Ubuntu Security :: Run Flash And Java Without Compromising Security?

Aug 14, 2010

is there a way to run flash and java securely? stupid question i guess. i'd like to use a couple of sites that require them but don't want to open my box up to the bad things that can happen with these. videos, pandora etc. i don't know linux security well and just wonder what the ramifications of this will be?

View 9 Replies


ADVERTISEMENT

Ubuntu Security :: Privilege Escalation / Compromising Administrator Rights

Jul 24, 2011

I have been wondering if a guest user could compromise a machine which is set in the following way: they are not able to open the computer case, to boot from either an USB flash drive or an optical-disc drive, nor have any knowledge of the administrator-user password. Thus, they are landing on their guess account, and have to work their privilege escalation from there.

Therefore, what can they do to gain it? Could they download or otherwise install or run from a thumb drive an application that could be used to crack the administrator-user password? Because, it seems to me, could they enter into the system such a password-cracking application, the whole system could be compromised given the administrator-user password contains less than 9-or-so characters. What do you think? Can I lend my computer to anybody without them having beforehand gained my trust in them? Is the reasoning reasonable?

View 9 Replies View Related

Ubuntu :: Flash / Java And Open Office Security Exploit

Jun 9, 2010

I read this morning that MicroSoft and Adobe Flash released a huge security update to counter the threat of malicious apps taking over systems. Included in the fix was Excel spreadsheets. Apparently a hacker could send a spreadsheet that if opened could remotely take over your machine. I opened my update manager and there was a sizable Open Office and Java update.

Question: Are Linux/Ubuntu machines susceptible to the security flaws?
Question: Since Adobe Flash is considered proprietary and not updated through the Ubuntu update manager, do I have to manually update that package?

View 2 Replies View Related

Ubuntu Security :: Default Trusted Root Certificates In Java 1.4

Feb 20, 2011

Which are the default trusted root certificates in Java 1.4? How can a 4096bit certificate be installed in Java 1.4? (as it seems to produce an error).

View 2 Replies View Related

Ubuntu Security :: Malware-gen In Class Files With Latest Java?

Apr 4, 2011

I browse with Firefox and I had been running a pretty vanilla install of Ubuntu 10.4 (with a few things like tomcat and mysql) I supposed the repos kept everything (like java) up to date.

Some time ago I replaced OpenJDK with SunJDK.
java -version is "1.6.0_24"
which java is /usr/bin/java

Yesterday, for the first time, I downloaded and ran an Avast! scan. It complains of "Malware-gen" in several class files in what I think is the java cache. Does anyone know how this could be?

View 2 Replies View Related

Security :: System Have No Antivirus / Detection For Java Exploits And Other Flaws - Why Is So?

Dec 9, 2010

Recently I had a Java exploit on Windows. Luckily Microsoft Security Essentials identified and removed it. Such things can happen on Linux as well, from what I've heard. Why does Linux offer no such detection?

View 14 Replies View Related

Security :: Can't Import A Cert - Signed With OpenSSL- Into A Java Key Store Using Keytool

Feb 11, 2011

When I do a "openssl x509 -in server1.pem -issuer -noout" after I've supposedly signed it with the CA, the issuer is, for some reason, the DN string of server1. If server1 generated the CSR, and it is coming up as issued by server1, doesn't that indicate a self signed cert? How could the CA be producing a cert that has an issuer of another server? Am I just completely off base? Sorry, I'm a bit of a newb with the SSL pieces.

I hope this is the right place for this, but I'm having some difficulty using the java keytool and OpenSSL tool on a Solaris system.

I have a server (CA server) with OpenSSL installed that I would like to use as a Certificate Authority. The second server (server1) is a WebLogic server with JDK 1.6.0_21. I'm trying to configure it to use a certificate that has been signed by server1.

For some reason it keeps giving me this error when I try to import the signed SSL certificate: keytool error: java.lang.Exception: Public keys in reply and keystore don't match

Am I doing something wrong in this whole process?

