files or program used to play the files can/can't do. AA seems very complicated though.

Are the above overkill? Would it be sufficient enough to just open these files on a non-admin user account since no access to root or sudo?

View 4 Replies View Related

Security :: Invalid (Untrusted) Certificate - TWC Webmail

Oct 7, 2010

At the login webpage of <[URL]>, the Time Warner Cable (TWC) Webmail site, I am immediately confronted with a warning that the Security Certificate is invalid & that the site is untrusted. This occurs with Firefox, Seamonkey, & Konqueror. This does not occur on Microsoft or Apple systems; I have checked other colleagues machines. I have manually overridden the warning & everything functions fine. I have contacted TWC & am awaiting their tests. But, I would like some independent corroboration from other users in the Linux community. Could some of you perform the test yourself on this URL? An error will be readily apparent.

View 14 Replies View Related

Ubuntu Security :: Generic AppArmor Profile For Untrusted Application

Sep 3, 2010

I've read and re-read everything I can find about AppArmor, to no avail. On the whole, AppArmor isn't for me. However, rather than give up on it completely, I have an idea: create a profile that I could use as a template for any untrusted application, with the aim of 1) blocking it from network access and 2) blocking it from installing other applications. I've got as far as creating an empty profile:

Code:
# Generic AppArmor Profile for UntrustedApplication
#include <tunables/global>
/usr/sbin/UntrustedApplication {
#include <abstractions/base> }
What do I need to add to make this profile 100% permissive, except for the two exceptions stated above?

View 9 Replies View Related

Security :: Check Mail Via Tor And Browser Says Connection Untrusted?

May 20, 2011

I was recently connecting securely to the website where I have my mail account, and I connected through Tor. When doing so firefox presents me with the screen saying that the connection is untrusted and it can't verify the certificate. So I cancelled. I'm using torbutton and I turned torbutton to off and connected again with no problem. Then with torbutton on again, same thing (untrusted).

Is it possible the exit node I was going through is doing a man in the middle attack? However later when connecting through tor I did NOT get the warning about the site being untrusted. I really don't know what exit node I was using when I got the certificate warning and what exit node I was using when I did not recieve the warning. I don't know how long I stay on the same node or how/when it changes.

View 4 Replies View Related

Fedora Security :: Securing A Server For Deployment In Untrusted Zone?

Apr 1, 2010

I have to deploy a server to some customers that should not be given access to the server itself. I know that nothing is 100% secure but I've searched without finding a decent answer (maybe I googled for the wrong terms ?)I need some advice about encrypted filesystem. * The server must boot without asking for a passphrase (the server will be in a restricted access area so typing a password could take a while). I can't store the password for luks in an unencrypted file so it seems a loop to me. The only way out I can see is to store the passphrase in the boot binaries (better than nothing...) but this results in more work for me.* possibly the customer should not be able to move the hard disks to another pc, i.e. reading the passphrase from some unique hardware ID. This is risky but I could add a master passphrase to be used in case of hardware replacement

View 3 Replies View Related

Ubuntu Security :: How To Keep Keyring Safe

Nov 12, 2010

It seems to me that he passwords kept in GNU Keyring Seahorse, are not kept very safe, because if I'm logged in and someone access my cumputer they can see my passwords that are saved there. I have set a keyring password, but it seems that is it not all the time locked.What are some general follow guide rulles to make sure my passwords are kept safe and my encryption keys that I use.

View 2 Replies View Related

Ubuntu Security :: Encrypt With Right Click Safe?

Jul 13, 2011

I just found a neat way to encrypt a file in Ubuntu 10.04.

I right click on a file and select the Encrypt option. The program prompts me to "Choose Recipient" so I choose myself on the list. Then it prompts me to enter my passphrase.

Once all that's done I hit enter and it adds .pgp to the end of whatever file just encrypted. The same basic method is used to Sign the file.

Does it sound as though what I said is correct and that the file I wanted to encrypt was indeed encrypted?

Can anyone crack my files without the passphrase? I'm sure it depends on the complexity and length of the passphrase.

View 6 Replies View Related

Security :: How To Keep Safe PC Using Iptables

Dec 5, 2010

I am using Fedora on my desktop pc. I want to know how can i protact my PC from outside world. What firewall policy should i implement in iptables to keep it more secure.

View 5 Replies View Related

Ubuntu Security :: Port Fowrarding - Safe / Unsafe?

Sep 8, 2010

when I apply port forwarding to my router @ home? Is it a risk to every computer on the network or just specifically the server that is involved?

View 9 Replies View Related

Ubuntu Security :: Is It Safe To Disable The Firewall For Limewire

Sep 24, 2010

I opened a specific port in my router and manually configured Limewire to use the same port for all traffic, but I notice when I disable and turn off Firestarter when on limewire, my searches go really fast and dowaloads zoom really fast also I am not running as root. Is this ok to temporarly stop the firewall when I am on Limewire and then turn it back on when finished?

View 9 Replies View Related

Ubuntu Security :: Adblock Plus - Safe For Chromium & Firefox?

Apr 19, 2011

I would like to know if you guys think this is a safe plugin/extension to use with either Chromium or Firefox.

There is an old page that shows it had security issues in the past.[URL].. Would it be safe to use this or do you think someone could use it to steal my passwords, etc. while browsing?

View 3 Replies View Related

Ubuntu Security :: How Safe Are Updates On Public Networks

Jul 17, 2011

how safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?

View 4 Replies View Related

General :: Security - Is It Safe To Run An Old Version?

Dec 14, 2010

I'm currently running OpenSuSE 11.3. I'm afraid as newer versions are released they will demand more of my old PC (Dell Optiplex GX270). Also, I've heard of issues with newer Linux distributions having issues with older Intel hardware (just hearsay, not personal experience). However, patches for specific OpenSuSE releases have a limited window of time.So,

Am I much more at risk to security issues if I keep a version of Linux past its patch date?Is it possible to keep a specific Linux release but still be able to receive security essential updates based on my repository selection?

View 2 Replies View Related

Security :: Safe Sites To Download From?

Jun 11, 2011

How do you know if a site is safe to download from ?
Have only been using Mint 11 for 3 days after 7 years with windows and the usual safety nets there were the https headings and firewalls blocking stuff but how do you know something is safe in Linux ?
In short how do you know it's a trusted site ?

View 5 Replies View Related

Security :: Safe To Use IPTables Firewalls?

Jun 14, 2010

Other than Firestarter, how safe is it to use an iptables firewall for Linux if you know the basics of iptables but not the details and not exactly what you're doing with iptables? I want to be very secure without configuring iptables myself if possible or doing as little as possible. If you don't think iptables is safe if you don't really know what you're doing, which firewall you can use (Slackware specific, preferably) that is the easiest to install and configure? Are there any that work like free Windows firewalls, other than Firestarter? I've looked around and looked at slackbuild and can't find a Firestarter package, I searched this site also and saw something about the reason there isn't one. I'm concerned with my security and I don't want to write my own iptables firewall - I don't fully know what I'm doing.

View 6 Replies View Related

Ubuntu Security :: Firewall - IPTables Stock Settings Safe?

Apr 15, 2010

So I know Linux has iptables, I'm rather new to linux, and I'm wondering, are the stock settings with Ubuntu/Kubuntu safe? Is there anything I need to do make them more secure? I tried adding rules myself for some things but ended up just not being able to do anything so I had to reset back to stock with iptables -F. Should I be safe running as-is?

View 4 Replies View Related

Ubuntu Security :: Safe When Surfing The Web With The Defalt Installation Seetings ?

Apr 7, 2011

I am new to Ubuntu so Iwant to know,Am I safe when on-line with the default installation settings on? If not what should I do?

View 6 Replies View Related

Fedora Security :: Runscape Applet : Is It Safe To Run?

Sep 29, 2010

When I go to the Runesacpe page to run the game I get a message that says that the aplit is not signed.

Is it safe to run.

Does anyone know what it does, other than just run the game?

View 2 Replies View Related

Security :: Lightning Rod Keeps You Safe From Dirty Flashers

Jan 3, 2010

A new open source package called Lightning Rod will help to close security exploits in Adobe's dirty Flash code. A presentation made at the 26th Chaos Communication Congress showed that the package does its job by reviewing incoming code before the browser executes it. Heise Online is reporting that this method can block over 20 different known attacks and can even be used to filter out malicious JPG attacks. As more vulnerabilities are discovered they can be added to Lightning Rod to close the breach.

View 2 Replies View Related

Ubuntu Security :: Safe To Transfer Files From Infected Windows Partition?

Sep 2, 2010

My Windows XP Pro laptop has been attacked! Windows will no longer update and Microsoft Security Essentials will not update either. I've been trying to resolve the issue for over two weeks with Microsoft support, but it's just taking too long. I also tried some rescue CD options (all running some form of Linux, obviously):

- BitDefender Rescue CD (removed infections, now detects nothing),
- Kaspersky Rescue CD 10 (removed infections, now detects nothing),
- Trinity Rescue CD (won't load AV Engine, so can't use it to do anything).

Malwarebytes cleaned a bunch of stuff, but will not clean the final threat detected (it's supposed to get deleted on reboot, but never does). Hijack.FolderOptions is stuck in the accursed registry, and it keeps causing Windows Explorer to crash. I cannot rename files or work with them or everything just crashes.

So I'm ready to reinstall XP from scratch, and add a dual boot with Xubuntu & LXDE, which I'm already running on a much older laptop.

Question: I want to rescue the files I need. My idea was:

1) Install Xubuntu with dual boot.
2) Copy over files from Windows XP partition using Xubuntu.
3) Back up files to an external drive using Xubuntu.
4) Reinstall XP Pro and format hard drive.
5) Reinstall Xubuntu with dual boot.
6) Use Xubuntu for daily use.
7) Only use XP for those tasks that require it (TomTom updates ...)

Should I be concerned about the security risk from copying files from the Windows partition to the Xubuntu partition, and from there onto an external hard drive?

Is this the way to do it, or is there a better way? I just want my laptop back in working order. Right now I can't use it for anything.

View 8 Replies View Related

Ubuntu Security :: SkyDrive + Encryption - Safe Backup - ADrive's Uploader Is Not On Https

May 6, 2010

I'm trying to figure out how to use ADrive.com's 50 GB's or SkyDrive's 25 GB's of free storage to backup my computer automaticaly.

Problem's:

1. With ADrive I can select all my files at once through their website's uploader vs SkyDrive where you have to select them one by one. There are some third party programs, like Gladinet, which will mount sky drive to your computer like an extra drive, though I haven't found one for linux yet. This guy came up with a cool way to backup automagically with Windows: [URL] I am trying to figure out how to do the same thing with Linux.

2. ADrive's uploader is not on https, whereas SkyDrive is. Either way I wanted to encypt my files on my computer first so when I back them up, they are safe in case they should fall into the wrong hands, not that I don't trust Microsoft or whoever ADrive is with all my most precious documents, but I'd rather error on the side of safety.

View 1 Replies View Related

Debian Installation :: Packages (Security Sensitive) In Aptitude Safe Upgrade?

Feb 17, 2011

Today I ran
aptitude update && aptitude safe-upgrade
Like I regularly do, and I see these two packages need to be upgraded:
login passwd

Since these packages seem kinda security-sensitive I would like to know exactly why I would need to upgrade them. I checked Debian's security list but couldn't find anything relevant, and the links to the changelog for both packages are broken:
The requested URL /changelogs/pool/main/s/shadow/shadow_4.1.4.2+svn3283-2+squeeze1/changelog was not found on this server.
Where can I see what is changed in these packages so I can safely upgrade?

View 3 Replies View Related

Security :: Correct/safe Iptables Rules For Redirecting Port 80 To 8080?

Jul 13, 2010

I am setting up tomcat server on my Centos 5.5 machine. I've been advised to run tomcat on 8080 as non root user and redirect traffic to it from port 80.

I searched and found the following iptables commands for this:# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT -to-ports 8080
# iptables -I INPUT -p tcp --dport 8080 -j ACCEPTI have a doubt:

Tomcat is not accessible via port 80 without the second command. But the second command opens 8080 and makes it accessible over the internet (tomcat is accesible via both: www.<website>.com and http://<ip address>:8080). This doesn't seem right. Is there some simple (iptables) way to redirect traffic "internally" from port 80 to 8080 without having to open 8080 to the internet.

View 3 Replies View Related

Ubuntu :: Proxy Settings For Chromium / Use Different Proxies In The Two Places?

Jul 29, 2010

I have recently installed chromium in my ubuntu 10.04.

I am facing a problem. Chromium always takes the system proxy settings, and if I change the settings for chromium then system settings change too..

I want to use different proxies in the two places.

View 3 Replies View Related

Ubuntu Networking :: Http Proxies Has Blocked / How To Works Around

Jul 2, 2011

Recently My ISP provider blocked any kind of http proxies can be used in browsers. When I put my proxy settings in my browser, it keeps loading with no response. I've squid proxy running on my own server and worked fine before that modification.

View 3 Replies View Related

Ubuntu Networking :: Finding A Software Which Search+test Proxies

Feb 15, 2010

There's such thing for Ubuntu too?A software which search+test proxies... that's all I do need

View 1 Replies View Related

Ubuntu Networking :: Can't Get Trough Firewall/VPN

Nov 21, 2010

On the office we have a Firewall/VPN infrastructure. Everybody connects to internet trough an Access Point (Lynksys RWT120N), which, in turn, connects to a WatchWard/Firebox red box. I suppose this is the equipment that does the VPN stuff. Finally, the red box connects to a DSL modem from our ISP.The problem is: Everybody on the office can connect to the AP and surf the internet without any issues, excepting me when I connect with ubuntu 10.10. I have windows on the same machine and I can access the internet without problems.

What I have seen so far is that Network Manager associates with the AP, gets what I would consider all the expected information from DHCP, but internet connectivity is none.For "expected information from DHCP" i mean: IP address, gateway, and DNS.I can ping my assigned IP address, the gateway and even other machines in the same network. I cannot ping the DNS or other external IP addresses.

View 2 Replies View Related

Ubuntu Networking :: Can't Connect To Localhost Trough Lan?

Jul 22, 2010

i know it all sounds weard but ive been searching google so much now.. look the setup is kinda straight forward. We got a test server for websites. This server has lamp server configured. Now i have a Website in the apache www folder. From here on everything works fine in http://localhost or 127.0.1.1 etc etc. also i have configured virtualhosts. This so we can have a live enviroment but its actually a test enviroment.

Now i try to connect trough the lannetwork! so i goto my windows client and hit in the browser :http://(serverip+port) and also tried http://(serverip) When i do this i get a 403 forbiddin acces. I solved that problem by deleted a line in the apache2.conf wot was called : virtualHost xxx.xxx.xxx.xx: xx

Now Hes loading the page but says he cant connect to 127.0.1.1 Any1 knows a solution? (sorry for my bad grammer btw )

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved