My company needs to send sensitive data across to another company, 800gb of .dpx. The way I have thought of is:
E-Sata/1TB WD black.
True-encrypted/ hw accelerated aes (3x machines being built with 2600k)
Sha1sum on each file.
The main goal is to make sure that
1. The files that were transferred off the server onto the drive, are exactly the same.
2. Secure.
3. Fast.
I accidentally made a mistake of deleting the data I was suppose to shred. I cut and pasted sensitive documents from my external hard drive into my laptop. I want to shred those documents from my external hard drive but since I already did a cut/paste command those files are no longer accessible from my external hard drive. Is there a way I can fix this?
View 3 Replies View RelatedI recently used D�j� Dup for the first time. I chose to backup my home folder and most dot folders (do most of you backup all your home dir dot folders?). Even though D�j� Dup uses gpg, is there any sensitive data stored in dot folders within my home directory?
BTW, I did an incremental backup up to an older D�j� Dup backup folder on my NTSF external HDD and got an error. Is this because it is NTFS? I then did an incremental backup to a backup folder on my PC (ext4) and got no error. In the picture attached, would that setting mean the backup will continue to grow to a huge size? Would it be better to keep backups for a week?
Question about the bug reporting system that I think is called ABRT Struggling with F15 and want to file a bug report, but the backtrace thingy says I should remove sensitive data first. Obviously a good idea, but the report is full of what to a non-programmer looks like gibberish - things like what I guess are hexadecimal numbers or memory addresses, none of which I understand. Can any of that incomprehensible stuff contain sensitive data, like encryption keys or anything someone would need to crack a machine? If I remove all of that then the bug report will be pretty sparse.
(Same question applies to SMOLT - machine profie report - as well) Or is "sensitive" just about the human readable data in the reports?
How can you use swat securely from a securely location?
View 1 Replies View RelatedTo copy from production to standby over the internet I use a cron job doing rsync -avze 'ssh -p 8022' --exclude-from= ....
My question is: should the cron job run on the production or the standby system. Root access to the remote system is given by a pass phrase-less ssh key. Currently I run rsync on the production system. I guess that it is more secure because the standby needs no ssh login to production. Running rsync on the standby would use less resources on production. I am concerned that in this case there would be pass phrase-less access from standby to production.
I have a small network at my office (3 workstations, 1 ubuntu desktop that I'm using as a file server). I'm using a WRT54G2 router for networking and internet connectivity. Here's what I'm trying to accomplish: I want to be able to access my little file server from home, across town. I think ssh might be the best way to go now. What I don't know: How do I set up the ssh server on my machine/network without compromising my network security and the security of my server? Do I just set up port/ip forwarding on my router, install openssh, and that's it?
View 9 Replies View RelatedI'm looking for a way to quickly remove all data/partitions/boot records from my hard drives while running linux (distribution is irelevant). There are lots of ways to do this that I know of, but they all have some problems. Here's a list of what I've tried/thought of already. The most obvious is fdisk: Simply delete all the partitions. This usually works just fine and is very quick, but there are times it just doesn't....I'm realy not sure what gets left behind...I remove the MBR as well..but whatever it is, it's in the way. A couple other options are:
dd if=/dev/zero of=/dev/sdb bs=1M
shred -vfz -n 1 /dev/sdb
Both of these approaches are great if you're selling the components and want to make it very difficult for anyone to recover data. The draw-back is they take so very long to run. I've got four 1.5 TB drives that I've been writing zeros to for 2 days now. If you thought watching grass grow or paint drying was boring. A hundred years ago or so, when I was doing tech support for Windows 95 users we used this nifty dos-based debug script to wipe the hard drive. It was sort-of a last resort thing, but it worked beautifully, most of the time. If the customer had already formated, fdisked, fdisk /mbr, reinstalled Windows, but still couldn't get the thing to work, this would clean the drive so you could do a fresh install.
Just in case someone wants this, I'll post it. To use: first boot to some type of DOS environment in which you have the program "debug".
debug
-F 200 L1000 0
-A CS:100
xxxx:0100 MOV AX,301
xxxx:0103 MOV BX,200
xxxx:0106 MOV CX,1
xxxx:0109 MOV DX,80
NOTE: Type 80 for the primary hard drive - HD 0,
or type 81 for the secondary hard drive - HD 1.
In most cases, the primary hard drive is required 80.
xxxx:010C INT 13
xxxx:010E INT 20
xxxx:0110 (Leave this line blank. Press the <Enter> key to continue.)
-G
The message Program terminated normally appears. How to do something like that while running linux?
This one being Ubuntu 9.10 (yes, I know I really should upgrade). I keep a number of confidential files in a TrueCrypt container which is a standalone file in my Documents folder. I'd like to delete some of these, but I want to do it as securely as I can, but I believe if I simply hit 'Delete' with the file selected it'll move the file to the Deleted Items folder. This, I assume, means that the file is taken out of the encrypted volume and stored unencrypted in the Deleted folder.
I've been reading a little about the Shred command, and there seems to be some question about whether it works effectively with a journalled file system; and since I have no idea whether I'm using a journalled file system, or how to find out, I'm treating Shred and other over-writing secure deletion tools as ineffective for now.
With this in mind, can anyone advise me how I can protect the file stored in the TrueCrypt volume, and delete it in place, without taking it out of the encrypted area? And, further to that, can anyone tell me whether in fact the file is actually secured while it's in the encrypted volume? For all I know, just opening the volume may result in copies being made somewhere (apart from RAM).
I'd like to run a Tor relay, but am trying to understand the security implications. For some time I've run my torrent client in a VirtualBox virtual machine, which is run as a very non-prived user, bridges directly to The Internets, and writes to one directory on the host. My belief is this is about as secure as it can be, but am open to suggestion.If I run a relay in the VM it wouldn't be associated with my use of Tor as a client, which is fine since there is no technical need for them to be connected and it's desirable for security.I read that chroot jails can be broken, particularly when run as root, so I don't really trust that. Also studied a vserver, but it must share the network setup which doesn't strike me as isolated enough.
View 14 Replies View RelatedI would like to transfer a massive amount of data between my laptops simultaneously. Is there a way to attach a cable via one flash port on one laptop to another and transfer like that?
View 4 Replies View RelatedI was dual booting Ubuntu 8.10 and Windows Vista on a Acer Aspire 5920. My laptop went for service and the company said they will give me a fresh laptop instead of the one I am using now for they cannot set it right.
When I plugged in my hard disk through an external cable onto a windows machine it detected only the data present (which is almost negligible in my case) in the vista partition. I would like to transfer all the data I have from hard disk at least the one in the Ubuntu 8.10 to my new laptop on which I plan to run Ubuntu. Can someone guide me on how to go about doing it? Also is it possible to transfer all the installed softwares so that they start running in the new laptop without any extra effort?
I am not sure where to post this so i figure that general help is as good as any. I have just bought my self a 32 gb micro sd card and I want to transfur all my old stuff (apps, contacts, music) off my existing card, how do I do this?
View 2 Replies View RelatedopenSuse 11.2 KDE 4 desktop User = newbie I was having some trouble with a Hard drive that I store my photo's and other personal data on. Fisrtly, it was messing my OS up, so that it would not boot to the desktop, but only to the command line where it would report that this drive was somehow corrupted and needed to be repaired. Secondly, the OS was reporting that certain files were 380,000.2 TB in size. this drive is only 200 GB.I didn't want to do the repair until I found a way to back up my data. I found another hard drive to do backup to but I had to take some data off of it. Which I did.
In the spirit of trying learn command line I decided to partition and format the hard drive using fdisk. I found some easy to use directions and proceeded to partition the drive. Unfortunately, I failed to realize the directions were only for the partitioning part [my fault for not reading further]. What I missed was that after using fdisk to partition, you must use mkfs to set filesystem type.[I thought I had done that in fdisk using the "l" , "t" commands within fdisk].
My questions are:
1] Can I do this mkfs command after I have put my data on the new hard drive or should I start fresh and redo partioning? [I have not deleted the other drive so my data is still there.]
2] What would be the cause of the incorrectly reported file sizes?
I' m using Mandriva 08 and windows 7 on my system. When i login to linux and try to copy data from linux drive to win drive or vice versa then it shows........
[root@lenovo mnt]# cp /home/simer/Desktop/*.avi win_e/
cp: cannot create regular file `win_e/xyz.avi': Read-only file system
cp: cannot create regular file `win_e/abc.avi': Read-only file system
I tried rsync, scp but didn't worked.
Today I ran
aptitude update && aptitude safe-upgrade
Like I regularly do, and I see these two packages need to be upgraded:
login passwd
Since these packages seem kinda security-sensitive I would like to know exactly why I would need to upgrade them. I checked Debian's security list but couldn't find anything relevant, and the links to the changelog for both packages are broken:
The requested URL /changelogs/pool/main/s/shadow/shadow_4.1.4.2+svn3283-2+squeeze1/changelog was not found on this server.
Where can I see what is changed in these packages so I can safely upgrade?
I'm logged in as root and want to run Add/Remove Software (Package Installer) but get the message telling me
Code:
Running graphical applications as a privileged user should be avoided for security reasons. Package management applications are security sensitive and therefore this application will now close.
How must I install applications? Surely the world is getting paranoid with all this hackers and viruses, because with every new version O/S, the security features gets more and more; up to the point that you can't fricken do and play around with your pc as you would.
This problem is not exclusive to Ubuntu, I've experienced it in Windows and OSX as well, but it seems that almost every time I transfer a large number of files (i.e. my music collection) between my desktop computer and laptop via my external hard drive, I end up losing files for no reason. I usually don't notice the files are missing until later on, because I am never informed of any data loss. Now, every time I make a large transfer of files, I just do it two or three times to ensure that I don't lose any files.
View 2 Replies View RelatedI'm running Apache2 under uBuntu 9.10. My problem is that I use my own user "wavesailor" to work on my websites. I kept all my sites under /var/www and I set up the security of the directory after following the guidelines.
Code:
sudo chown -R root:root /var/www
sudo chown -R www-data:www-data /var/www/*
[code]...
I have a Debian Squeeze installed on my old iBook G4 mid 2005. The computer has been giving me hard time and I want to sell it for parts. Before that however I'd like to erase the hard drive securely. Is there a software that this forum recommends for erasing hard drives completely and securely? Is there Linux equivalent for something like DBAN which can be installed on a CD and then boot the computer from it?
View 14 Replies View RelatedI am running Ubuntu Server 10.10. I have installed OpenVPN using this guide I have set up everything correctly as this guide says, but I am having problems with the config file. I want to securely route all traffic on the client to the server, how ever the server will not start. My config is below:
Quote:
#################################################
# Sample OpenVPN 2.0 config file for #
# multi-client server. #
# #
# This file is for the server side #
[Code]......
The servers ip is 10.0.0.65 and I want to assign the clients the ip range of 10.0.0.200 to 10.0.0.20 When I try to start the server I get the message Fail.
I read this article:[URL]..(Alien for all packages and howto) but I have some doubts. Let's see if I understand correctly. In practice, we open a port (8888 for example) on the local PC on which you made a ssh tunnel to our server, right? Who resolves the dns? Our remote server? With this technique we are safe even from sending data through unencrypted protocols like hhtp (not https)? An administrator who wants to see what we visited what would see in his log?
View 2 Replies View RelatedFor example would a website log the mac address of my ethernet adapter and my computer name?
View 4 Replies View RelatedI loaded F10 up on my laptop a few nights back. NetworkManager connects via Ethernet just fine. It will also connect wirelessly, but only when security is disabled. I've been using 128-bit WEP.
When I try to connect using security, this is what appears in the log:
Code:
Jan 29 21:07:17 localhost NetworkManager: <info> Activation (wlan0) Stage 1 of 5 (Device Prepare) complete.
Jan 29 21:07:17 localhost NetworkManager: <info> Activation (wlan0) Stage 2 of 5 (Device Configure) starting...
[Code]......
I need to send large files from a Linux machine to another using cryptography. The sender machine knows the recipient IP but not vice-versa. I don't need strong cryptography and prefer higher-speed less-secure solutions.
There are no problems with presharing crypto keys but I'd prefer not dealing with SSH users creation.
I think to HTTP PUT over TLS, but I never had experience with it and I prefer to hear which are the possible solutions. I know that it can listen as a daemon but I don't know anything about cryptography. So pipeing with OpenSSL may be a solution.
How to patch redhat and debian securely ? I mean is there sth like in solaris live upgrade, when after upgrade sth goes wrong I can revert to previous state from before upgrade?
View 4 Replies View RelatedI run Slackware 13.1 on a small Pentium 4 box that runs a torrent client, game server, and a few more Internet-related scripts.
I see no point running these stuff with root priviledges, so I have this line in rc.local:
Code:
su user -c "/home/user/services/start-all.sh"
How secure is that command, su user -c? And what would be the right way to go with it?
Folks:What can I use to encrypt all data on my USB flash drive? If possible, could I use something that has a public Key, so I do not have to type in a password to access the information when I plug the drive into my machie, but will not open or display contant if the drive is plugged into anyone else's machine, unless they have the public key?
View 7 Replies View RelatedDoes anyone know of any software that can monitor the Apache logs for certain phrases or keywords then send an alert when found? For example I know an attempt to hack has been made when I see log entries like this....
/admin/
/admin/phpadmin/
/phpadmin/
But by the time I see it, the attempt has long since failed or succeeded. What I need is a way for my server to alert me WHILE someone is entering these phrases. I realize there may be a "hit" to performance but my server is not that busy anyway (except for hackers).
i was thinking that is there a way to check data flow for viruses? i mean if i set up calm av in my internet sharing server could it detect anything in incoming and outgoing data ?!!
View 2 Replies View Related