1) Generate the Private Key for the CA server
openssl genrsa -out CA.key -des 2048

2) Generate the CSR on the CA
openssl req -new -key CA.key -out CA.csr

3) Sign the new CSR so that it can be used as the root certificate openssl x509 -extensions v3_ca -trustout -signkey CA.key -days 730 -req -in CA.csr -out CA.pem -extfile /usr/local/ssl/openssl.cnf

4) On server1, create Server Private Key KeyStore keytool -genkey -alias server1 -keysize 2048 -keyalg RSA keystore server1.jks -dname "CN=server1.domain.com,OU=Organization,O=Company,L=City,ST=State,C=US"

5) On server1, create a CSR from the recently created Private Key
keytool -certreq -alias server1 -sigalg SHA1WithRSA -keystore server1.jks -file server1.csr

6) Transfer the CSR over to the CA (server1) so that it can be signed openssl x509 -extensions v3_ca -trustout -signkey CA.key -days 365 -req -in server1.csr -out server1.pem -extfile /usr/local/ssl/openssl.cnf

7) Transfer CA Public Cert to server1 and Import into keytool keytool -import -trustcacerts -alias CA_Public -file CA.pem -keystore server1.jks

8) Import recently signed CSR to app server keystore (This is where I receive the error) keytool -import -trustcacerts -alias server1 -file server1.pem -keystore server1.jks

View 1 Replies View Related

Ubuntu Security :: How To Encrypt A 9.10 Flash Drive

Feb 16, 2010

I loaded Ubuntu desktop onto my flash drive with the USB Installer For Ubuntu from [url]

I'll be placing sensitive data on the drive & need to figure out how to encrypt it. From what i've read so far, the easiest way will be to encrypt the swap, /home, tmp, temp files. Not quite sure how to do this. I'd prefer to encrypt the whole drive, but this seems quite complicated.

View 5 Replies View Related

Ubuntu Security :: USB Flash Drive With A Virus

Jul 31, 2010

A while back I had been using ubuntu on a live cd after my windows partition had been taken over by a virus, which at the time I thought had been removed by my anti virus (and then took out winlogon) and I did a system repair instead of a complete reformat because I didn't want to lose all of my files. After repairing, I noticed some things like what looked like fake "this page has been blocked based on your security preferences" on major sites like ....., myspace and facebook. I ran another virus scan with a different AV and strangely it detected a behavioural software keylogger, which after looking it up seemed to be something that could only be installed with physical access to the system, which confused me. Anyway, this is when I started to use the live CD to copy some of my music, videos, pictures etc. onto my flash drive. From what I can remember, I used this USB on my main computer without problems, but the last time I used it (few months ago) I ran a virus scan afterwards, just to feel safe and it came up with a couple java exploit trojans. This was probably just coincidence and I hadn't ran a scan in a day or two, possibly even a false positive as I noticed no decrease to system performance or any odd happenings.

So, my questions are: Is it even possible for a virus from a windows partition to copy itself to a USB flash drive on an ubuntu live cd; and is it possible (if the virus was even capable of this) if I insert the flash drive into my ubuntu computer, it could do anything like transfer across my WLAN to my windows computer, or even copy its files onto ubuntu but be unable to do anything? Which brings me to another question: if I visit a website that may contain drive-by malware or a virus of any type, is it capable of acting at all, such as even trying to transfer itself into my home folder, or does it not even recognize ubuntu at all and do nothing?

View 2 Replies View Related

Ubuntu Security :: Lock PC With Flash Drive?

Nov 6, 2010

Is there a program like BlueProximity but works with a file on a flash drive which will lock up the computer if it does not detect a file on a flash drive. What I am wanting to do is make certain features inaccessible if the flash drive is removed so if anyone uses my computer they can't hurt anything.

View 1 Replies View Related

Ubuntu Security :: Use To Encrypt All Data On USB Flash Drive?

Apr 18, 2010

Folks:What can I use to encrypt all data on my USB flash drive? If possible, could I use something that has a public Key, so I do not have to type in a password to access the information when I plug the drive into my machie, but will not open or display contant if the drive is plugged into anyone else's machine, unless they have the public key?

View 7 Replies View Related

Ubuntu Security :: Can Flash Player Bug Take Control Of Computer

Jun 6, 2010

Reading from this article New Flash Bug Exploited By Hackers : How to avoid it? In particular the article said

Quote:

A new attack on a Flash bug has surfaced that would give attackers control of a victim�s computer after crashing it, reports PC World. Adobe put out a Security Advisory about this on June 4. It is categorized as a critical issue and all operating systems with Flash are vulnerable including Windows, Linux, and Apple and it is also found in the recent versions of Reader and Acrobat.

View 4 Replies View Related

Ubuntu Security :: Update Flash Player In Firefox?

Oct 29, 2010

Will the newest version be in the repositories or do i have to go to the flash website?

View 9 Replies View Related

Ubuntu Security :: Encrypt Passwords On USB Flash - What Distro?

