sshd and vnc installed and working fine when enabled but the only way is to add my routers ip as a trusted address or add individual port entries for 192.168.15.1... on the linksys i, of course, have the appropriate ports forwarded to the Ubuntu static ip, so basically anyone can try to connect... how can i make the router forward the internet ip of the person trying to connect, so I can lock it down better?
I have a question about GNU-PG security for email clients. I have read that this is the best email protection available. I have it among available Ubuntu packages, too, but when I wanted to use it the registration process asked my real name. considering full or the best possible privacy claim, why real name? or is it ok just not to give the real name? I am not advanced in cryptography, could/can this not be avoided?
OSSEC is detecting a trojaned version of /bin/login on a Lucid clean install.[FAILED]: Trojaned version of file '/bin/login' detected. Signature used:bash|elite|SucKIT|xlogin|vejeta|porcao|lets_log|s ukasuk' (Generic).
I am building a PC that dual boots Kubuntu and Windows and want to share the email store. Therefore, I would like to have real time or on access scanning of emails in an antivirus program like Windows does. I am not running an email server, just a desktop using pop3 and eventually imap email.
In previous Debian versions ClamAV and Dazuko used to do this. However, I understand that this setup doesn't work in Lucid. I tried p3scan but that hasn't been updated since 2008, once I managed to install it, it failed to find clamd even though it was running. I understand that clamdrib no longer works for Thunderbird 3. Amavisd as a replacement for p3scan, but this seems to be for mail servers.
I would be really grateful if anyone could tell me how to get on access/real time virus scanning of pop3 and imap emails on a desktop running Lucid with either Thunderbird 3 or Kmail, without having to buy an antivirus program like Avast Or point me to an existing tutorial that I might have missed.
As an aside (don't want much do I?) does anyone know if Kmail can be setup to only download the headers like Thunderbird does?
Is there a 'plugin' for wireshark to analyze traffic and spot infected (windows) hosts? I have been using nepenthes with no luck. (and doubt all hosts are clean) is there some better way (other than using antivirus on each host)?
I have 2 servers each one with a RAID and I want them mirror they data so if one of them goes down the other one take the job with out disruption. I've heard of multipath by I want to know it in detail or learn of more options.
I would like to connect to Linux Server remotely over LAN in graphical modeBut I need access for several users in real time. Everyone must have its own desktop.
I am just out of curiosity working with honeypot and found there are two way for arpd to route the unused IP to honeypot with blackhole and arp spoofing.Now to test, I am arp spoofing 5 machines from 192.168.100.41 to .45 and also honeypot is monitoring this range too. But I have setup a real machine with webserver in between this range and gave IP address 192.168.100.45.Now logically as arp and honeypot both are monitoring this range so they capture this request as below from log:
Now arpd is redirecting the traffic to honeypot machine as there is a real system with real MAC address. But from 192.168.200.10 I can also view the webpage of 192.168.100.45 machine. But most of the time it says "Connection Timed out".
Should it be acting like this or it shouldn't be showing me the webpage at all?
I am currently using curlftps to mount a directory on a ftp server locally as /backup , I then use rsync to do an incremental backup to this directory every night and a full backup at the weekend.A requirement has arose for a similar set up but one that syncs in real time, so if a user puts a file in a directory it immediately copies that file to my ftp server, in this case it immediately copies it to /backup
bash-3.00$ df -h Filesystem size used avail capacity Mounted on /dev/md/dsk/d5 44G 40G 3.1G 93% /u01 but bash-3.00$ du -sh /u01 9.7G /u01 My question is: Why the fist command tell me 40G used but the second command tell me different result? My system info: SunOS INSP-DB1 5.10 Generic_142909-17 sun4u sparc SUNW,SPARC-Enterprise
I am attempting to write a server application in C on a linux machine which listens for TCP connections and transfers data. I am trying to detecton the server side when the connection is broken. The closest thing that I got to work was looking at the return value from sending data. For example the server�s job is to mainly read data from the socket but to test if the connection is still up the server sends data periodically back to the client. I look at the return value from send() to determine if the connection is broken e.g.
Code:int ret = send(session->clientSocket, &data[sentCnt], count - sentCnt, MSG_NOSIGNAL)I found that this does not immediately return an error when the connection is broken. The reason for this is because even though the connection is broken send() is still successful because it is able to put it on the network buffer. To fix the issue I did the following things;
I have postfix setup with amavisd and I tried to send myself an email with the eicar file however it lets the email go through to my inbox. When I restart the amavisd service, there are no errors in the log and it finds all the decoders for different file types and I also see this come up:
Feb 8 14:45:44 Mailgate amavis[3116]: Using primary internal av scanner code for ClamAV-clamd Feb 8 14:45:44 Mailgate amavis[3116]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Everything seems to work but it doesn't scan the file for viruses. Also, I've double and triple checked and my amavisd.conf file doesn't have the option enabled to bypass virus scanning.
We are trying to define an appliance based on Suse for an application server and Web server Apache, so we would like to know configuration best practices for network and security, is there any paper/doc about best practices?
I'm trying to check my server's bandwidth usage in real time, installed the following programs but none worked so far.
