I've just setup a new Ubuntu Server 10.10 serving SVN through Apache (HTTP, HTTPS).It seems all ports are open by default on this new server. Why is this? Do I need to lock it down with iptables, or is it secure as it is anyway (somehow)?
View 6 RepliesI have installed Ionix vCM onto a Red Hat Linux box. It correctly communicates with the collection server if I use the Ionix certificate. However, if I use a self-generate certificate, communication fails.
(1) How do I determine which PKI certificates are resident on the Red Hat box?
(2) How do I manually install a PKI certificate?
im totally rubbish at command line. I have a small business server for home use, thats where i work from. I have Windows Small Business Server but a lot of the time its crap and am trying Linux. I have Ubuntu 10.10 installed on a desktop and while im new to it im very impressed. I also have a MAC and i must say id rather have Ubuntu.
Now i want to use Linux Server but its all command line and i want the GUI. Iv tried to do this on Ubuntu Server 9.04 and no sucess at all , iv followed the instructions from other posts, (1) sudo apt-get update, (2) sudo apt-get install ubuntu-desktop and nothing works. Is there a way to install the GUI or is there a Linux Server with the GUI pre-installed?
I currently have a windows server running with XAMPP installed.I want to try out ubuntu server, I am a complete linux newbie and was wondering if there was a similar package to XAMPP out there with:ApachePHPMySQLAnd some form of ftp server
View 5 Replies View RelatedI've setup OpenVPN-ALS (formerly known as Adito) on Ubuntu Server 10.04 edition. I have a security router (Untangle) in front of my internal network. I have a domain name and an SSL Certificate setup on our security router. I can access our web interface on our security router with no problems.
I've setup a portforward rule on our router to access this OpenVPN-ALS portal and I can access it, but I get an invalid certificate message. So I've bought another SSL certificate to install our our Portal, but I'm getting an error message when I enter in our information at the provider where I've bought the certificate.
Common Name does not contain fully qualified domain name. I'm not sure what the problem is. Do I use the hostname I've setup on the portal or do I use the hostname on my security router when I setup the SSL certificate on our portal?
I don't care so much the practicality and needlessness of actually setting up a computer for proxy server for personal usage, but none-the-less, i want to do it, and i'm just wondering about hardware.The proxy, i don't intend on having a desktop environment, so it'll be a terminal interface.But for a system that will handle traffic for 3 pc's and a ps3, how much hardware would one suggest i need, as far as RAM, HDD space, so on and so forth.
I was thinking it would be fun to do with with my old amd k6-2 processor and it's 32mb of ram, but in order for that pc to work, i'll need to replace a few hardware pieces, and before i dumb money into it and pull it out of the closet, i want to find out if it would even be worth my time to do it.
I installed Ubuntu 9.10 and tomcat 6 java servlet container. I am trying to run the tomcat server on port 80, so I edited tomcat's configuration file (server.xml) and changed the default port from "8080" to "80". I launched tomcat server, went to my browser and entered:[url], but it says can not find server/location. Then I edit the server.xml and revert back to port "8080" and then enter: [url] and everything works fine. So my guess is some other service is taking up port 80, but I would think not, since I just installed Ubuntu and made sure apache isn't installed or running.
So I went to "System" --> "Administration", then choose "Network Tools". I then executed Netstat and did not see anything taking up port 80, but I do see port 8080 taken (assuming it is the tomcat server). Then I also did a Port Scan and entered my IP number. Again, I don't see port 80 taken, but do see 8080 being used.
I had a winxp laptop computer behind home wireless and was running tomcat 6 server fine with it, but it over-heated and died recently. So I got a used laptop and just installed Ubuntu 9.10. I have not changed my wireless router settings. It is the same as before. So I have ruled out my home's hardware/network equipment.
So here now I sit, wondering what is up?
For security reasons, is port 80 initially blocked by Ubuntu for some reason? Is there something I have to do beforehand to free up port 80?
Is there a way to to check if the system has the available security updates installed? Specifically, I am looking to do this programmatically.
