Ubuntu Security :: Allow Government To Dig Around In Server?
Oct 16, 2010
I have a rather secure server that I have hardened. Only allow ssh non stranded port and the port 80 for my LAMP. Use aa for everything. The server uses Snort as an IDS and PSAD (port scan attack detection). The firewall is a custom in-line IPT using fwSnort rules. This one was off the chain! As I was upgrading from the 10.04 LTS to 10.10 I was reading ever new file that was being put on my disk with "D" Ubuntu asked me if I wanted to replace the old file with this one.
[code]....
View 1 Replies
ADVERTISEMENT
Feb 6, 2010
We are trying to define an appliance based on Suse for an application server and Web server Apache, so we would like to know configuration best practices for network and security, is there any paper/doc about best practices?
View 3 Replies
View Related
May 8, 2011
I'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
View 3 Replies
View Related
Jul 22, 2011
I've recently been running a game server from my desktop, as well as a web page to accompany it.I use the ports 80/8123(HTTP)/5900(VNC)/50500(GAME)/5839(ADMINISTRATION).What's the best solution to protect my server from security threats? On a side note, I plan on adding a MySQL server later, but I want to keep it local only.
View 9 Replies
View Related
Aug 14, 2010
I'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
View 2 Replies
View Related
Aug 29, 2009
I followed this how to to make a NFS server: [url]
So it means: exports looks like this:
Quote:
Here are some quick examples of what you could add to your /etc/exports
For Full Read Write Permissions allowing any computer from 192.168.1.1 through 192.168.1.255
It means that if sbdy arrives with a linux machine, puts the ethernet cable into the router, then logs as root on his machine, and mount the exports. He can do almost everythg, with permissions chmod'ing ...
Is that LAMP, or i am wrong for nfs kernel servers, the ultimate users/password servers against that to prevent those physical approches /logins?is there good how to ?
View 5 Replies
View Related
Feb 15, 2011
I want to know how can I test my server security with hping3 tool I want to make a virtual DoS or DDoS or SYNK attack in my LAN to test my server security and ability against these attack .Is hping3 a good solution for this or not if yes how can I do this which option of this can make such these attacks?
View 4 Replies
View Related
Mar 1, 2010
I'm using Postgresql 8.4.2-2. I'm trying to remote into my server securely. I figure I could do so with ssh. Apparently I figured correctly, as per, [URL] and [URL] I setup the ssh tunnel. ssh -L 5432:serverip:5432 Then I setup pgadmin3 to connect as follows:
host: localhost
port: 5432
user: postgres
maintenance db: postgres
And I receive the following error:
An error has occurred: Quote: An error has occurred: Error connecting to the server: server closed the connection unexpectedly This probably means the server terminated abnormally before or while processing the request.
I'm not sure what the problem is. I can connect with Code: psql from the cli after connecting to the terminal via ssh. So I know that I'm using the correct password.
View 3 Replies
View Related
Oct 7, 2010
I have NFS set up on my file server on my local network. Right now I'm allowing all local IP's. Now I want to be able to access the shares from home, across town.
Can you secure NFS in any way other than IP restriction, ie. password login? I know I could just use sftp but I want the control and seamlessness of NFS.
View 2 Replies
View Related
Jan 26, 2010
I set up my ubuntu server with iptables that only allows ssh in the input chain (and of course established connections) with only the mac adress of my laptop allowed to connect, set up a key with a long passphrase and installed pam_abl plugin. ICMP echo is blocked by default.
The only problem is i log all other attempts to connect to the server and i see a lot of traffic going to ports 445 and 5900.
My question is: Is there a possibility that these attempts could succeed and is there any way to further ensure this server?
View 9 Replies
View Related
Oct 29, 2010
I have an Ubuntu 10.04.1 LTS server that I set up a while back and I am considering encrypting the whole box. I store everything on the server and if it were stolen from a home robbery it could be quite devastating. The server is using two 750 GB SATA hard drives formatted with LVM. Inside the LVM I have a small partition on the first drive for the OS, SWAP, and everything else on the first and second drive is /var/media which is where I store all the data. I have set up an encrypted LVM on my laptop but that was during the install using the automatic method.
