Ubuntu Security :: What Data Does Website Log When Pc Visits It
Feb 27, 2011For example would a website log the mac address of my ethernet adapter and my computer name?
View 4 Replies
ADVERTISEMENT
Ubuntu Security :: Basics Of Good Security Of Small Commercial Website?
Jan 17, 20111. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?
2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?
3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?
Ubuntu :: Automating Website Data Capture & Spreadsheet Entry?
Feb 3, 2010I have a spreadsheet which I update regularly. This involves downloading CSV files from a couple of websites, copying data from those files into an OO.org spreadsheet and copying formulas within the spreadsheet (the number of rows of data varies, so when the number of rows of data increases, I need to copy more lines of formulas).
I'd like to automate this process, so that with a single command I can get the data from the websites and feed it into my spreadsheet without having to copy rows of formulas. Although I've done lots of numerically-oriented programming, I have no idea how to undertake this automation task. I don't even know which tools I need to learn to do it.
Server :: Non-displaying Website Data: Javascripts And Images?
Mar 10, 2010I have a weird problem I am experiencing with my Apache 2.2 w/ ISPConfig 3 running on Debian 5.0.4. It is not a website html issue.***PROBLEM***Images are not beind displayed,javascripts are not being run, however when the site is viewed from a local source as a file(like on a USB Flash Drive) they work fine and display properly.Here is the website URL:I have removed a lot of the images and content or changed it in order to troubleshoot it myself, so the site is stripped pretty bare. There is supposed to be a logo inside the "header" <div>, which is set in the CSS file "style.css". There are supposed to be images for navigation, but they show up as red "x"'s. I removed the javascript elements and just trying to work with barebone html/css and can't seem to get it to display properly.
View 3 Replies View RelatedProgramming :: Extract Data By Sending Queries To A Website?
Dec 17, 2010What would be the best way to extract data by sending queries to a website?
View 2 Replies View RelatedUbuntu Servers :: LAMP - Identify The Right Network Structure For A Data Intensive Website
May 18, 2010identify the right network structure for a data intensive website, built on LAMP. I'm thinking of a load balanced website, and that it should have a mysql master/slave setup server. I'm no expert in this area, so any online resources are welcome. You can check out the website [URL] - but it will have 10 million items once the hardware can support it.
View 1 Replies View RelatedSoftware :: Parsing A Text File To Display Certain Data On Website In Php?
Dec 26, 2009Im trying to figure out how to display parts of a .db file created by the scorch2000 server to display a player name, games played, score and maybe more...
here is the text file format example:
playername1 password email #ofgames score setting1 setting2 setting3
playername2 password email #ofgames score setting1 setting2 setting3
playername3 password email #ofgames score setting1 setting2 setting3
playername4 password email #ofgames score setting1 setting2 setting3
playername5 password email #ofgames score setting1 setting2 setting3
I dont want to display everything, of course ^^, but how do i get the player name, the number of games he played and his score to display it in a webpage in this fasion:
Name Games Played Score
joe blow1 25 9876890
joe blow2 31 8989767
joe blow2 26 7989767
joe blow2 17 5989767
joe blow2 13 4989767
and by highest score because the log doesin't put them in in score order....
please help, i asked the maker because he has one runing already but no answer back, well the game is pretty old so i didn't really expect an answer anyways and tryed to figure it out but i dont know functions in php, this is to include in a php-nuke block (this i know how to do
here is an example of a working page at the developper website:url
Debian :: Ultimate Package To Order Information, Knowledge, Website, And Data?
Jan 24, 2010Data flow has become nowadays really huge. Although how hard one can try to tide folders, hard-disk, it can always be some days you are looking for something. What could be interesting to make available, e.g. to install for users, on all Debian stations. In some universities, with Linux-machines network, it is often kind of obliged to use emacs and 'office' KDE applications, as a standard at first.
for organizing better, what could be the solution as 'data flow organizer'? Many solutions, many methods, many ways are offered but none will be perfect
Ubuntu Security :: How Secure Can Website Really Be
May 25, 2011I want to set up a website that hosts very confidential business information. The info needs to be accessed by multiple people in different geographical regions. The entire website would require the high security (ie: there are no little sections that are publicly viewable). While the site will be run with Ubuntu server, I will be hosting it in Amazon's EC2 cloud.
