how safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?
View 4 RepliesI have one doubt that is how can we actually connect a system in private network with the system in a public network using IP address. I have one system in private network (in my campus) I need to connect it with the system on public network (home) using IP address and communicate with each other. How can I do it or is there any other way of connecting these two systems more easily?
View 4 Replies View RelatedI'm completely new to Ubuntu, I've just installed 10.04 and this is only the second week I've had it, and I'm not sure what is going on with this. Whenever I try to check for updates I get this message: The repository may no longer be available or could not be contacted because of network problems. If available an older version of the failed index will be used. Otherwise the repository will be ignored. Check your network connection and ensure the repository address in the preferences is correct.
Quote:
GPG error: [URL] feisty Release:
The following signatures couldn't be verified because the public key is not available:
NO_PUBKEY 2D6CFB44DD800CD9
Failed to fetch cdrom://Ubuntu 10.04 LTS _Lucid Lynx_ -
Release i386 (20100429)/dists/lucid/main/binary-i386/Packages.gz
Please use apt-cdrom to make this CD-ROM recognized by APT. apt-get update cannot be used to add new CD-ROMs
Failed to fetch cdrom://Ubuntu 10.04 LTS _Lucid Lynx_ -
Release i386 (20100429)/dists/lucid/restricted/binary-i386/Packages.gz
Please use apt-cdrom to make this CD-ROM recognized by APT.
Apt-get update cannot be used to add new CD-ROMs Some index files failed to download, they have been ignored, or old ones used instead.
Is there a direct link to Lucid updates?How can I download the linux-headers* updates from a public computer? This terminal runs only ms s/w.
View 5 Replies View RelatedI recently got a nice, lightly used IBM Thinkpad laptop. It has wireless capability for the Internet. Linux is the only OS in the laptop. At home, I don't have wireless-- I have a wired DSL connection for my laptop and for my IBM desktop (which also only has Linux as OS).
When I took the laptop to the public library, wireless is provided there for free and I had no trouble connecting to the system there. But since I'm new to wireless, what do I need to have installed to have a secure laptop when in the public library (or when I'm anywhere else that offers free wifi) using the wireless connection? [I use Firestarter as my firewall in the laptop and in the desktop.] Do I have to install some software to make sure my laptop is secured from spying and invasions when in the library or is the Firestarter enough? If Firestarter is not enough, what is that wifi security software by name?
[My OS is MEPIS 8.5, a Debian-based distro.]
So, it is my understanding that Ubuntu's automatic updates do not install ANY updates that are not "important security updates." For example, it did not upgrade me to Firefox 4 automatically; I had to do it myself (Don't all new browser versions usually contain new security features/patches? Oh well...That is a separate question entirely).
ANYWAY, is there some way to get the latest stable versions of all of my open-source software automatically (or at least all at once, on command), instead of just security updates? It seems silly to have to install new versions for every program manually.
Also, related/side question: Now that I have installed Firefox 4 myself (via apt-get by adding the mozilla-stable PPA), will I stop getting security updates for Firefox through the standard Ubuntu update manager?
Actually, a really thorough explanation of the whole automatic update system (or a link to one) would be great too.
I am trying to figure out the best way to set up 1-1 NAT for three public ips to three private ips through a ubuntu gateway machine.
I am running ubuntu server 9.10 and the set up is:
Internet/ISP modem -> NIC 1 Ubuntu Gateway Machine NIC 2 -> Three PCs with Private IPs
I had a few questions on how to do this correctly and securely.
1) What packages do I need to install (aside from the basic ubuntu server installation and possibly DHCP3-Server)
2) How do I assign all three public IPs to the NIC connected to the ISP modem? All addresses will be static, will I need the DHCP3-Server package?
3) Once I have the three public IPs assigned how do I map each specific public IP to the private IP address associated with it and provide the correct loopback? I want to make sure each response from the internal machines are sent out as their specific public IP.
4) Aside from allowing all connections, how should IP tables be configured to allow web services to one internal machine, mail to another internal machine and DNS to the other internal machine?
It seems to me that he passwords kept in GNU Keyring Seahorse, are not kept very safe, because if I'm logged in and someone access my cumputer they can see my passwords that are saved there. I have set a keyring password, but it seems that is it not all the time locked.What are some general follow guide rulles to make sure my passwords are kept safe and my encryption keys that I use.
View 2 Replies View RelatedI've got a p12 certificate (I own the secret key), and I would like to export the public key to gpg keyservers. How to achieve this?It works flawlessly inside gpgsm and kleopatra, but I cannot send keys:
Code:
$ gpgsm --send-keys 0xDA4E5DD0
gpgsm: this command has not yet been implemented
I just found a neat way to encrypt a file in Ubuntu 10.04.
I right click on a file and select the Encrypt option. The program prompts me to "Choose Recipient" so I choose myself on the list. Then it prompts me to enter my passphrase.
Once all that's done I hit enter and it adds .pgp to the end of whatever file just encrypted. The same basic method is used to Sign the file.
Does it sound as though what I said is correct and that the file I wanted to encrypt was indeed encrypted?
Can anyone crack my files without the passphrase? I'm sure it depends on the complexity and length of the passphrase.
I am using Fedora on my desktop pc. I want to know how can i protact my PC from outside world. What firewall policy should i implement in iptables to keep it more secure.
View 5 Replies View RelatedSo yesterday I receive a copy of the SANS @RISK security vulnerability newsletter, and, lo and behold, Mozilla's Firefox and Thunderbird are on it yet again. (Yeah, I know, shocking, isn't it?)So I quickly check what versions I have installed. Yup: Vulnerable.I check whether updates are available.These are pretty serious "remote code execution" vulnerabilities and the status is "vendor confirmed, updates available." So why isn't my 9.10 desktop's update manager telling me updates are available?