I can't figure out how to do what I want to do and I don't want to risk destroying the data on the server. What I would like is to non-destructively encrypt the server (System, SWAP, and DATA partitions) similar to how TrueCrypt works on Windows and I'd like the encryption key to be stored on a USB thumb drive so when the server boots it requires a hardware key. (And have the encryption key backed up online in case the flash drive dies.) And I'd like to use AES 256.
Code:
View 1 Replies
View Related
Nov 2, 2010
I am trying to figure out how to turn my 10.10 server into a listener only. I have it set up using snort/acidbase. It is grabbing my network traffic just fine. I want to now set up a second server to hold all the data it collects. I need to change the snort server so it only listens. I disabled ping responses, but I want to go farther than that. I want to disable responses all together. I want it to only grab the data and store it.
View 9 Replies
View Related
Feb 19, 2011
Ok im new, i know apparmor is running. i was looking for firestarter but their isnt one.....how do i secure this server? i want a good firewall and some virus protection!. also do i need this?
View 9 Replies
View Related
Jul 27, 2011
what is the best option to securing server via firewall and iptables?
View 9 Replies
View Related
Feb 3, 2010
I am running UFW, which is set to deny everything but SSH on port 22, OpenVPN on port 1194 and HTTPS on port 443. SSH is set to only allow private key logins, and the root account is disabled. I have AppArmor running for all of my daemons (OpenVPN, Apache2, OpenSSH) and I have Fail2Ban running.
Is there anything else I can do to secure my server from the Internet (it is directly connected, there is no NAT between the Internet and my server).
View 4 Replies
View Related
May 29, 2010
broadband cable -> Linksys RTP300 router -> Firestarter -> Ubuntu 10.04 Desktop
sshd and vnc installed and working fine when enabled but the only way is to add my routers ip as a trusted address or add individual port entries for 192.168.15.1... on the linksys i, of course, have the appropriate ports forwarded to the Ubuntu static ip, so basically anyone can try to connect... how can i make the router forward the internet ip of the person trying to connect, so I can lock it down better?
View 8 Replies
View Related
Aug 4, 2010
I installed OpenVPN and gadmin-openvpn-server from the repos and I can't seem to activate the openvpn server in the gui. I have the server certificate generated, and all the information on encryption protocols setup, and accounts named and ready, despite accounts that were already there, such as www-data, bind, ossec, etc being listed. The server log states:
PLUGIN_INIT: could not load plugin shared object /usr/lib/openvpn-pam-auth.so: /usr/lib/openvpn/openvpn-pam-auth.so: cannot open shared object file: No such file or directory.
View 5 Replies
View Related
Oct 11, 2010
I've just setup a new Ubuntu Server 10.10 serving SVN through Apache (HTTP, HTTPS).It seems all ports are open by default on this new server. Why is this? Do I need to lock it down with iptables, or is it secure as it is anyway (somehow)?
View 6 Replies
View Related
Jan 25, 2011
One of my clients is considering implementing GPG or a similar technology to encrypt internal emails. (They have a different system in place already for external mail.) I've done some reading on the subject but can't seem to find any information about how one might set up a keyserver. All the discussions I've seen so far talk about uploading the public keys to a server like keyserverDoes anyone know what software packages might be used to set up our own private keyserver on a Linux machine?
View 2 Replies
View Related
Jun 8, 2011
here is my mail log I have setup virtual hosting with postfix and courier examples from my maikl.info file
Code:
8 14:46:46 dynamicweb pop3d: LOGIN FAILED, user=arthur, ip=[::ffff:95.31.15.64]
Jun 8 14:46:46 dynamicweb pop3d: LOGIN FAILED, user=ashley, ip=[::ffff:95.31.15.64]
Jun 8 14:46:46 dynamicweb pop3d: LOGOUT, ip=[::ffff:95.31.15.64]
[Code]...
View 5 Replies
View Related
Jul 20, 2011
I have a minecraft server running on a P4 box running Ubuntu server 11.04 64bit. Now would it be secure, if I allowed ufw to allow outgoing? Or would this be a huge flaw someone could exploit?