View 1 Replies View RelatedWe are trying to define an appliance based on Suse for an application server and Web server Apache, so we would like to know configuration best practices for network and security, is there any paper/doc about best practices?
View 3 Replies View RelatedI installed fail2ban from the Ubuntu Software Center (Ubuntu 10.10) and everything seemed to go fine. But when I try to access the client I get this output:
Code:
wolfgang@Culture:/var/log$ fail2ban-client status
ERROR Unable to contact server. Is it running?
[code]....
I'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
View 3 Replies View RelatedI've recently been running a game server from my desktop, as well as a web page to accompany it.I use the ports 80/8123(HTTP)/5900(VNC)/50500(GAME)/5839(ADMINISTRATION).What's the best solution to protect my server from security threats? On a side note, I plan on adding a MySQL server later, but I want to keep it local only.
View 9 Replies View RelatedI've installed Clamav antivirus from synaptics but I can't find it on any menu now. How can I run it?
View 4 Replies View RelatedI recently installed Ubuntu Linux and did not encrypt the home directory during the install. Now I want to encrypt my home directory, or even better the whole hard drive.
View 2 Replies View RelatedI have a major major issue with an encrypted /home directory. I had used encryption on my home directory when I installed 9.10. However, I had not noticed that I needed to store the automatically generated passphrase anywhere. Now, upon installing 10.04, my home directory would not decrypt. I checked my .encryptfs directory and the wrapped-passphrase file is GONE. I only have the Private.sig files from my 9.10 installation and of course know the login password I binded to the passphrase. I can see my .Private directory with filenames starting with ECRYPTFS_FNEC_ENCRYPTED. Now, my PhD thesis which I have to deliver in 2 weeks is in there. With no backups. How to recover my data. If no 'normal' method would work, is it possible to use a brute force attack and feed it my login password?
View 3 Replies View RelatedI am relatively new to Ubuntu and may have a security breech. I was recently looking over synaptics installed packages on my PC and noticed JOHN installed on my system. This was never installed by me nor do I think this entire APP is a dependency of something that may have been installed.My questions are... Has my system been compromised? I use an elaborate password as well as UFW.Can I determine who installed this package (i.e. local user account or remote user)?Can I determine when? The system was installed only 3 days ago.Can I determine if there have been any instances of a successful or failed remote connection to my PC?
View 9 Replies View RelatedIn Ubuntu 10.04 LTS, I have downloaded and installed texlive (2011). They have issued the following warnings:
1. "To the best of our knowledge, the core TEX programs themselves are (and always have been) extremely robust. However, the contributed programs in TEX Live may not reach the same level, despite everyone�s best efforts. As always, you should be careful when running programs on untrusted input; for maximum safety, use a new subdirectory."
What does this exactly mean? The installed program has already created own directories and subdirectories (e.g. /usr/local/texlive/2011/bin/i386-linux). Am I supposed to create a new subdirectory in home to write files and run latex program? Exactly how do I know that the downloaded and installed program is not malicious?
2. "Finally, TEX (and its companion programs) are able to write files when processing documents, a feature that can also be abused in a wide variety of ways. Again, processing unknown documents in a new subdirectory is the safest bet."
what is implied by "a feature that can also be abused in a wide variety of ways".
I'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
I want to install Ubuntu 10.04 in my USB flash drive and boot from it because in my working place, only centos is installed in workstations.In advance, I thought of encrypting the installation of Ubuntu in the USB flash drive and In would be very thankfull if some can give me some help regarding this.Basically what I need is, encrypted Ubuntu installation in my usb fashdrive and can boot from it.
View 2 Replies View RelatedWhen you have a computer whose hard drive is partitioned with one part Windows and the other Linux, what are the concerns with viruses and transference across the two systems? Can viruses infect the windows side brought over through the Linux side (Firefox) or are the partitions completely separated? In other words, if all of your Internet voyages are through Firefox under Linux, is there any danger of infecting the Windows side of the computer? What about when having Linux installed within the Windows portion as a virtual system?
View 2 Replies View RelatedI need to know whether Ubuntu can be hacked when it is installed as a dual boot with W7 by hacking windows and getting access to the Ubuntu partition?