So, if I use the HTTPS protocol with an SSL certificate, am I pretty well reaching the most secure possible situation? Are there any concerns with using the EC2 solution? Obviously there are a LOT of variables involved with maintaining website security, but I want to know if HTTPS is the current best bet (in addition to all the "best practices" of securing a site) or if there is a more robust way of securing content.
Ubuntu Security :: Logging Into The Secure Website?
Oct 8, 2010A friend of mine has a private forum setup so he and I can communicate back and forth so we don't have to send emails. The link is a "https://" so I'm assuming it's secure. I'm a newbie to ubuntu and I have already switch 3 of my computers at home to ubuntu.
I'm using Ubuntu 10.04 and google chrome as my browser. When I log into his forum it pops up with a screen saying "The site's security certificate is not trusted" and I always click proceed anyways. I'm not worried about this because I'm 110% sure that it's his website that I'm trying to access. My question/problem is it also pops up with a little box telling me to enter my Username and Password every time. When I was using WindowsXP, I had to enter this info once and then I wouldn't have to enter it again.
Ubuntu Security :: Alternative Way For Website Encryption?
Jul 17, 2011I don't care for domain 'authentication' by an "Authority". I don't trust no one, so CA's to me are as trustworthy as the gypsy in the park.
I can use a self-signed certificate, but the problem is most browsers makers are Fn idiots that say the connection is not secure, when it actually it, but because I did not folk out cash, it makes my website look bad.
I can understand the need for a 3rd party to verify the domain host to prevent man in the middle attacks, but I do not care for this.. and browser makers should take more responsibility and introduce different padlocks for types of authentication, rather than saying "this connection is encrypted, but not secure because its self-signed". What a load of horse s***!
How many times does people stop to read certificate authorities? I sure don't. I only care weather or not the connection has been encrypted.. so, I am looking for a way for simply providing encryption for my website.
From what I understand, when you submit a CSR to a CA, it includes the private key, meaning that the CA would be able to see the encrypt data, should they get hold of it. This is not acceptable for me.
Is there anything other way to use encryption other than the SSL model that is used typically amongst HTTPS browsers today?
Security :: Seeing The Ips With Many Connection On Website?
Nov 1, 2010on my linux server i have many websites, before i use this command
netstat -anpl|grep :80|awk {'print $5'}|cut -d":" -f1|sort|uniq -c|sort -n
to see all the ips with many connection but the problem is is show me all the ips from all the websites from the server, can be another way to show me all the ips just from my website ?
Ubuntu Security :: Weird Website With A Error By Firefox?
Mar 19, 2011I went to visit a website that I frequent and firefox through a error that basically said that the internet connection might be being tampered with and that the website was not authenticated. Meaning someone might be trying to load a fake website into my browser and impersonate the website to give me viruses or something.It's a website I frequent. Also the website doesn't have the www. in the url.[URL]..
View 9 Replies View RelatedUbuntu Security :: Www-data Security Permissions?
Mar 17, 2010I'm running Apache2 under uBuntu 9.10. My problem is that I use my own user "wavesailor" to work on my websites. I kept all my sites under /var/www and I set up the security of the directory after following the guidelines.
Code:
sudo chown -R root:root /var/www
sudo chown -R www-data:www-data /var/www/*
[code]...