View 6 Replies
View Related
Jan 31, 2010
There was a recent thread in this forum regarding capturing of SSH passwords via the use of wireshark. The thread subject was closed, which is a decision that I both agree with as well as agree with the reasoning behind. The thread, however, raised a point of curiosity and concern that I would like to ask about. Quoting from a the book, SSH, The definitive guide,
The client authenticates you to the remote computer's SSH server using an encrypted connection, meaning that your username and password are encrypted before they leave the local machine. The SSH server then logs you in, and your entire login session is encrypted as it travels between client and server. Because the encryption is transparent, you won't notice any differences between telnet and the telnet-like SSH client.
I was under the impression that SSH was impervious to this type of eavesdropping, and quite frankly I take great comfort in that idea. I personally, only allow RSA keys for SSH access and (hopefully) avoid this problem (?) as a result. Does SSH really have a vulnerability in that the authentication is sent via plain text? How to ensure the security of SSH and not on anything that could be considered a how to 'crack' it.
View 6 Replies
View Related
Jul 21, 2010
I'm having a web server running with ssl version 0.9.8 on Ubuntu 8.0.4. Server is having a valid certificate issued by authorized CA. In the begining client and server able to communicate (beyond handshake) successfully. However, after a couple of days all of the active connections go haywire.
View 3 Replies
View Related
Aug 1, 2010
I installed Ubuntu Server and want to change the default user name to increase the difficulty of accessing the server.Is it possible to do this? If not, can I effect the same change by creating a new user and transferring over permissions, files, and etc.?
View 7 Replies
View Related
Sep 29, 2010
I am running Ubuntu 10.04 on my laptop. I have an Apache web server running that I can access at 192.168.1.102 ("It works! This is the default web page for this server. ...").
Are there any security risks in leaving this running? Is the web server available to anyone outside my network?
View 2 Replies
View Related
Oct 1, 2010
At our company we have a central server with client files. This server has a SSH server installed, and through Nautilus all employees can access the files. However, I have a few questions:
1. Most employees need access to all folders, because they might use them at some point in time. However, I want to make sure they are not accessing things they do not need. How can I do this? For instance, if somebody copies all of the folders to his/her computer, I want to be able to see this in some sort of log. Can this be done? Copying and accessing in general is what is of my concern.
2. Some employees only need access to specific folders. Can this be easily configured with SFTP?
3. Some also use SSH and type commands which I want to check every now and then (e.g. to make sure an intern is not again copying information or accessing folders they should not be in). What is a good way to do this?
View 7 Replies
View Related
Oct 18, 2010
I have a small network at my office (3 workstations, 1 ubuntu desktop that I'm using as a file server). I'm using a WRT54G2 router for networking and internet connectivity. Here's what I'm trying to accomplish: I want to be able to access my little file server from home, across town. I think ssh might be the best way to go now. What I don't know: How do I set up the ssh server on my machine/network without compromising my network security and the security of my server? Do I just set up port/ip forwarding on my router, install openssh, and that's it?
View 9 Replies
View Related
Jan 15, 2011
I am trying to consolidate my servers for a small office (less than 50 computers) and need file sharing/crm or erp database/backup/ftp/firewall/vpn etc). I was going to use endian but that seems to want to run on it's own machine. I was going to run endian in Sun's virtualbox. While researching I have found both guarddog and Lutelwall should work within Ubuntu (no virtual machine needed).
1. Is there a reason to use Endian over Lutelwall or Guarddog?
2. Is there any reason NOT to run a firewall within a VM on the server?
3. Should I just scrap the whole idea and run a router flashed with dd-wrt or tomato
View 6 Replies
View Related
Jan 19, 2011
I'm running an SFPT server which my clients logon to using an FTP client. at the moment each client has a user name and password.
Thus far to improve security I've disabled root login but an looking for futrhrt ways to protect it from attack, having researched using google some of the security features suggested prevent the FPT clients from connecting.
Questions:
1- what further things can i do to secure my server that still allows it to be usable for FTP clients?
2- specifically is it possible to use non login pre-share key authentication?
How i set up the server is shown here: [url]
View 3 Replies
View Related
Mar 30, 2011
I did a NMAP on a 10.4 desktop system. Found tcp wrapper on my system with an open port. Again I do not run a server. etc/host-deny and etc/host-allow contain no active elements. I know tcp wrapper as a great tool to secure a server. Closing the port with ufw gives no result, tcp wrapper still show up.
View 6 Replies
View Related