How to detect intrusion in my desktop ubunta 9.10 version ? which command that could direct tell me about any change in my files ? I would like the procedures that protect my system from intrusion , i am using firestarter and keep tracing the network by using netsta -tap ?
View 2 RepliesMy desktop (the system AIDE runs on) is reguarly updated, and the file output can become enormous, making it hard, if not impossible, to track down out of place files. I have recently thought of uninstalling it since I can't tell what is out of place and what isn't, but before I do that I wanted to ask everyones opinion regarding what would be the best way to handle such a program on a desktop that has some core files changed reguarly. This sytem is running Gentoo, so updates affect a number of directories.
View 6 Replies View RelatedIs an ubuntu live cd totally secure from intrusion? Stated another way, even if someone knows my ip address, can the live cd environment be hacked into in any way so that another could monitor what I am doing on my computer? From my understanding the live cd is read only, so that would prevent anything malicious being installed on it. I am curious if there are other ways a box running a live cd could be tapped into.
View 6 Replies View Relatedsoftware to use against Intrusion and such. The thing is that I don't want to have several anti virus programs running at the same time due to collision.
View 9 Replies View RelatedI'M A NOVICE and some days ago my web server was down (apache issue) and I found the following file called .bash_history in the folder /var/www/ :
cd /tmp
ls
wget [MODERATED]
[code]...
the following security alert made me checking my httpd.conf:
Code:
Summary:
SELinux is preventing the http daemon from reading users' home directories. Detailed Description: SELinux has denied the http daemon access to users' home directories. Someone is attempting to access your home directories via your http daemon. If you have not setup httpd to share home directories, this probably signals an intrusion attempt. Even though in httpd.conf there is a line that reads
Code:
LoadModule userdir_module modules/mod_userdir.so
in the same conf-file the access to home-dirs is disabled:
Code:
<IfModule mod_userdir.c>
[Code]....
How do i check for updates to the current version of rkhunter and if possible upgrade to a new version?
View 2 Replies View Relatedi would like to replace my Ubuntu Desktop version with the Netbook version. I dont mind losing my current data on the desktop version but if there is a way for me not too i would love to know
View 2 Replies View RelatedI have installed Ubuntu 10.10 desktop version on my Lenovo L420 laptop. Now my friend told me that if I had installed laptop version on it then it would have recognized events related to laptop like closing down the laptop screen and all.
Q1. Is there any way by which I can upgrade it to laptop version?
Q2. What are the differences between both?
Just got my AW M11x and I am following a thread on installation issues and work around. My question is should I install the desktop version or the Netbook version? Not sure the best location to post, if incorrect please move accordingly Wanting to run gimp, open office, wine to access MS office (use for school) and possibly install photoshop for raw work gimp cant handle.
View 5 Replies View RelatedWhen I was changing my password with the "passwd" command in Debian Lenny, after the confirmation, I received the following message: Bad: new password is just a wrapped version of the old one
I know the passwords are not saved in clear text, but hashes. Even further, when a single char changes in the string (the password in this case) the hash is completely different. So, how does linux detect a wrapped version of an old password?
I am using a simple javascript to connect my flv streams with Red5 (streaming server) every thing is working perfectly fine in Mozilla and Chrome.
But when it comes to IE it simply wont load the player.
Here is my script code...
How do I detect the client browser and redirect him to adobe flash upgrade page if the client browser does not have a supported player?
i have a problem with iptables when i use nmap to scan ports then ports shown.this is my rules on my firewall.Quote:
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1002:40080]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
[Code]...
I would like to detect every login on my server. Not only ssh logins (virtual terminals) but also physical logins.There is a way to use nagios or a script to watch log files.But I would like to know is there a way to catch that information one step before.I thought about watching /dev/pts for changes but that is not different than log watching and everything does not appear in /dev/pts like a ssh tunnel (ssh -N user@server). These are only visible in logs because ssh tunnels do not open terminals.But I would like to be able to catch these on login.
View 8 Replies View RelatedTrying to figure out which Intrusion Detection System would be best for me. I've got a CentOs 5 / Linux / Apache system. If you've got experience with either (or both ) , please let me know your thoughts. I'm looking for the one thats not as technical, And a bit more user friendly I guess.
View 4 Replies View RelatedIn the past i used OpenSUSE for a few months, in OpenSUSE all updates related to security labeled as "Security Update" like updates related to Firefox, unlike OpenSUSE in the Debian i did can't find a way to detect security updates.
View 5 Replies View RelatedI have just suscribed into this forum. I have a problem: my notebook (NOTEBOOK SATELLITE L300-SP5917A - INTEL CORE 2 DUO T6400 (2.00 GHZ - 2 MB L2 - 800MHZ FSB) - 15.4 WIDESCREEN TRUBRITE TFT LCD - 400 GB SATA 2 .5 5400 RPM - 3GB PC2-6400 DDR2) doesn't boot ubuntu after the last security upgrade. I have wubi installed.I have Windows Vista and Ubuntu in the boot menu. I select "Ubuntu" and that leads me to the GRUB shell. I'm new in linux. It seems that GRUB doesn't detect the kernel. Maybe the file menu.lst has been deleted, or something similar, but I can't make my ubuntu to boot.
