Ubuntu Security :: Password Hacking By Bruteforce?
Jan 4, 2010
I think it is very easy to hack passwords in Linux, but I did not try it yet. If you use sudo you get 3 attempts for the correct password. But if you get enough time it should be no problem to hack it by bruteforce. Imagine a script an attacker places on your machine which runs for a few hours or days. I think it is much more effective to delete the user out of the admin (or adm?) group so that user cannot be any danger anymore. You would have to login with root and readd the user then.
You now say: but if you login with root you got almost the same effect as with sudo. Of course it is the same. That is why I would use a system (not sure which yet) to create sub enviroments of your OS, which got the attribute that they can run without root, only got one account that can sudo and once sudo access is denied there is no other way to login as root. You just can repermit sudo access by the parent os layer.
Curruntly using Ubuntu 9.10!I am eager to know where the hacking begins in linux? The stuff like netstat, telnet, or mail-forging or even pinging...ho do we do that in linux?
I went away from home for a few days, ... Now I am back at home and noticed, that my server is going out with 100% available bandwidth. The server is mainly Http / Ftp / Mail server, so I stopped all services, to see which one it is. ervices stopped, still 100Mbps go out like ants in the flood.
I updated the system, made a backup, installed IPtraf. It seems that I have something 'installed' and my server is running something to attack User computers. It seems to try to find something on random IP's random ports. I am a little bit confused now. As long as my sites are running, I'm ~OK~ but sooner or later I would like to have my bandwidth back. How could I try to hunt down which service/app/process got hacked?
It seems that the monetary system of our society got now more enemy's than friends. Capitalism seems to reach it's end. But my server is serving also ART! Sooner or later we will need to pay copyright even for our thoughts. I was reading today, that the French president wants to punish file sharing as his wife made 3 albums, and wants to get some money ..
My server (CentOS 5.4) is being bombarded 24x7 with IP addresses from China trying to exploit phpMyAdmin. For every one I block on the firewall, half a dozen come to the funeral! It's a pity these morons don't have something better to occupy their time. I'm getting page after page of this (see below) every day and it's been going on for weeks. I don't even have phpMyAdmin on the server. I don't use it and I deleted it.
I've read that you can use .htaccess and / or mod_rewrite to redirect / block them based on any query for phpMyAdmin (they try all letters in upper and lower case, leading to page after page). Unfortunately, I have no idea of how to do this. I already have an .htaccess file. Maybe someone can suggest what to add to stop these pests from wasting my bandwidth and suggest somewhere I could redirect them to to cause them maximum problems. I don't want to block the entire country, seems a bit like overkill, not all Chinese are morons. we aren't even in the USA, so why they are doing this is beyond me.
A TINY sample! [Sun Aug 08 13:29:08 2010] [error] [client 61.191.41.53] File does not exist: /var/www/corp/phpMyAdmin-2.7.2
everytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?
I know this has probably been asked too many times here but I need to secure my emails. Personal matters of course. But yeah. I use the program "Password and Encryption Keys" to generate a key to sign my emails with but I do not know what to do. To be blunt, I'm stupid when it comes to this. IF not, steps in creating a key? and giving it (my public key) to the significant other? Finding where both keys are? Implementing it into Thunderbird? If it helps any here's some extra information: Ubuntu distro: Ubuntu 10.04 Email client: Thunderbird
How can I force passwd to use a simple password?I want to change my passwd & delete passwd history (if stored).I plan on creating a Virtual Appliance that uses another password besides my testing password.
I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...
When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.
So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.
If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.
I have a database created by an older program (not Access) that I need to open and retrieve information for my business. The manufacturer put a password on there so that only it's program could open it. I do not use that program, but it has information I need. Is there a way to find that password or circumvent the password altogether?
I am having a problem with nautilus since today. I was hacking on glib and trying a few things with the way stuff gets mounted, after a while i noticed that nautilus was seriously broken. Network, Computer, and all volumes are not displayed anymore. I wanted to revert to the original state, and tried to reinstall glib, gvfs and nautilus with the packet manager, but it didnt change anything. how i can restore everything to normal. I tried running nautilus as root or reinstall gvfs-backend and other things but it didnt work.
I am new to all this so I don't understand much of the language used in linux or backtrack, but I founded in a forum how to hack wep and I did this steps: I have a IWL 4965 AGN I tried to hack a wireless but I get errors, this is what I did:
ERROR: Neither the sysfs interface links nor the iw command is available. Please download and install iw from dl.aircrack-ng.org/iw.tar.bz2 So I downloaded this from the Page and tried to install it.
6)cd '/root/iw' iw# make CC iw.o iw.c:11:31: error: netlink/genl/genl.h: No such file or directory iw.c:12:33: error: netlink/genl/family.h: No such file or directory iw.c:13:33: error: netlink/genl/ctrl.h: No such file or directory iw.c:14:25: error: netlink/msg.h: No such file or directory iw.c:15:26: error: netlink/attr.h: No such file or directory iw.c: In function 'nl80211_init': iw.c:25: error: implicit declaration of function 'nl_handle_alloc' iw.c:25: warning: assignment makes pointer from integer without a cast iw.c:31: error: implicit declaration of function 'genl_connect' iw.c:37: error: implicit declaration of function 'genl_ctrl_alloc_cache' iw.c:37: warning: assignment makes pointer from integer without a cast iw.c:44: error: implicit declaration of function 'genl_ctrl_search_by_name' iw.c:44: warning: assignment makes pointer from integer without a cast iw.c:54: error: implicit declaration of function 'nl_cache_free' iw.c:56: error: implicit declaration of function 'nl_handle_destroy' iw.c: In function 'nl80211_cleanup': iw.c:62: error: implicit declaration of function 'genl_family_put' make: *** [iw.o] Error 1
Not for illegal purposes of course, it's just my computing teacher bet me that I couldn't obtain the schools wireless key without actually asking someone for it. Now I am an idiot and can't get anything like airsnort etc to work. So I was wondering if there is a nice simple"click here then click here then done" GUI I could use. O btw the encoding is WEP.
