If I need to get a file to someone I could place it on the server and somehow automate an email telling them there is a file available. They could login to the server based on their email address and a randomly generated key combination and down load the file.I also need it to preform the same function going the other way. Login into my server and place files going to me.
View 2 RepliesI'm looking for a most possible, secure solution to transfer data using rsync over Internet between 2 linux server.
I have 3 option: SSH, IPSEC and Kerberos.
Which one in your opinion should be most secure solution?
if connecting to my server for file transfer using gFtp is secure. I told gFtp to connect to the server using SSH2 and it works. It says it uses this command "ssh -e none -l wordpress -p 1883 IPADDRESS -s sftp." Is this more or less secure then using ftpes or ftps? What I thought was weird was that I could shutdown vsftpd and still connect. Does SSH2 SFTP use its own ftp server?
View 4 Replies View RelatedI seem to be missing a secure.log or security.log file. I have Ubuntu 10.04 and can't find this file. I looked in the /var/log and ran a search command to no avail. Does anyone know where this file is or is it called something else. I'm looking for a file that logs any change to the security settings of the system.
View 1 Replies View RelatedI seem to be missing a secure.log or security.log file. have Ubuntu 10.04 and can't find this file. I looked in the /var/log and ran a search command to no avail. Does anyone know where this file is or is it called something else.looking for a file that logs any change to the security settings of the system.
View 6 Replies View RelatedWhat do the default file permissions in ubuntu 9.10 protect/deny access to?
View 9 Replies View RelatedBeen messing around with Ubuntu 9.1 for the last few weeks and am loving it so far. Been trying to get in the terminal and learn a little something, to no avail. LOL I have been googling and searching the site today for info on networking. My Linux box is a desktop, with my main HDD mounted with music, and movies and some other stuff. My intent is to network the two laptops in the house (Windows XP and Windows 7) to the Linux box so I can listen to my music and watch movies when not in the office. I have found some info, mostly involving Samba, and plan to install Samba tonight and fiddle with it. My issue was with security. I have read a few posts and they talk about the fact that if you share files in this manner, the set up is not secure at all. Is this something i should really be concerned about? If the folders I share only have my music and videos in them,
View 4 Replies View RelatedI'm an Oracle DBA and started working for my current employer about 4 months ago. This past weekend an alert re: FS space brought my attention to /var/spool/clientmqueue (full of mail re: cron jobs) and the fact that sendmail is not running on our Linux servers.I'm told that the IT security team deemed sendmail too vulnerable so we don't run it.Aside from FS filling up and missing notification of issues with crontab entries, I'm concerned that we may be missing notification of potential issues. In other Unix/Linux environments I've seen emails from the print daemon when it experienced problems with specific jobs.
Are there other Linux facilities aside from cron and lpd that use email to advise the users of possible issues? Are there ways to secure sendmail or secure alternatives to sendmail? My primary need/desire is to make sure that emails regarding issues on the server get to the appropriate users. Secondary goal would be to have the ability to use mailx to send mail out. There is No need/desire to receive mail from outside.
I'm trying to find a secure way to backup files on my Prod Server to Backup Server. It must be automated, so I will need to run a command with cron which will login to Prod Server from Backup Server and backup data. 1. Do you think it would be secure enough to do this by creating an passwordless RSA private key on Backup Server and adding it's public key to authorized_hosts file on Prod Server? I can't think of a way to Automate this without having to enter any passwords without passwordless RSA key. Is there another. more secure way? 2. Should I create a special user for backup, which will only have read access to all files in the directory that I am backing up? If so, How can I run a check that this new backup user indeed has read access to ALL files in the folder that I intent to back up? How can I ensure the backup process will not skip files due to some permission problem? 3. I'm thinking of using rsnapshot tool, which uses rsync.
View 10 Replies View RelatedIm using opennms network configuration backup server called 'RANCID'.It run on top of RHEL5 system and using APache. Here's the link which i'm accessing [URL] But any one can access this URL and obtain my configuration files
I want to secure this using a logon page.allow login Only for the successful authentications by entering the predefined username and password But after get authenticate book marking the above URL still can access anyone since it didnt prompt username and password again In eachtime executing the above url it should direct to authenticate page
i am trying to transfer a file from my live linux machine to remote linux machine it is a mail server and single .tar.gz file include all data. but during transfer it stop working. how can i work and trouble shooot the matter. is there any better way then this to transfer huge 14 gb file over network,vpn,wan transfer. the speed is 1mbps,rest of the file it copy it.
rsync -avz --stats bkup_1.tar.gz root@10.1.1.22:/var/opt/bkup
[root@sa1 logs_os_backup]# less remote.log
Wed Mar 10 09:12:01 AST 2010
building file list ... done
bkup_1.tar.gz
deflate on token returned 0 (87164 bytes left)
rsync error: error in rsync protocol data stream (code 12) at token.c(274)
building file list ... done
code....
Having a bit of a issue with Debian Squeeze and transferring files to the Sony PSP..Hook up PSP to USB port and Debian mounts it..I go to drag a 125 meg mp4 to video folder..Copy windows takes about 10 seconds to transfer it..Exit USB mode and there is no video there. Go back into USB mode and look at video folder on the PSP memory stick and there is no video..It vanished. From another after copy progress closed I right clicked PSP and unmounted it..
It error-ed saying device was busy and could not unmount..Looking at light on PSP i see memory stick is still being written to..i wait for light to stop flashing..About a minute or so..Then am able to unmount it..Go to PSP video and theres the video ready to be watched. Debian isnt accurately showing the copy progress...Its showing complete when it isnt..I have to watch the light on PSP to know when it is truly finished.
I set up my ubuntu server with iptables that only allows ssh in the input chain (and of course established connections) with only the mac adress of my laptop allowed to connect, set up a key with a long passphrase and installed pam_abl plugin. ICMP echo is blocked by default.
The only problem is i log all other attempts to connect to the server and i see a lot of traffic going to ports 445 and 5900.
My question is: Is there a possibility that these attempts could succeed and is there any way to further ensure this server?
A) Pc-bsd
B) Ubuntu
And also which OS is more reliable?
How can i secure grub 2.0 ? with grub 1 just do : grub-md5-crypt then we write password --md5 <crypted_password> in /boot/grub/menu.lst
View 9 Replies View RelatedIs it possible at all to secure transmission?
View 9 Replies View RelatedNewbie here,
I'm thinking of moving mostly to linux to get away from the security holes in Windows. And I have some questions...
How secure is Firefox for doing online banking?
Sometimes I have run into a situation where the bank doesn't support anything but Windows explorer when accessing my accounts. Can this be gotten around safely in Linux?
If so, How?
Is there any way to secure harddisk accessbility ? i want encrypt my hard disk, and partitions that ubuntu installed on that. is there a way ? i want deny all access to hard disk, just my own root account can have access to all.
View 9 Replies View RelatedOk im new, i know apparmor is running. i was looking for firestarter but their isnt one.....how do i secure this server? i want a good firewall and some virus protection!. also do i need this?
View 9 Replies View RelatedI want to set up a website that hosts very confidential business information. The info needs to be accessed by multiple people in different geographical regions. The entire website would require the high security (ie: there are no little sections that are publicly viewable). While the site will be run with Ubuntu server, I will be hosting it in Amazon's EC2 cloud.
So, if I use the HTTPS protocol with an SSL certificate, am I pretty well reaching the most secure possible situation? Are there any concerns with using the EC2 solution? Obviously there are a LOT of variables involved with maintaining website security, but I want to know if HTTPS is the current best bet (in addition to all the "best practices" of securing a site) or if there is a more robust way of securing content.
what is the best option to securing server via firewall and iptables?
View 9 Replies View RelatedI am running UFW, which is set to deny everything but SSH on port 22, OpenVPN on port 1194 and HTTPS on port 443. SSH is set to only allow private key logins, and the root account is disabled. I have AppArmor running for all of my daemons (OpenVPN, Apache2, OpenSSH) and I have Fail2Ban running.
Is there anything else I can do to secure my server from the Internet (it is directly connected, there is no NAT between the Internet and my server).
I always hear 'do NOT install anything from anywhere except the official repositories'. But I find a lot of great apps that are not included in repositories and would like to ask. How actually secure launchpad is? Are the codes reviewed by anyone? How do I make sure that a piece of software is not going to harm my Ubuntu? If I add a PPA for some program I won't going to check it's code every time it updates or am I being too cautious?
View 9 Replies View RelatedIs there a way to securely empty the trash bin without the need to type some shred command into consoles. My intentions is to be able to securely delete files when the 'Empty Trash' is used so to save the trouble of going to a console and doing some commands using shred.
View 5 Replies View RelatedA friend of mine has a private forum setup so he and I can communicate back and forth so we don't have to send emails. The link is a "https://" so I'm assuming it's secure. I'm a newbie to ubuntu and I have already switch 3 of my computers at home to ubuntu.
I'm using Ubuntu 10.04 and google chrome as my browser. When I log into his forum it pops up with a screen saying "The site's security certificate is not trusted" and I always click proceed anyways. I'm not worried about this because I'm 110% sure that it's his website that I'm trying to access. My question/problem is it also pops up with a little box telling me to enter my Username and Password every time. When I was using WindowsXP, I had to enter this info once and then I wouldn't have to enter it again.
I have very little security and networking experience. What can I do to make my computer more secure?
View 5 Replies View RelatedIs there a program already set up to do this? Probably similar to WASTE (URL...), though waste's client is currently unsupported on the newest version of ubuntu (make error having to do with char* or something). Preferably windows and linux supported. Another thing that could be of use would be a local ssh chat. For example someone connects to my box either as me or as another user and runs 'hiben' and a window (or i ran a command or something and have a window open for it) pops up that we can chat in. Something other than single line messages.
View 3 Replies View RelatedI recently installed Xubuntu on a 5+ year-old Acer Aspire laptop. In spite of how the root, swap and home are volumes in an LVM2 group on top of a fully-encrypted harddisk, it's quite swift this computer isn't for me, however; it's for my old man. It's been my pet project for the past few weeks, as an exercise in making Linux both highly secure and user-friendly, so that even a technophobe like him could use it without fear of identity theft if it ever gets lost or stolen. I recently shipped it off to him...
The weakest part of security, however, I fear may be the screensaver, which is why I ask. I've searched and searched and cannot manage to find any information on security hardening practices (apart from banal advice such as "always choose a secure password" and "never log in to an X-session as root"). What I want to know is, just how safe is a locked screen? Also...is it technically possible with the right tools to get a core dump of a running computer and thus extract the block device encryption key from memory? I know that your run-of-the-mill thief will just try hitting the power button and throwing in a livedisk, but hey, you never know. Edit: found. [URL] I guess I need to tell him how to set the BIOS password to thwart that sort of thing next time I talk to him on the phone...
Is my ssl connection secure if I'm going through a proxy. Is it possible to craft a malicious proxy to steal/crack authentication?
View 2 Replies View RelatedI have a minecraft server running on a P4 box running Ubuntu server 11.04 64bit. Now would it be secure, if I allowed ufw to allow outgoing? Or would this be a huge flaw someone could exploit?
View 6 Replies View Related