Ubuntu Security :: Port Fowrarding - Safe / Unsafe?
Sep 8, 2010when I apply port forwarding to my router @ home? Is it a risk to every computer on the network or just specifically the server that is involved?
View 9 Replies
ADVERTISEMENT
Security :: Correct/safe Iptables Rules For Redirecting Port 80 To 8080?
Jul 13, 2010I am setting up tomcat server on my Centos 5.5 machine. I've been advised to run tomcat on 8080 as non root user and redirect traffic to it from port 80.
I searched and found the following iptables commands for this:# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT -to-ports 8080
# iptables -I INPUT -p tcp --dport 8080 -j ACCEPTI have a doubt:
Tomcat is not accessible via port 80 without the second command. But the second command opens 8080 and makes it accessible over the internet (tomcat is accesible via both: www.<website>.com and http://<ip address>:8080). This doesn't seem right. Is there some simple (iptables) way to redirect traffic "internally" from port 80 to 8080 without having to open 8080 to the internet.
Ubuntu Security :: SSH Port Forwarding, Disable Or Edit A Forwarded Port?
Nov 1, 2010sudo ssh -L 750:192.168.123.103:873 username@192.168.123.103It does exactly what it's supposed to do, but how do i edit / remove this rule?Is there some config file where i can alter the forwarding? How does it get stored?Im using Ubuntu 10.10Server Edition (allthough i recon it would be pretty much the same across all versions
View 5 Replies View RelatedSecurity :: Iptables: Verify Traffic On Port To Check If It Is Legitimate For That Port?
Apr 18, 2011Is there any way to verify if packets being trafficked over a certain port are valid for the service you want to use this port for?
One obvious example that probably clarifies my question:
When I open port 443 (outgoing or incoming) for https/ssl traffic, I don't want this port to be used for say openvpn traffic.
Thus: when someone wants to surf to a website with https, it should be ok but if someone wants to connect to his home openvpn server over that same port, it should be blocked.
Security :: Port-bind Shellcodes Work With Port-forwarding?
Apr 27, 2011I'll explain this in one sentence: Is it possible to program a port-binding shellcode in which people across the Internet can connect to, without being thwarted by the router blocking their data because the port its bound to doesn't allow port-forwarding
View 2 Replies View RelatedUbuntu Security :: How To Keep Keyring Safe
Nov 12, 2010It seems to me that he passwords kept in GNU Keyring Seahorse, are not kept very safe, because if I'm logged in and someone access my cumputer they can see my passwords that are saved there. I have set a keyring password, but it seems that is it not all the time locked.What are some general follow guide rulles to make sure my passwords are kept safe and my encryption keys that I use.
View 2 Replies View RelatedUbuntu Security :: Encrypt With Right Click Safe?
Jul 13, 2011I just found a neat way to encrypt a file in Ubuntu 10.04.
I right click on a file and select the Encrypt option. The program prompts me to "Choose Recipient" so I choose myself on the list. Then it prompts me to enter my passphrase.
Once all that's done I hit enter and it adds .pgp to the end of whatever file just encrypted. The same basic method is used to Sign the file.
Does it sound as though what I said is correct and that the file I wanted to encrypt was indeed encrypted?
Can anyone crack my files without the passphrase? I'm sure it depends on the complexity and length of the passphrase.
Security :: How To Keep Safe PC Using Iptables
Dec 5, 2010I am using Fedora on my desktop pc. I want to know how can i protact my PC from outside world. What firewall policy should i implement in iptables to keep it more secure.
View 5 Replies View RelatedUbuntu Security :: Is It Safe To Disable The Firewall For Limewire
Sep 24, 2010I opened a specific port in my router and manually configured Limewire to use the same port for all traffic, but I notice when I disable and turn off Firestarter when on limewire, my searches go really fast and dowaloads zoom really fast also I am not running as root. Is this ok to temporarly stop the firewall when I am on Limewire and then turn it back on when finished?
View 9 Replies View RelatedUbuntu Security :: Adblock Plus - Safe For Chromium & Firefox?
Apr 19, 2011I would like to know if you guys think this is a safe plugin/extension to use with either Chromium or Firefox.
There is an old page that shows it had security issues in the past.[URL].. Would it be safe to use this or do you think someone could use it to steal my passwords, etc. while browsing?
Ubuntu Security :: How Safe Are Updates On Public Networks
Jul 17, 2011how safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?
View 4 Replies View RelatedGeneral :: Security - Is It Safe To Run An Old Version?
Dec 14, 2010I'm currently running OpenSuSE 11.3. I'm afraid as newer versions are released they will demand more of my old PC (Dell Optiplex GX270). Also, I've heard of issues with newer Linux distributions having issues with older Intel hardware (just hearsay, not personal experience). However, patches for specific OpenSuSE releases have a limited window of time.So,
Am I much more at risk to security issues if I keep a version of Linux past its patch date?Is it possible to keep a specific Linux release but still be able to receive security essential updates based on my repository selection?
Security :: Safe Sites To Download From?
Jun 11, 2011How do you know if a site is safe to download from ?
Have only been using Mint 11 for 3 days after 7 years with windows and the usual safety nets there were the https headings and firewalls blocking stuff but how do you know something is safe in Linux ?
In short how do you know it's a trusted site ?
Security :: Safe To Use IPTables Firewalls?
Jun 14, 2010Other than Firestarter, how safe is it to use an iptables firewall for Linux if you know the basics of iptables but not the details and not exactly what you're doing with iptables? I want to be very secure without configuring iptables myself if possible or doing as little as possible. If you don't think iptables is safe if you don't really know what you're doing, which firewall you can use (Slackware specific, preferably) that is the easiest to install and configure? Are there any that work like free Windows firewalls, other than Firestarter? I've looked around and looked at slackbuild and can't find a Firestarter package, I searched this site also and saw something about the reason there isn't one. I'm concerned with my security and I don't want to write my own iptables firewall - I don't fully know what I'm doing.
View 6 Replies View RelatedUbuntu Security :: Router - Port Forwarding And Network Security
Nov 11, 2010As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.
At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.
As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.
Ubuntu Security :: Firewall - IPTables Stock Settings Safe?
Apr 15, 2010So I know Linux has iptables, I'm rather new to linux, and I'm wondering, are the stock settings with Ubuntu/Kubuntu safe? Is there anything I need to do make them more secure? I tried adding rules myself for some things but ended up just not being able to do anything so I had to reset back to stock with iptables -F. Should I be safe running as-is?
View 4 Replies View RelatedUbuntu Security :: Is It Safe To Use Apt-get Trough Untrusted Proxies/mirrors?
Jul 10, 2010What if someone tampered with some important security updates, and suddenly you get a rootkit instead?
View 4 Replies View RelatedUbuntu Security :: Safe When Surfing The Web With The Defalt Installation Seetings ?
Apr 7, 2011I am new to Ubuntu so Iwant to know,Am I safe when on-line with the default installation settings on? If not what should I do?
View 6 Replies View RelatedFedora Security :: Runscape Applet : Is It Safe To Run?
Sep 29, 2010When I go to the Runesacpe page to run the game I get a message that says that the aplit is not signed.
Is it safe to run.
Does anyone know what it does, other than just run the game?
Security :: Lightning Rod Keeps You Safe From Dirty Flashers
Jan 3, 2010A new open source package called Lightning Rod will help to close security exploits in Adobe's dirty Flash code. A presentation made at the 26th Chaos Communication Congress showed that the package does its job by reviewing incoming code before the browser executes it. Heise Online is reporting that this method can block over 20 different known attacks and can even be used to filter out malicious JPG attacks. As more vulnerabilities are discovered they can be added to Lightning Rod to close the breach.
View 2 Replies View RelatedUbuntu Security :: Safe To Transfer Files From Infected Windows Partition?
Sep 2, 2010My Windows XP Pro laptop has been attacked! Windows will no longer update and Microsoft Security Essentials will not update either. I've been trying to resolve the issue for over two weeks with Microsoft support, but it's just taking too long. I also tried some rescue CD options (all running some form of Linux, obviously):
- BitDefender Rescue CD (removed infections, now detects nothing),
- Kaspersky Rescue CD 10 (removed infections, now detects nothing),
- Trinity Rescue CD (won't load AV Engine, so can't use it to do anything).
Malwarebytes cleaned a bunch of stuff, but will not clean the final threat detected (it's supposed to get deleted on reboot, but never does). Hijack.FolderOptions is stuck in the accursed registry, and it keeps causing Windows Explorer to crash. I cannot rename files or work with them or everything just crashes.
So I'm ready to reinstall XP from scratch, and add a dual boot with Xubuntu & LXDE, which I'm already running on a much older laptop.
Question: I want to rescue the files I need. My idea was:
1) Install Xubuntu with dual boot.
2) Copy over files from Windows XP partition using Xubuntu.
3) Back up files to an external drive using Xubuntu.
4) Reinstall XP Pro and format hard drive.
5) Reinstall Xubuntu with dual boot.
6) Use Xubuntu for daily use.
7) Only use XP for those tasks that require it (TomTom updates ...)
Should I be concerned about the security risk from copying files from the Windows partition to the Xubuntu partition, and from there onto an external hard drive?
Is this the way to do it, or is there a better way? I just want my laptop back in working order. Right now I can't use it for anything.
Ubuntu Security :: SkyDrive + Encryption - Safe Backup - ADrive's Uploader Is Not On Https
May 6, 2010I'm trying to figure out how to use ADrive.com's 50 GB's or SkyDrive's 25 GB's of free storage to backup my computer automaticaly.
Problem's:
1. With ADrive I can select all my files at once through their website's uploader vs SkyDrive where you have to select them one by one. There are some third party programs, like Gladinet, which will mount sky drive to your computer like an extra drive, though I haven't found one for linux yet. This guy came up with a cool way to backup automagically with Windows: [URL] I am trying to figure out how to do the same thing with Linux.
2. ADrive's uploader is not on https, whereas SkyDrive is. Either way I wanted to encypt my files on my computer first so when I back them up, they are safe in case they should fall into the wrong hands, not that I don't trust Microsoft or whoever ADrive is with all my most precious documents, but I'd rather error on the side of safety.
Debian Installation :: Packages (Security Sensitive) In Aptitude Safe Upgrade?
Feb 17, 2011Today I ran
aptitude update && aptitude safe-upgrade
Like I regularly do, and I see these two packages need to be upgraded:
login passwd
Since these packages seem kinda security-sensitive I would like to know exactly why I would need to upgrade them. I checked Debian's security list but couldn't find anything relevant, and the links to the changelog for both packages are broken:
The requested URL /changelogs/pool/main/s/shadow/shadow_4.1.4.2+svn3283-2+squeeze1/changelog was not found on this server.
Where can I see what is changed in these packages so I can safely upgrade?
Ubuntu :: Unsafe Gpg.conf File Permissions
Apr 6, 2010I have seen this issue come up previously in the forum: external program calls are disabled due to unsafe options file permissions But the resolutions previously posted have not worked for me:
[code]...
Ubuntu Networking :: Page Says Unsafe Wireless Network
Jun 4, 2010for wireless when im out i can use some open wifi fine, but some give me a page that says the network is unsafe something about tunnel i think it was.
View 3 Replies View RelatedGeneral :: Unsafe To Have A Ssh Key With Out Pass Phrase?
Jul 27, 2010Is it complete unsafe to have a ssh key with out pass phrase ?
View 4 Replies View RelatedSlackware :: Unsafe To Upgrade The Kernel With Slapt-get?
Jan 29, 2010I noticed that slapt-get excludes a lot of package titles based on aaa, glibc, and kernel. I've been wondering why, and haven't been able to find any definitive answers... Anyone here have any ideas on why that is? My Slackware installation is currently kernel 2.6.29.6 (I think) and the newest available on the official repositories is 2.6.32.5 (or something like that).
When I put in slapt-get --upgrade it spits out about 15 packages that are excluded that it won't upgrade. Now, I know I can remove the exclusions by editing the slapt-get configuration file, but I don't want to if it's going to screw something up. So my question is: Is there a reason those are excluded? Is it unsafe to upgrade the kernel with slapt-get?
General :: NTFS Drive Damaged After Unsafe Removal From Windows 7
Jun 5, 2011some info on the drive - it's a USB 2.0 portable hard drive (PQI H560), one partition spanning all 640GB, NTFS. Used almost exclusively on Linux (arch and ubuntu), but initially formatted on Windows 7.The hard drive has quite a lot of hard links on it, as it was a timemachine-like backup system.And now the issue itself:Today I made the mistake of taking out my portable hard drive from my Linux system and plugging it in a Windows 7 box. Everything worked nice, I took a movie from the drive, and it lay dormant for an hour or so. After that I took the drive out (forgot to unmount :/) and put it back in my Linux.
Any idea why did it break so bad? I thought NTFS was kind of durable.Best if there would be something nondestructive (be able to get the data while preserving every bit of the drive in it's current state - just to be sure it doesn't break anything)
Fedora :: SELinux Has Prevented Wine From Performing An Unsafe Memory Operation
Nov 9, 2010I have installed Wine on my Fedora 14 and got Security alert.SELinux has prevented wine from performing an unsafe memory operation.SELinux denied an operation requested by wine-preloader, a program used to run Windows applications under Linux. This program is known to use an unsafe operation on system memory but so are a number of malware/exploit programs which masquerade as wine. If you were attempting to run a Windows program your only choices are to allow this operation and reduce your system security against such malware or to refrain from running Windows applications under Linux. If you were not attempting to run a Windows application this indicates you are likely being attacked by some for of malware or program trying to exploit your system for nefarious purposes. My concern is if i hide this attempt, it will not stop wine to from trying to do it, only hide security alerts. This alert is occurred already nearly 5000 times in last 30 min and counting. Wine server is using 10% CPU on this, so only to hide alerts is not a solution, isn't it?
View 5 Replies View RelatedSecurity :: Making Box "safe Enough" By Using The Flashblock Extension For Firefox?
Jun 11, 2010adobe was kind enough to release new versions of flash to deal with the recent 0day exploit which is all fine and good except they didn't release a 64bit version. as a matter of fact the 64bit alpha is no longer available for download and their forum for the 64bit version has been set to read-only.
i'm using slackware64 13.1. i began the process of getting nspluginwrapper working with the 32bit plugin but decided that it wasn't worth the hassle. rather than just dump flash altogether, am i making my box "safe enough" by using the flashblock extension for firefox? obviously, sites still can sniff for the flash version, but nothing will be displayed unless i click on it. basically i'd only be using it for stuff like videos and a few other major sites that should be trustworthy.