View 4 Replies View RelatedI have been told that some virus scanners for linux (including but not limited to AVG, Antivira, clamAV, others) are available to ubuntu. My question is which of these still CURRENTLY support detection of WINDOWS viruses in addition to linux viruses. I would like to boot the Ubuntu live jump drive I have to scan windows machines and at least detect viruses, dont really need to repair. who knows which virus scanners compatible with ubuntu that will detect windows viruses as well
View 3 Replies View RelatedI have two servers behind different networks. First network is protected with firewall provided by the router and there is no firewall in the server:
[Code]....
As you see, there are no difference in nmap output If I check with tcpdump, which packets are sent from 192.168.217.73 and 192.168.13.19(tcpdump -i eth0 src host 192.168.217.73 and tcpdump -i eth0 src host 192.168.13.19 respectively) towards me during nmap scan, there are none. It's understandable, as there should be no reply when port is filtered. Is there somehow possible to detect, whether firewall is active in the server or in the router?
In my network I have 25 workstations and some serves. Everything working in local LAN with firewall. The problem is that on one machine (I dont know which one) is installed software which sending data to the internet. Actually I dont know what it is. Last time as I remember was trojan which can create new network interfaces in windows and send some data to the internet. The half speed of my network connection is used by this infected machine. How can I detect which machine it is? How can I listen/capture some traffic and analyze from which machine I have more connections.
Please take a look on this time. Instead of 141-150ms should be 4-5ms.
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=1 ttl=249 time=141 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=2 ttl=249 time=135 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=3 ttl=249 time=147 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=4 ttl=249 time=127 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=5 ttl=249 time=156 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=6 ttl=249 time=129 ms
64 bytes from web30.ispnetz.de (62.xx.191.74): icmp_seq=7 ttl=249 time=188 ms
How can I detect which machine is infected using only linux and keyboard ?
I always use VNC to check my server for updates, and this morning I started the xvnc4viewer to vnc into my server and it keep asking for a password. I never setup a password because I do this local from my laptop, and I am the only one who uses my laptop. I had to go to my server and check the setting in System > Preferences > Remote Desktop and found them all changed. There was a password setup and there was a check mark in the you must confirm each access to this machine there some security update that changed all these setting? Sometimes when I do updates I don't know what is being changed on my server
View 9 Replies View RelatedSo I've read a bit and it seems that this is okay and secure. But I wanted to double check here with everyone, because I trust here more than just about anywhere. I've read about the hipporemote (which is pretty cool) and I have it working. Basically I want to make sure my system is still secure.
1. I had to open a port on my firewall for the VNC connection.
2. I turned on the Remote Desktop
2a. Checked Allow other users to view....
2b. Checked Allow other users to control....
2c. Checked You must confirm.....
2d. Checked for password, and put in a password
2e. Checked Configure network automatically to accept connectios
So with doing all of that, am I ok? I think so, especially since it says its only accessible on my local network. But I just wanted to hear from people who know more than I do that I don't need to worry any more than normal about others accessing my machine. I'm mainly thinking 2e, I don't fully understand what's going on there.
I have set up a virtual machine under VMware Player 3.1.2 in Debian. Operating system of this virtual machine is a Windows Server 2003. I would like to periodically test this Windows Server 2003 installation for viruses. Obvious solution would be to install an AV software under this Windows Server 2003 installation. However, I was wondering, is this possible to use NOD32 for Linux or clamav in order to test this Windows Server 2003 installation for viruses? Is NOD32 for Linux able to detect viruses inside the .vmdk file?
View 1 Replies View RelatedI've made OpenPGP keys using gpg 1.4.9.I have a public key and a sub key.And a passphrase.I can distribute the pub key. What is sub key? Can I distribute sub key?I think the phasephrase is the private key. Right ? (in the RSA Algorithm)?Where to use the Secure Shell Key? And why to distribute it?
View 1 Replies View RelatedI checked on clamav web site but no way to install it yet on Maverick.
View 4 Replies View RelatedI am looking at switching from the 10.04 desktop version to the netbook remix version.I was wondering the easiest way to do this, and if I will lose all my files in the process.. I have an Acer Aspire One A0532H-2254 10.1" and a lot of Windows wont fit in my smaller screen, which is extremely frustrating.Also, if doing so would cause me to lose all my files, best way to back up about 56 Gigs of movies and music?
View 2 Replies View RelatedHow, using the command line can I detect my wireless card and make it work under SUSE Enterprise Desktop? The wireless card works in Win XP.
View 8 Replies View RelatedI'm trying to turn off SSH root login on Ubuntu 10.10. However, changing PermitRootLogin=no (/etc/ssh/sshd_config) do not work. Here is the sshd_config:
[code]...
Ok so i have a IOn based PC that i use for only xbmc. I previously had a full ubuntu 9.11 install.
I had to reformat the drive but i could not get audio working. I gave the ION Optimized live CD a go and it worked with HDMI audio running perfectly. The thing is when i close xbmc i don't have a desktop, it just goes to command line.
I need to install lirc, copy some keymap files into my xbmc folder and then setup wireless. What would be the best way? Can it all be done through command line? Can i install a desktop environment?
I got the fresh installation of Ubuntu 10.04 desktop version.But it asked for username and password to login. I didn't set any username and password.I tried tose ubuntu and blank.Try ubuntu - it still ask for username and password .Install ubuntu - it still ask for username and password .
View 9 Replies View Related