I am looking for resources to learn how to put linux on usb devices. I have a Zune 30G that I'm itch'n to try and break into but I have no idea where to start. I also have a Sandisk clip 2Gb that I can practice on,before tackling something that no one has been able to so far.
& it seems that it's somebody who's at Zhanjiang Ocean University in china I've got the firewall enabled, but how do u set up rules to stealth the server's IP address to make it invisible & disable ssh so only I can log into the server to fix any problems (eithernet cable) not over the net
So, there are these source packages i downloaded, which i want to build with slightly different configure options due to a bug in debian: hfd5-serial and hdf5-openmpi cannot coexist, yet some packages require the serial version of the lib , others require the openmpi.
I downloaded the sources, in order to build them, without the hdf5 thing...
I have already built this from source in Scientific Linux, and i know this can be done without hdf5.
Where do i hack into the debian source tree of a package to remove a configure option...?
From this thread I've decided to try add a feature of removing local port forwardings in ssh.Here are some very ugly and not-yet working hacks what I made so far:
* Patch for channels.c * Patch for channels.h * Patch for clientloop.c
I was clearly expecting this to work without any troubles-everything seem to be logically correct, but I made a programming mistake somewhere: don't know where, maybe you will point me to this?Many sites say there is a WAY AROUND with -D param(starting socks proxy as a tunnel-generator), added since 5.2, but I don't need that way around. I need a way through. I use exact ports for exact services and if I want to change it runtime I'd like to have ability to do so.If you have other ideas or points instead of coding this, please share them here & here(original question).
I'm new to ubuntu. Now iam using Karmic Koala. I want to change my password. So i used,
system->Administration->users and groups to change my password . As i entered my new password and clicked on 'Change Password', It is saying, 'password changed'. But when I click the close button in the main users and groups window, it is asking for my password, and I am forced to enter my old password only.
After the window is closed, i logout to check whether my password is changed. But it is not. I have to enter my old password to login.
i set my pass on ubuntu 10.4 and it work so good on installing app but suddenly it stopped working i thought i would restart my pc i tried to inter my pass again ubuntu don't accept it although it's surely true
I had this great idea to try and change the UBUNTU password. So I took not so drastic effort..I went to System>Administration>Users and Groups. There I clicked on my login name.Clicked on Properties and used the Change Password Button to Change my login password. I did that. [I thought this is the way to change the login password]. After that as usual I tried to launch the Empathy! It started asking me about some Keyring password! I gave my new password and it worked. Now, the weirdness of the issue is that..
1)If I want to login to UBUNTU..I have to give the Old Password [The password which I gave when installing Ubuntu;as if the password change has not come into affect] oO mount..I have to give old password To update I have to give old password. But! 2)To get my things done in Empathy..that is to get the Keyring Challenge done! I have to give the new password and old password does not work here.
I want to stop empathy from asking me about the KEYRING thing. Roll back the system to the previous state; before the password change thing. What exactly went wrong or right? and What is really happening to my system. I mean things are all normal, so far..but why the two passwords? I dont use any heavy things on my machine..just a bit of browsing and Empathy..thats all.and only the default applications are installed on my machine. I use Ubuntu Karmic 9.10.
I need to be able to capture a users password when they login. I am well aware of the security issues with this and I'm ok with this.
We run a call center and I am working on migrating from windows to Kubuntu for the callers. It's policy that all callers must report their password to me, so I already know of everyone's password. There has to be some variable/script that I can "hack" to get the password they typed in to the login screen.
What I'm trying to do is that when a user logs in in for the first time, their profile is automatically created and set up. Setting up network drives, email, pidgin (which the password is stored in plain text anyway, so forget about security on that one), web apps, etc.
Trying to find information on How to capture a users password and all have been responded with the usual lecture on why you shouldn't do this. So I've heard it all before and I know of the risks. Like I said, I already have the callers password on file. If I could capture it, I wouldn't have to manually setup each profile every time we get a new caller, which is often since turnover is quite high in call centers.
Every time I log in, I get the "password for keyring default" question two or three times, unless I enter it immediately as it pops up, sometimes even that doesn't prevent it from respawning. What could be causing this? I'm using Maverick.
P.S. Hmm, I don't think I'll be watching the lunar eclipse much now, the sky is covered with smoke, maybe it's lunar apocalypse.
I decided to stop using my password to enter Ubuntu (recently installed) and switch to automatic start up. Hit the relevant key, then restart. Received three notices, closed two, entered pass to get encryption code at third, then nothing but a blank, Ubuntu-colour screen. Unable to open Ubuntu. How the heck to I get myself out of this trap?