Ubuntu Security :: SSL Connection In The Software Center?
Dec 3, 2010
I'd like to buy some stuff from the Software Center but I don't see how to confirm a valid certificate or see any indication of a secure connection on the screen where I enter my credit card info. Of course, I'm sure the page IS secure because who would design it otherwise (especially considering how our patron made his first fortune), and I could sniff out the network connection, but I don't see any information provided to the end user.
It seems like it could open up Canonical to all sorts of legal issues to not have security info and a privacy policy easily available in the payment section of the USC. Maybe it's there and I've missed it somehow. maybe it is on the next page, but I didn't press the "submit" button.
View 4 Replies
ADVERTISEMENT
Jul 10, 2011
I've installed Ubuntu via UNetbootin from USB on my child's computer. It comes by default with the sudo command which I find really annoying to work with. I'd rather have my su command.
Now, while googling for a removal instruction, I've read that the sudo command is tied to system functions on some Ubuntu live systems and can't be removed easily. Does anyone know if this applies to the 10.04 live version used by UNetbootin and how to work around this problem?
If not, is it simply enough to remove 'sudo' via the software center? I find many tutorials on how to switch from su to sudo but not much about the other way around.
View 7 Replies
View Related
Nov 7, 2010
have around 20-30 HP and Dell Hardware where we have attached Pen Drive. There is no Rack-lock facility. A misuse of Pen Drive is reported and it happens every alternative day that someone unplug and theft the drive attached.There is no camera facility to monitor.I have a plan to write a script which will login to every machine through ILO and watch the USB availability. In case anyone dettach the USB, a mail will be sent to the administrator and thereby the steps could be taken.Does this idea look feasible.
View 13 Replies
View Related
Jan 21, 2011
I run apache on a non standard port(82).I just installed unity to play around with it and while I was playing with it I installed prixfixe through software center to edit the menus.While prixfixe was installing my computer was acting very slow which was odd, but not completely unusual.During this time I ran ps aux which showed that my apache server was taking up most of the processing power.I was about to stop my web server,but I waited just in case the web server was updating a few things (I run ampache).
My computer finished installing the software and then I ran some command with sudo (I can't remember what the command was), but it threw back some message saying "setid blabla". I restarted my computer and when I got to my gdm my normal user account did not show up. There were no accounts and the restart/shutdown buttons didn't work.Now I'm running on a livecd and checking out my apache access logs, apache error logs,and kernel logs,but nothing looks out of place..
View 9 Replies
View Related
Nov 3, 2010
My host is ubuntu 9.04 and the guest is winxp sp3. I need to use QEMU to monitor the network communication for security researches. But I failed to establish the connection between the host and the guest.
To build a TAP connection, I input commands as the following t.
How should I establish the TAP and Bridge connection in the QEMU?
View 1 Replies
View Related
Jun 14, 2010
I have changed my sshd banner in /etc/motd code...
However, I would also like to change the banner that someone sees if they attempt to use another method of connecting to my ssh server (telnet, for example). Currently, this is what happens code...
Where do I edit the telnet/ssh banner, so it isn't so easy to fingerprint my os/ssh version simply by using something such as telnet?
View 2 Replies
View Related
Aug 20, 2010
Is there a way to use the firewall to essentially lock certain programs like firefox and transmission to my vpn connection-so that in the event that my vpn connection goes down these programs do not use my default ISP Internet connection.
View 1 Replies
View Related
Oct 26, 2010
I was hoping to set up a Kubuntu 10.04 Chroot on a PC with no internet access (I only have dialup anyway, not Broadband). All the information I have been able to find refers to downloading debootstrap in order to do this.I purchased a set of DVDs with all of the Ubuntu packages on them and created a single repository of them on my harddrive.Is there some way that I can create the Chroot using the packages on my hard drive without having to access the internet to download stuff as I do it?
View 6 Replies
View Related
Jan 6, 2011
Thought about posting in the Networking board, but I believe this is a much more security-oriented thread. So let's say I bring my computer to a public place, say a library with one open, public, shared wireless network. I connect to that network. Let's assume that everyone else who's connected is using Windows. Can they see my computer (through Network Manager or other software) and attack it (SYN flood or something)? Or does it depend on the network settings?
View 9 Replies
View Related
Jul 6, 2011
Is my ssl connection secure if I'm going through a proxy. Is it possible to craft a malicious proxy to steal/crack authentication?
View 2 Replies
View Related
Nov 1, 2010
on my linux server i have many websites, before i use this command
netstat -anpl|grep :80|awk {'print $5'}|cut -d":" -f1|sort|uniq -c|sort -n
to see all the ips with many connection but the problem is is show me all the ips from all the websites from the server, can be another way to show me all the ips just from my website ?
View 1 Replies
View Related
Apr 28, 2010
I will be hiring Linux freelancers very soon to do some work on my Linux Centos 5 machine. And I need a way to see what he's doing on my computer over ssh, now I don't mean me reading the logs, I meaning seeing what he's doing in realtime (kind of like vnc, but except the freelancer will only use ssh to do his work and not on the desktop environment.)
View 10 Replies
View Related
May 6, 2010
Since important information like pass-phrases is sent via a Bluetooth link, I wonder how secure this is. I think it must be quite a weak point.
View 3 Replies
View Related
Jul 21, 2010
I'm having a web server running with ssl version 0.9.8 on Ubuntu 8.0.4. Server is having a valid certificate issued by authorized CA. In the begining client and server able to communicate (beyond handshake) successfully. However, after a couple of days all of the active connections go haywire.
View 3 Replies
View Related
Jan 1, 2011
I am running ubuntu 10.10. I recently enabled the firewall and installed Firestarter to configure it. Bad decision apparently. I can't connect to the internet using Firefox unless I first stop the firewall using Firestarter. After I do that, Firefox connects to the internet just fine.
If I uninstall Firestarter, will the ubuntu firewall function as it did originally, before I configured it? Or will it continue to function the way it does right now, which doesn't allow me to connect to the internet?
View 9 Replies
View Related
Jan 19, 2011
I'm running an SFPT server which my clients logon to using an FTP client. at the moment each client has a user name and password.
Thus far to improve security I've disabled root login but an looking for futrhrt ways to protect it from attack, having researched using google some of the security features suggested prevent the FPT clients from connecting.
Questions:
1- what further things can i do to secure my server that still allows it to be usable for FTP clients?
2- specifically is it possible to use non login pre-share key authentication?
How i set up the server is shown here: [url]
View 3 Replies
View Related
Feb 9, 2011
What is happening when I log in to my Ubuntu server machine via ssh and putty. trying to understand everything, primarily securing my server.
I have specified the ssh server to listen on port 5525, and can login without a problem.
When I look at the logs though it says I connected from xxx.xx.xx.xx on port 53602.
What is happening here and why is the logged connection a different port to the one specified in the config file?
View 1 Replies
View Related
Mar 12, 2011
I have several CS servers running on ubuntu server, and sometimes someone is trying to brute server's RCON password with the program called HLBrute. I've found the following rules to prevent such hack attacks, but they don't work What can be wrong in these rules?
Quote:
iptables -A INPUT -p udp -m multiport --dport 26000:30000 -m string --algo kmp --string "HLBrute" -m limit --limit 1/hour --limit-burst 5 -j LOG --log-prefix " HLBrute_Ataka "
iptables -A INPUT -p udp -m multiport --dport 26000:30000 -m string --algo kmp --string "HLBrute" -j DROP
View 3 Replies
View Related
Jun 3, 2011
I open this thread after an unsuccessful long search over the Web. Essentially what I want is to block the outgoing connection of a program. All I know about this program is its name and so I don't have any information regarding the ports it utilizes or the address it may contact.
View 9 Replies
View Related
Apr 27, 2010
I was working on my desktop under Ubuntu 9.10 when I got a message in the the upper right telling me that my Remote Desktop Connection had been activated. I don't know who it was, but they proceeded to open up a terminal and start typing a bunch of stuff. This scared the living @#$^ out of me, so I didn't really pay attention to what he was doing and immediately dove for the reset button. I disconnected my network from the web and found that RDC was NOT password protected.
Now, I probably did this a little while ago while I was playing around with it, but I also set up an account with dyndns.org. Would this possibly increase the number of attacks on my network? Just in case, I have removed my listing. Also, would any of this incident be logged somewhere? How/Where would I look to see if I'm being poked and prodded for another security hole?
View 6 Replies
View Related
Sep 29, 2009
if u use vnc real and u share the vnc to a guest and u give him the password, and after he ends the look, u want to kill him how can u do that on the xterm i know that vncconfig can do it, but i want to know if there is a way to do it by your self, killing the ip or something.
View 1 Replies
View Related
Oct 2, 2010
Let's imagine this can be done in Firstarter, as there already is a fine lockdown option there: A kind of RULE: on [program/service] exit/completion of download - then lockdown connection [usually the eth0].
[Edit:] Or for that matter, put a lockdown action on any premise like inactivity on port 80 or such (all the rest),
View 4 Replies
View Related
Jan 18, 2011
There is this active connection in firestarter: ec2-174-129-193-12.compute-1.amazonaws.com (Port 443 - Service HTTPS - program python)After doing ps aux | grep PID it shows: /usr/bin/python /usr/lib/ubuntuone-client/ubuntuone-syncdaemon...This comes up in the firewall in each login, how do I get rid of it and how did it get there in the first place? Another question is if there is a way to limit a program's access to the internet. For example KCalender.. The things I type up in there may be stored somewhere. How can I disable complete access to the internet for that program and any other program so they can't backup, share, check etc. ?
View 3 Replies
View Related
Apr 15, 2011
I've been reading a lot of articles on Xorg XWindow System having the ability to allow 6600/tcp for remote screen connections and I've been trying to find a way to remove the functionality without having to just dump XWindow and settle for CLI on my server. I heard it was disabled by default, but I just want to get rid of that ability completely by cutting it out of it's code and yes, I'm feeling very, very paranoid.
View 2 Replies
View Related
Aug 29, 2010
Basically, this is not the first time it happened, but the third I would say. My trouble and concern is with this massive downloading targeting a test file of mine/client file of mine. Since my server couldn't support that many connections child process spawns, my apache server crashed.
I managed to solve it by closing the client's account, preventing the attack from continuous download. Another way I could solve it was by replacing the file they attempted to attack with 0 byte file.
I'm wondering if there is a possible solution to prevent such issue in future. I'm also not very sure what kind of attack this is. Could it be DDOS? But from what I've asked, some said it wasn't DDOSed, if it was, my whole server would go down, not only apache.
What I was curious was how these attacker found out the files that were stored on the server. These files were not leaked outside, nor there could be a possibility to access that folder because it was protected by .htaccess which deny everyone.
View 4 Replies
View Related
Jun 14, 2010
Is there any setting to connect ssh server using default profile.
for example if I run
ssh user@ssh_server_ip '/bin/bash --norc --noprofile'
it will skip user's login profile(/etc/profile,/etc/bashrc,~/.bashrc,~/.bash_profile)
Can i do some settings in ssh server that deny profile skipping by client.
View 1 Replies
View Related
Jan 24, 2010
i need to do a statefull firewall actually i try the ESTABLISHED state but as we know that some people can play with the TCP header so i want to do a "connection track" state, they told me in mangle but i didn't find can someone paste for me a link about "connection track" or write for me rule for ex: to make connection track for port 80!
View 4 Replies
View Related
Mar 28, 2011
I am wondering if it's possible to log the number of bytes a connection transfered when the connection is complete with iptables. I know I've seen this sort of information in Cisco FWSM logs, where the "Teardown" entry of the logs has the bytes transferred for that connection. Is it possible to have something similar to that with iptables? Where the initial connection attempt is logged (i.e. NEW, which I have logging fine) AND an entry for that connection that includes the bytes transferred?
View 6 Replies
View Related
Apr 22, 2010
I have my router configured so that it drops outgoing telnet connections (and other protocols I don't use). It's a 2wire gateway. 192.168.1.65 is the internal IP of my ubuntu box.I'm trying to figure out what normal network traffic looks like and whether I should be worried by this log entry. At the time this happened I was testing out TOR (just navigating to a few sites (dell, ubuntu forums, etc.) nothing all that interesting.)
View 2 Replies
View Related
Jul 5, 2010
I am using TomCat6 with Ubuntu Server 9.10 x64. I successfully configured to iptables to redirect the port "443" to "8443" (Tomcat SSL), using this command:
[code]...
View 5 Replies
View Related