View 9 Replies View RelatedI'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
With an Ubuntu 10.10 upgraded from 10.04, under Software Sources, Updates, there is a radio button marked "Install security updates without confirmation." I have this radio button marked, but still get "Important security updates" almost daily in my update manager. I don't remember this feature actually ever working.
View 9 Replies View RelatedI have an encrypted document (with my key) which I should decrypt. After the generation of my key, my computer is formated and new reinstalled. Now GnuPG find my key public and I can't use it for decryption!
View 9 Replies View Relatedwhen I apply port forwarding to my router @ home? Is it a risk to every computer on the network or just specifically the server that is involved?
View 9 Replies View RelatedI opened a specific port in my router and manually configured Limewire to use the same port for all traffic, but I notice when I disable and turn off Firestarter when on limewire, my searches go really fast and dowaloads zoom really fast also I am not running as root. Is this ok to temporarly stop the firewall when I am on Limewire and then turn it back on when finished?
View 9 Replies View RelatedI would like to know if you guys think this is a safe plugin/extension to use with either Chromium or Firefox.
There is an old page that shows it had security issues in the past.[URL].. Would it be safe to use this or do you think someone could use it to steal my passwords, etc. while browsing?
I'm currently running OpenSuSE 11.3. I'm afraid as newer versions are released they will demand more of my old PC (Dell Optiplex GX270). Also, I've heard of issues with newer Linux distributions having issues with older Intel hardware (just hearsay, not personal experience). However, patches for specific OpenSuSE releases have a limited window of time.So,
Am I much more at risk to security issues if I keep a version of Linux past its patch date?Is it possible to keep a specific Linux release but still be able to receive security essential updates based on my repository selection?
How do you know if a site is safe to download from ?
Have only been using Mint 11 for 3 days after 7 years with windows and the usual safety nets there were the https headings and firewalls blocking stuff but how do you know something is safe in Linux ?
In short how do you know it's a trusted site ?
Other than Firestarter, how safe is it to use an iptables firewall for Linux if you know the basics of iptables but not the details and not exactly what you're doing with iptables? I want to be very secure without configuring iptables myself if possible or doing as little as possible. If you don't think iptables is safe if you don't really know what you're doing, which firewall you can use (Slackware specific, preferably) that is the easiest to install and configure? Are there any that work like free Windows firewalls, other than Firestarter? I've looked around and looked at slackbuild and can't find a Firestarter package, I searched this site also and saw something about the reason there isn't one. I'm concerned with my security and I don't want to write my own iptables firewall - I don't fully know what I'm doing.
View 6 Replies View RelatedI can't get this to work on my machines.
So far I have:
1. created a key with ssh-keygen on the server to be logged in to
2. copied the .pub key to my local machine
3. chmod 700 ~/.ssh on both machines
4. chomd 600 ~/.ssh/ic_rsa on the server, and on known_hosts on my local machine
5. added the .pub key to ~/known_hosts on my local machine
my local machine doesn't have an "authorized_keys" file which is what everything is telling me I should append my .pub key to. The only thing that was in my .ssh folder was known_hosts, so I tried that. I also tried making an authorized_hosts file to no avail, changing permissions appropriatly on all files.
Should I/Can I reset ssh in some way? Is there are reason I don't have an authorized_keys file or is my known_hosts file my authorized_keys file?
Would it be better just to uninstall/reinstall ssh?
looking at my router logs i've noticed for the past while a range of source ports from 60000 to about 65000 from my source external ip to destination external ip always on port 80. I have 3 boxes on this network and this only seems to happen when i connect the one laptop. I even reinstalled the distro downloaded from trusted source but the router is still logging this.. netstat -ntulp shows nothing operating in this range. chkrootkit shows nothing.. Was thinking maybe someone was spoofing the external address but it's been happening on network startup for a month now
View 4 Replies View RelatedSo I know Linux has iptables, I'm rather new to linux, and I'm wondering, are the stock settings with Ubuntu/Kubuntu safe? Is there anything I need to do make them more secure? I tried adding rules myself for some things but ended up just not being able to do anything so I had to reset back to stock with iptables -F. Should I be safe running as-is?
View 4 Replies View RelatedWhat if someone tampered with some important security updates, and suddenly you get a rootkit instead?
View 4 Replies View RelatedI am new to Ubuntu so Iwant to know,Am I safe when on-line with the default installation settings on? If not what should I do?
View 6 Replies View RelatedWhen I go to the Runesacpe page to run the game I get a message that says that the aplit is not signed.
Is it safe to run.
Does anyone know what it does, other than just run the game?
A new open source package called Lightning Rod will help to close security exploits in Adobe's dirty Flash code. A presentation made at the 26th Chaos Communication Congress showed that the package does its job by reviewing incoming code before the browser executes it. Heise Online is reporting that this method can block over 20 different known attacks and can even be used to filter out malicious JPG attacks. As more vulnerabilities are discovered they can be added to Lightning Rod to close the breach.
View 2 Replies View RelatedDoes anyone know when we'll see Firefox 3.0.19 packaged for 8.04 LTS? I'm still stuck at 3.0.18. And what will happen after this? My understanding is that after .19 Mozilla is dropping support for FF 3.0.
Upgrade policies not withstanding, I find it rather annoying when an "LTS" release doesn't keep up with the most security-critical package in the distro, the browser. 8.04 LTS should have moved to FF 3.5+ a *long* time ago. Now it seems it will be forced to do so or else just forget about browser updates for the last year of 8.04?
I know I can install the current Firefox with ubuntuzilla, I just keep wishing Ubuntu would do it for me.
Is there a way to to check if the system has the available security updates installed? Specifically, I am looking to do this programmatically.
View 1 Replies View Related