Ubuntu Installation :: Unplanned Visits To Login Window - Taken To Login Screen Three Times
Aug 18, 2010I have used Ubuntu since 7-4; I now have 10.4. However, in the last week I have been taken to the login screen three times. This could be potentially calamitous. Ctrl+Alt +Backspace have by default been disable since 9-4. There is no way I am pressing atl+Prtscr +K. I wonder if there is a new zap command in 10.4, and if so, how to disable it. I have never found the need to go back back to the login window. I am generally using the command line when doing this.
View 1 Replies View RelatedUbuntu Security :: Innocent Website Tries To 'scan' Computer / Should I Get Protection?
May 6, 2010So I forgot how to do something in Compiz and I quickly Googled it to find the answer. On the first or second link I clicked, a pop-up box opened from Firefox saying that I should scan my computer. Immediately, I pressed the X button, but a page started to load that tried to "scan" my computer. I closed out Firefox and re-opened it. I did the exact same search again on Google, but I clicked on the cached view of the site. It was harmless enough--a blog with some ads on the side of the page. I'm assuming that it was one of the ads that somehow must have taken over the page.
Anyway, I know that the discussion of anti-virus programs is not anything new, but I would like to know if this virus may have affected Ubuntu. What would you guys recommend in this case?Also, after running the update manager, I received a pop-up box asking if I would like to update Grub. Is this a normal part of the update, or could it be a virus? I'm a bit paranoid, being from the land of Windows.
Ubuntu Security :: Opening FTP Service On Public Facing Website
Nov 4, 2010I'd like to know if this is common security flaw or normal to open up FTP to the public which is of course protected with password for 3rd party access to maintain our public facing / production website ?
If yes, what sort of FTP application to install in Ubuntu ?
Security :: Website Block By Using Proxy Server?
Mar 24, 2011i am using RHEL 5. i configured proxy server. now i want block one website.
View 2 Replies View RelatedSecurity :: Hack Website For CCNA Study Sake?
Jan 11, 2010I am currently taking my CCNA course. I have come to realize that to be a great Admin and secure a companies data, you first have to know it's weakness. Now I have become aware of a few programs like John the ripper telnet password crack, nmap, and the like. Well I have used nmap to port scan my own website for practice. I received some good intel on what ports are open and vulnerable. I am now trying to figure out how to hack in.To get my website info I used :
[Code]...
Security :: Apache Exploited To Send Out Spam From Mailform On Website?
Oct 7, 2010I have a server with a couple of sites on it. Some of them have a webform where people can send them emails that they are interested in their work etc. though the "To:" and "From:" adress can't be change by the enduser, you can only enter text and press send. However it seems that someone (not on the server) has found a hole/exploit to use those webforms to send mails to who ever he wants.. I have the webserver setup with ssmtp (simple smtp) and it just forwards the mail sent from the server to my mail-server and there on it sends it out on the internet. If I check my log on the mail-server I can see the whole smtp session, where it's comming from and where it's going etc. I see that it comes from my webserver and over there I only have these log entries:
Oct 6 22:04:47 ettan2 sSMTP[1771]: Sent mail for itaumail@itau.com.br (221 2.0.0 Bye) uid=204 username=torget outbytes=3290
There are loads of those log entries, mostly at after office-hours between 17:00 and 7:00 I have scanned through all the Apache logs and can't find Anything that point to the e-mail addresses used or something like that. The reason I found this out was because he tries to send to a host that doesn't allow connection on port 25 so all the mails got stuck in the queue, over 1000 atm.. I'm using Apache 2.2 and Postfix 2.6 on a Debian Lenny install. What can I do to find out how he's doing this and close the "exploit"? Who would you recommend to setup the mail() thing in PHP for most security?
Security :: If Visiting An Https Website Is There Any Added Benefit To Tunneling Through Ssh
Apr 4, 2011Basically, whenever I am on an unencrypted wireless hotspot, I open up an SSH tunnel to my home server to do all my browsing for the privacy and security it provides.But I got to thinking, and now I am curious, if I am visiting a site like gmail for instance that always uses SSL/TLS for it's connections, is there any added benefit to also using an encrypted tunnel? or is it perhaps superfluous to use both
View 3 Replies View RelatedSoftware :: Firefox Claims Invalid Security Certificate For Website
May 19, 2011I get an Untrusted Connection error when I visit this site to login into my GRE account, and I cannot add it as an exception, in Mozilla Firefox 4.0 on Ubuntu 11.04. When I visit the site using Chrome, I have no issues. Is this a bug in Firefox's certificate management? I'm using Ubuntu 11.04. I do not get this error in Windows' Firefox 4.0.
View 3 Replies View RelatedSecurity :: Opening FTP Service On Public Facing Website For 3rd Party Maintenance Access
Nov 4, 2010I'd like to know if this is common security flaw or normal to open up FTP to the public which is of course protected with password for 3rd party access to maintain our public facing / production website ? If yes, what sort of FTP application to install in your Linux webserver?
View 7 Replies View RelatedUbuntu Security :: Vulnerable To Infection From Website Without A "proxy Antivirus Filter"?
Dec 15, 2010I used Avast webfilter (proxied webtraffic through Avast) when running Windows. Sometimes Avast would alert and "protect" me from being infected by a compromised website. NOTE: Avast would alert even absent clicking any links. Just viewing the page could result in infection. Should I be running some kind of proxy webfilter for protection? My understanding is that Firefox can be compromised and this can in turn compromise Ubuntu.Are these kinds of threats specific to Windows running Firefox, or Firefox per se. If Firefox per se it seems like I need some sort of Proxy webfiltering like Avast provides.
View 9 Replies View RelatedSecurity :: Comments Added To Website Have "http://Yourwebsite" - Is It Spam
Jul 26, 2010On my website/blog I've gotten a couple of comments having what seems to be regular content (name, mail, message), but where the sender website field is set to "http://Yourwebsite". I find it strange that two comments from separate individuals fill the sender website field with this text. Is this possible to find out if these comments are spam or not? Based on the messages alone they don't seem to be, even though it is possible. From what I know the comments code don't enter this value by default.
View 2 Replies View RelatedUbuntu Security :: Use To Encrypt All Data On USB Flash Drive?
Apr 18, 2010Folks:What can I use to encrypt all data on my USB flash drive? If possible, could I use something that has a public Key, so I do not have to type in a password to access the information when I plug the drive into my machie, but will not open or display contant if the drive is plugged into anyone else's machine, unless they have the public key?
View 7 Replies View RelatedUbuntu Security :: Alerts When Apache LOGS Contain Certain Data
Jul 10, 2010Does anyone know of any software that can monitor the Apache logs for certain phrases or keywords then send an alert when found? For example I know an attempt to hack has been made when I see log entries like this....
/admin/
/admin/phpadmin/
/phpadmin/
But by the time I see it, the attempt has long since failed or succeeded. What I need is a way for my server to alert me WHILE someone is entering these phrases. I realize there may be a "hit" to performance but my server is not that busy anyway (except for hackers).
Ubuntu Security :: Check Data Flow For Viruses?
Aug 2, 2010i was thinking that is there a way to check data flow for viruses? i mean if i set up calm av in my internet sharing server could it detect anything in incoming and outgoing data ?!!
View 2 Replies View RelatedSecurity :: NTFS Data Recovery From Ubuntu Live CD?
Dec 6, 2010I have a windows install that is totally hosed, bluescreens, etc. I want to try to force mount it from Ubuntu to get whatever data I can, but it won't allow me to mount. It keeps telling me to run chkdsk /f and reboot twice. But that's not possible. I was wondering if there are any ntfs tools for Ubuntu or any data recovery tools I can use to get what I can from this drive.
View 3 Replies View RelatedUbuntu Security :: Retrieve The Data From Hard Drive?
Mar 24, 2011I have a friend that has a computer running UBUNTU he has not used in a while and has forgotten the user name and password for it. Is there away to retrieve the data from this hard drive?
View 2 Replies View Related