Iptraf - No results even when using iptraf -u Tcptrack - Error : pcap_loop: cooked-mode frame doesn't have room for sll header Iftop - No results, everything 0b
Are there any programs that displays bandwidth usage in real time and actually works on VPSes? Or getting real time bandwidth usage on a VPS is simply impossible?
I have a real system user say 'test', created in a number of system groups, up to 3 additional groups (including ftp of course). Its set to the usual standard directory /home/test. But what if I wanted to use /home/test as their home directory but login to what would be unknown to them to be ProFTP to make them go in say [URL] or something random like that, how is this done? Just been through things like this:
We have a production web site running apache 2.2.3 across several web servers. we also have a major problem with SPAM comments right now. our method of identifying valid IPs (whether by external clients/customers, or internal personnel) vs SPAM'ers is not ideal - its prone to erroneously labeling legit IP's as targets to be blacklisted.
What we need is.. a way to see how much distinct request traffic is coming from any given IP address to the site in real time (or very near realtime). Essentially we want to see in some graphic/chart way requests per sec to apache / per ip sorted by requests per sec.Would nTop do this? I've only used this in a limited form at a branch office, not on a production web server.
Here comes my problem: I am installing a new unit with Fedora Core 5,I will use it as my internet server. I need one additional PCI network card but it is not detected during installation.what shall I do?
So basically what I am trying to do is install Ubuntu 10.04 on a Dell Poweredge 2600 server. Right now I dont care wither I get the server version or the desktop version, I just need to get it on their. this is what I have run into. When installing the regular Ubuntu 10.04 desktop for 32bit, the server just locks up on the very first ubuntu install screen and the keyboard lights just start blinking non stop. When I use the server version, the server get to the Detecting Network Hardware and locks up at 94% and the keyboard will also start blinking nonstop. I have looked all over for an answer to this problem and have yet to find one. This guy figured out how to make it work but he never mentioned what version he was using. [URL]..
On this server I have 6 HDs, 5 of them are RAID 0 with 1 Hot Spare. I have also tried using the ubuntu-10.04.1-alternate-i386.iso.torrent and still had the same problem. I have spent the last 3 days searching all over google and the forum to an answer but had no luck.
what the recommended way to set up real-time (or near real-time) folder synchronization among 2+ servers. I looked a rsync but that doesn't sound real-time and it looks like its something that you might put in a cron once an hour.
I'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
I've recently been running a game server from my desktop, as well as a web page to accompany it.I use the ports 80/8123(HTTP)/5900(VNC)/50500(GAME)/5839(ADMINISTRATION).What's the best solution to protect my server from security threats? On a side note, I plan on adding a MySQL server later, but I want to keep it local only.
I'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
I would like port 80 to have a small daemon running on it that detects HTTP traffic and sends a small redirect response, and any other traffic begins streaming data from my VPN daemon. I was wondering if this has already been made, or any kind of technology for detecting types of traffic and allowing you to run multiple types of servers on the same port.
I am hosting two Virtual Servers both running Centos 5.3 on a host machine also running the same OS. The VM software in use is Xen, as supplied with the OS.The host machine's time and date is fine, however both Virtual Servers are running ahead of real time consitantly.Running /etc/init.d/ntpd restart will resolve the issue however one of these is running MailScanner and when the time suddenly goes backwards, sometimes by as much as an hour, it stops working properly.
I followed this how to to make a NFS server: [url]
So it means: exports looks like this:
Quote:
Here are some quick examples of what you could add to your /etc/exports
For Full Read Write Permissions allowing any computer from 192.168.1.1 through 192.168.1.255
It means that if sbdy arrives with a linux machine, puts the ethernet cable into the router, then logs as root on his machine, and mount the exports. He can do almost everythg, with permissions chmod'ing ...
Is that LAMP, or i am wrong for nfs kernel servers, the ultimate users/password servers against that to prevent those physical approches /logins?is there good how to ?
I want to know how can I test my server security with hping3 tool I want to make a virtual DoS or DDoS or SYNK attack in my LAN to test my server security and ability against these attack .Is hping3 a good solution for this or not if yes how can I do this which option of this can make such these attacks?
I'm using Postgresql 8.4.2-2. I'm trying to remote into my server securely. I figure I could do so with ssh. Apparently I figured correctly, as per, [URL] and [URL] I setup the ssh tunnel. ssh -L 5432:serverip:5432 Then I setup pgadmin3 to connect as follows:
An error has occurred: Quote: An error has occurred: Error connecting to the server: server closed the connection unexpectedly This probably means the server terminated abnormally before or while processing the request.
I'm not sure what the problem is. I can connect with Code: psql from the cli after connecting to the terminal via ssh. So I know that I'm using the correct password.
I recently installed Ubuntu 10.04 via Wubi (Dual-boot with Win 7; everything went smoothly; was able to install Nvidia drivers, various packages and everything went silky smooth overall. This morning I attempted to log-in to my Profile (on Ubuntu) and I found that my Keyboard would not respond; I attempted to unplug and replug the keyboard back in, restart the computer, everything; yet it will not detect my keyboard.