What I would also like to know if this way can be used to put a key logger or screen capture in Ubuntu which installs next time Ubuntu is started?
I just installed it by following steps in [URL]
but when I run "msfconsole", I got the following error messages telling me that ruby-openssl is not installed. I installed it "apt-get install libopenssl-ruby" but same message still comes again. I'm running Ubuntu 9.10.
root@qa-ud910-32-1:/opt/metasploit3/msf3/external/ruby-lorcon2# msfconsole
*** The ruby-openssl library is not installed, many features will be disabled!
*** Examples: Meterpreter, SSL Sockets, SMB/NTLM Authentication, and more
[-] ***
[Code]....
Is there a firewall installed and running in 10.04? If so are there any gui tools for configuring it and where are they? If there is not a firewall, what should I install to get one properly up and running?
View 2 Replies View RelatedA few weeks ago I did a WUBI 10.04 LTS install on a Windows XP desktop that went perfect. System ran great until this morning. I was prompted to install "Security Updates", which I allowed the system to do, but thereafter was unable to boot. What happens is at the point of selecting either Windows or Ubuntu for booting, and I choose Ubuntu, the computer goes right back into a re-boot process and brings me back to the Windows/Ubuntu boot selection prompt. It doesn't even bring me into the secondary boot level of asking which type of Ubuntu boot I want (generic, etc.). Is there a solution for this problem besides reinstalling Ubuntu?
View 1 Replies View RelatedI installed IBSng in ubuntu-server .but i can not start this server :Code:[root@myserver]# /etc/init.d/IBSng start.: 8: Can't open /etc/rc.d/init.d/functions"functions" file is in RPM base system . and ubuntu have not this file
View 2 Replies View RelatedI want to install L7 iptables on my Linux that is used as a firewall for my internal network composed of some 200 computers. For my IDS , I plan to use Snort. Can I install snort on the same linux that I use as my firewall, or I have to install it on a different PC. Do I need to make use of L7 iptables, while I implement Snort. Shall I use Snort as IDS or IDPS? Where is the best place to install Snort, inside or outside the fire wall? Do I need to have a separate professional proxy installed on the linux, or the L7 proxy is sufficient? What would be the minimum hardware resource that Snorts requires(CPU, Ram)? For better security and performance , do I need to replace my present Linux with a PIX or any other hardware firewall?
View 1 Replies View RelatedI recently had to reinstall ubuntu, so I backed up both my ~.gnupgp and ~.gnome2 folders and copied them over in the new installation. My old keys show up just fine in the password manager, but when I attempt to open a file encrypted with one of them, I get the error: "Could not display (name of file): There is no application installed for PGP/MIME-encrypted message header files"
View 1 Replies View RelatedWhat's the best way to tell if a package is already installed? I can't seem to find a way to do it with apt-get.
View 5 Replies View RelatedI am an avid ubuntu desktop user, however I started working at a company that runs their firewall, mail and proxy server on centos 5.2, all was working well so never needed to tamper with it, however we (myself and the administrator) randomly decided to install squid3 for its features, the install went well, however squid3 didnt run as we wanted it to, after looking into it reading some material on the net, we realised how stupid we were to not to test it -sigh- so weve purged and removed it and reverted back to 2.6, now however we even have issues with that too, we install squid 2.6 and start the service and we get errors that stop, and starting fail, however the status of squid shows its running. How to get it back to working order?
View 3 Replies View RelatedI have installed CentOS and Redhat5 on a LVM partition and selinux is enabled. Both OS's share the same /home partition with one user with the same login(gc) and same uid (1000). The problem I am having is that gc can login with all permissions etc on the OS that was installed first (CentOS). For the redhat OS gc can login but cannot write to the home directory (or startx since X needs to write to Xauthority)Here are outputs - 1st CentOS
[gc@shuttle ~]$ ll -Zd $HOME
drwx------ gc gc system_ubject_r:unlabeled_t /home/gc
[gc@shuttle ~]$ stat $HOME
[code]....