Dec 27, 2010

How would You encrypt Passwords [emails,forums,accounts] onto USB Flash the most Secure way? (It should be command line so I can use any Linux distribution on it.) Is gpg -c <filename> secure enough ? And what FAST distro would you install on it? I'm learning on old USB flash and found SliTaz pretty damn cool,I use it as a LiveUSB. Also I've tried Kubuntu but it's bit slow. Going to try Lubuntu soon too. Any other idea?

And I'd like to install some FAST distro onto new 8GB mini USB flash drive,maybe Kubuntu as well. How would you partition its Flash drive? Probably separate partition for stored encrypted files?

View 2 Replies View Related

Ubuntu Security :: USB Flash Drive - How To Set Access Permissions

Jan 23, 2011

What should I do if I want to allow access to USB flash drive selectively - Say for e.g. All permissions for "root", "Read/Write" for user "A", Only "Read" for user "B" and user "C" shouldn't be able to access or mount (no permissions) the USB flash drive at all.Also I want to do it by modifying entries in some files or by some commands (so that it can be done programatically if needed)

View 5 Replies View Related

Ubuntu Security :: Secure Wipe USB Flash Device?

Feb 1, 2011

I tried to do 'srm', 'wipe', 'shred'... whatever terminal commands to securely wipe a '/dev/sdc' (USB flash device) but it says that the device is read-only. How should I go about securely wiping it ?

View 2 Replies View Related

Ubuntu Security :: Use Clamtk To Scan Flash Disk?

May 18, 2011

I use clamtk to scan flash disk. It says the engine is out of date. What do I do to update it?

View 1 Replies View Related

Ubuntu Security :: Run Debian As Live Version From USB Flash Drive

Jun 4, 2010

I want to run Debian as a live version from my USB flash drive. Does this provide the same amount of security from hackers as installing Debian as the only OS on my netbook. Windows ce would still be on my netbook?

View 5 Replies View Related

Ubuntu Security :: New Vulnerabilities In Adobe Flash Became A Thread For Users?

Oct 30, 2010

1. May new vulnerabilities in Adobe flash became a thread for linux users? [URL]
2. By the way I would like to know if computer with linux can became a member or botnet somehow?

View 2 Replies View Related

Security :: How To Restrict Option Appearing In GUI Flash Screen

Aug 21, 2010

We can restrict CTRL+ALT+DEL from command prompt by changing inittab file but how that can be achieve in gui on reboot?

View 4 Replies View Related

Security :: Managing Flash Cookies - Relocating ~/.macromedia ?

Oct 27, 2010

I use different browsers for sites like facebook and general browsing (specifically rekonq for facebook, firefox for others).
However, I find that Flash cookies are shared between browsers, and are not cleared when clear my browser cookies.

Flash cookies are kept in ~/.macromedia, and it's OK for me to clear this periodically with a little cron job. However, I would really like separate places for flash cookies from rekonq and firefox.

Does anyone know how to do this? Maybe there is an environment variable which allows this?

My second implementation option would be to make a chrooted environment for each browser or something like that.

View 4 Replies View Related

Ubuntu Security :: Mount Flash Drive Encrypted By Truecrypt Using A Keyfile?

Dec 15, 2010

I have two questions regarding auto mount function of Truecrypt. First question:

I want to automatically mount my flash drive encrypted by Truecrypt using a keyfile whenever I plug the drive. How can I do this? I use Ubuntu 10.10.

Second question:

As I do not know the answer of my first question, I currently use following command in a startup script to mount my encrypted flash drive automatically at every system start-up.

Quote:
/usr/bin/truecrypt -k ~/keyfile --auto-mount=favorites

My problem with this method is, Truecrypt always search for the drive in the same path saved in favorite drives list, e.g. /dev/sdb1. However sometimes there are more than one flash drive plugged to my computer and my encrypted drive's path changes. In such cases Truecrypt cannot mount my encrypted drive because it cannot find the drive in its path.

As a workaround I tried "auto-mount=devices" parameter. It is slow because it checks every mounted drive, and some of them external hard disk big in size. Moreover it does not recognize any mount point parameter. I'd like to mount the drive to the same mount point every time.

Quote:
/usr/bin/truecrypt -t --auto-mount=devices -p "" -k ~/keyfile /media/MyMountPoint

The command above mounts the drive however it is slow and to the destination of "/media/treucrypt1".

View 3 Replies View Related

Ubuntu Security :: Login Panel Is Worse From Security View Point

Jan 19, 2010

ubuntu 9.10 login panel is worse with respect to ubuntu 8 since now all the users with names are shown without a way to hide them!Why don't keep the old way at least as an option?

View 5 Replies View Related

Ubuntu Security :: Selecting The 'Available To All Users' Option In Network Mgr Mess With Security?

Oct 15, 2010

To avoid having to input a password for the keyring each time I connect to the net via wireless, I enabled the 'Available to all users' option in Network Manager. Now, my question is this. Are the 'users' it refers to just those created on this machine? Would a drive-by be able to use my network without entering the password?

View 3 Replies View Related

Ubuntu Security :: Basics Of Good Security Of Small Commercial Website?

Jan 17, 2011

1. I understand you can protect your files or directories in your website by setting file/directory permissions. The meaning of r w x is clear to me, but I'm not sure how to proceed... Starting with the index.html file, if I wanted to make it so that anyone in the world can read it but can't modify it, do I set its permissions to rwxr-xr-x? If I set it to rwxr--r--, would that mean the file couldn't be served? I mean, what does the x setting do on a .html file, how can a .html file be executable?

2. If file permissions work on the lines of owner-group-others, in the context of a website, who is 'group'? As far as I can tell, there's only the owner, which is me, and others, which is the world accessing the site. Am I correct in thinking that by default, say when creating a website on a shared hosting server, there is no group unless I specifically set one up?

3. My ISP allows the DynDNS.org service, meaning that I could serve a website from my home. It's too early to go that route just yet, but for future reference, I would like to ask about the server software called Hiawatha. It is said to be secure, but having read some evaluations of it, it doesn't seem to offer anything that couldn't be accomplished with Apache or Cherokee, it's just that its security settings are simpler and easier to configure. Am I right about this? Or does Hiawatha truly offer something that the other major server packages don't?

View 9 Replies View Related

Ubuntu Security :: Updated Browsers Using Update Manager Have Lost Security Login Pages For Web Mail?

Mar 3, 2011

i updated both browsers i have and lost my secure log-in pages (no padlocks showing ) concerning different Web mail accounts.Just before i did these updates i checked an unrelated thing on-line regarding my sound card of which i kept a copy of and got this message below :

!!ALSA/HDA dmesg
!!------------------
[ 12.762633] cfg80211: Calling CRDA for country: AM

[code]....

View 2 Replies View Related

Ubuntu Security :: Internet Security Status Feeds Via Conky?

Mar 29, 2010

Conky can be used to display a variety of information on the users desktop. I wanted to use Conky instead to display the current status of security as reported by:

SANS Internet Storm Center
IBM Internet Security Systems
Symantec Threatcon
McAfee Threat Center

I therefore created 4 small scripts which download the current status from these sites, and set the colour of those status's depending on the current value.The conky configuration allows for a semi-transparent background - though this is optional.Attached is an example image showing the 4 different colours.Also attached is an archive with the 4.sh files, .conkyrc and draw_bg.lua (from here http:[url].....

View 2 Replies View Related

Ubuntu Security :: Guidance On Installing Basic Security Software?

May 29, 2010

I just installed Ubuntu on a desktop. Can anyone give me some guidance on installing basic security software? In particular, I'm looking for a firewall, antivirus, and anti-spyware/malware utilities.

View 2 Replies View Related

Ubuntu Security :: Changing Password Seem To Be Potential Security Hazard?

Aug 3, 2010

I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...

When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.

So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.

If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.

View 9 Replies View Related

Ubuntu Security :: Router - Port Forwarding And Network Security

Nov 11, 2010

As it stands I have a small home network operating behind my modem/router. Some of the ports on this are forwarded to my PS3 for gaming but I was looking at forward some for my file server.

At the moment I've forwarded port xxx22 to port 22 on my server for SSH for instance. ANd similarly 21 for FTP (although it doesnt seem to want to connect for any more than a few seconds using that). What I was thinking of doing was placing a small website for a handful of ppl to use on the server too and port forward again - xxx80 to 80. It works just fine but I'm a little concerned on the security front.

As I've moved the port to something different from the outside world I'm presuming I will have already cut the potential for malicious folks to wander in but is there anything else I should be doing? At the moment there's no firewall operating on the server, usually as its hidden behind the modem/router. But if I open this thign up more permanently what should I be doing? I've read a few articles on it but I'm always left with the overwhelming thought of "Thats if theres no firewall in my router" as they just seem to do the same.

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved