Questions Tagged With security

HOW TO USE ALL INODES IN MY SYSTEM

ashokkrishna — Fri, 24 Oct 2014 10:36:39 -0400

MY UBUNTU PC HAS THE FREE INODES I WANT TO USE ALL OF THEM WITH A AUTOMATIC SHELL SCRIPT. HERE ONE THING I DON'T WANT TO CREATE ANY FILE THAT MEANS WITHOUT CREATING ANY FILE I HAVE TO USE ALL FREE INODES IS THERE ANY COMMAND ? OR SCRIPT?

Error when configuring Linphone to use SIP (TLS) and ZRTP encryption

landroni — Tue, 12 Aug 2014 05:51:32 -0400

I am trying to configure Linphone to wrap all media communications in an encryption layer (on Xubuntu). According to their website, Linphone supports:

Secure communications (TLS, SRTP, zRTP)

However, when I try to configure Linphone in Options > Prefs > Network Settings > Network protocol and select SIP (TLS) then Linphone immediately complains with the following error message:

Could not start tls transport on port 5060, maybe this port is already used.

Linphone works just fine when I switch back to SIP (UDP).

What is wrong and how can I fix it?

virus that has compromised my eee pc 900

xxfool — Tue, 17 Sep 2013 20:14:13 -0400

I have a serious virus that has compromised my eee pc 900. I found this virus before and posted the thread. I was unclear with my questions and everyone that helped me in the forum were very kind. Again today my internet was being used by another party, it is encrypted and I am the only person that has the password. I have snap shots of the details of when I sign on to my wireless that show unknown wifi attached. I checked the DOM Inspector and have 8 screen shots of all the files that were cloned, redirected and had been attached to. I tried several different AV's with no success. Does anyone have any suggestions? I would greatly appreciate any input you may have.

How to best penetration test Linux?

tuxthepenguin — Mon, 10 Dec 2012 17:10:41 -0500

In order to pen-test linux, which points would you attack?

CertWatch indicates expired cert but can't fix it

Patrick Nelson — Tue, 02 Oct 2012 11:09:46 -0400

One of our servers running Fedora 16 started sending the following message to root in an email:

################# SSL Certificate Warning ################

Certificate for hostname 'server11.<servername>.com', in file (or by nickname):         /etc/pki/tls/certs/localhost.crt

The certificate needs to be renewed; this can be done using the 'genkey' program.

Browsers will not be able to correctly connect to this web site using SSL until the certificate is renewed.

##########################################################
Generated by certwatch(1)

Because it is a self-signed cert you really can not use genkey to renew, so I tried issuing a new self-signed cert with:

grep SSLCertificate /etc/httpd/conf.d/ssl.conf

and grabbed the location of the certs

SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

Then I checked the permissions of these files with

la /etc/pki/tls/certs/localhost.crt /etc/pki/tls/private/localhost.key

Then I created the cert with

openssl req -new -days 365 -x509 -nodes -out /etc/pki/tls/certs/localhost.crt -keyout /etc/pki/tls/private/localhost.key

When prompted I entered

Generating a 2048 bit RSA private key
..........................................+++
.................+++
writing new private key to '/etc/pki/tls/private/localhost.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:<MyState>
Locality Name (eg, city) [Default City]:<MyCity>
Organization Name (eg, company) [Default Company Ltd]:<MyCompany>
Organizational Unit Name (eg, section) []:<MyDepartment>
Common Name (eg, your name or your server's hostname) []:server11.<servername>.com
Email Address []:<Admin Email>

I then checked the files again with

la /etc/pki/tls/certs/localhost.crt /etc/pki/tls/private/localhost.key

All looked OK and the new files were there with the right permissions. So all seemed to work out fine but I'm still receiving the cert expiration warning. What am I missing?

Login problem in RHEL 6.0 Beta

Ashi Sharma — Tue, 13 Jul 2010 10:15:34 -0400

I have downloaded RHEL 6 beta from www.redhat.com site and installed it on my PC successfully. When I want to login with root in GNOME/KDE, the system gives me a error message that AUTHENTICATION FAILED and I'm unable to login while I can login with root from terminal/text mode.

But I can login with other user or local user successfully.

Please help me and solve my this problem.

Are there PC monitoring tools for Linux?

Andy — Mon, 12 Jul 2010 15:29:58 -0400

I'm looking for a Linux monitoring tool that I can install on one of my Linux boxes used for backing up data. I'd like to know, besides using a form of shell history, if there is way to capture all keystrokes and place them in a root-only accessible location? Or perhaps maybe what I am looking for a global shell history program that the individual users can't access to add to or remove from. Just curious if anyone knows of any such tool suite.

Putting "." in PATH is insecure?

Joehillen — Thu, 01 Jul 2010 06:49:32 -0400

So I read in a Linux book that the reason the current directory, aka ".", is not in PATH is because it is insecure to do so. How? What vulnerability does this create?

Packet sniffing software for wireless networks

Chris Stewart — Thu, 01 Jul 2010 04:05:21 -0400

I'm interested in learning more about security and I'd really like to run tests against my network here at home to see just what is accessible by modern software. What readily available packages are out there that I can run against my network to see what's being exposed, quite likely without my knowledge?

How do I chmod a file in USB device with Built in Rom that displays as iso9660 (ro filesytem)?

James 1 — Sun, 27 Jun 2010 07:22:01 -0400

Hi - I am using a data transfer cable (by targus) to move files between computers. It moves files quickly between macs and pcs etc but I am unable to get it to work on Linux (Ubuntu Lucid Lynx). The problem is that the software is that is installed is autorun from the device itself by the usb device mounting itself as an iso9660 Cd rom. This is a brilliant idea but I am unable to chmod the executable bit on the program file in order to wine it up. I have tried links, symbolic links and mounting it in everyway I can think. It's an unusual device and I am not that experienced as a linux user (25 years + with pcs though so I can find my way about) so any help would be greatly appreciated.

MAny thaks

Java support on Linux for applets

William — Tue, 15 Jun 2010 15:07:43 -0400

I am setting up a new web site for a client using image encryption displayed by applets and a colleague of the client using Linux has reported that he cannot see the images. Although they display fine for me on all platforms using the test computers at the office I am worried that there may be a lack of support that I am missing.

So I am wondering who can and who cannot see these images and if there is a problem, is it due to older browser cross java versions available? Some encrypted images for testing can be found at http://www.artistscope.com/secure_image_demos.asp

Detecting A Compromised Host

gjcwilliams — Sat, 08 May 2010 12:54:50 -0400

Okay so you have installed your distribution of choice and done all of the recommended hardening security steps such as encrypted paritions, configured your firewall (iptables/tcpwrappers), installed a file integrity checker/host intrusion detection system (tripwire, samhain, ossec). You also regularly check for rootkits using tools such as (rkhunter, chkrootkit) and audit/harden your machine following (lynsis / bastilles) recommendations. Only running services which are necessary and disable any which are surplus to requirements. Keeping up to date with security patches, maintaining good file system permissions and regularly reading your system logs.

Although the above is not a fully comprehensive list, If you have implemented the above chances are your in pretty good shape. However my question is what additional steps do you take to protect/prevent your host/network from becoming compromised and more importantly if it was how quickly would you know about it?

For example here is a few things that I personally do on my Linux boxes.

Create an MD5 hash of my currently running iptables check this every 15 minutes if it has changed something has been added/removed.
I create separate partitions for various mount points such as (/var,/usr,/tmp,/boot,/home) etc and use mount options such as NOSUID, NOEXEC, READONLY. I then check every 15 minutes and compare the current mount options to ensure none of them have changed, If one of them suddenly writable I want to know about it.
Monitor netstat's output for listening services and comparing this against a file which contains a list of known good services/ports which I have approved. If any new services start listening I will be informed and can check whether this is legitimate or a potential backdoor.
Perform a daily scan of my local home network using nmap/ndiff to detect any foreign hosts or determine if any other hosts are listening for new services.
Implement and check that critical files (/etc/passwd, /etc/shadow, /etc/group ...) are immutable (chattr +i).

The above checks can be performed regularly using a cronjob. Obviously if someone roots the box swiftly some of these checks are going to be useless if the attacker gets an opportunity to disable them. Although if you have more than one Linux box you can configure them to check on each other which adds an additional layer of protection.

I am keen to know what the rest of the community does and any funky hurdles they place to trip an attacker up?

encrypting file or all data on hard drive

paranoid — Tue, 04 May 2010 02:15:34 -0400

I wish to encrypt certain files or even better all data files that I create and download to my Ubuntu laptop in order to protect them from unauthorized users. What are my options? What are problems to watch out for? Is there any program that will encrypt/decrypt everything going in and out of specific directories on the hard disk transparently?

Content filtering on Ubuntu 10.04

Adam — Mon, 03 May 2010 23:50:48 -0400

I have a laptop that I am running Ubuntu 10.04 on. My wife and I would like to setup some kind of content filtering software on it so that we can keep track of, and limit the kinds of websites our children can visit, etc. Currently I also have a Windows 7 pc running a program called Safe Eyes, which I have found to be wonderful software. Unfortunately, Safe Eyes is not available for Ubuntu.

We both really like Ubuntu, but from what I have been able to discover, there isn't any real content filtering software out there for it. Does anyone know of something that will solve this problem. I am fairly new to Linux, but I have a knack for computers, so even if the software is a little bit difficult to configure, I'm game especially if it has decent documentation.

Thanks!

firewalls, anti-virus and spyware

peteuplink — Mon, 12 Apr 2010 18:30:42 -0400

I've just started using Linux a couple of days ago when my windowsXP restore disk for my laptop wouldn't work, so I decided to try Ubuntu instead. So far I'm really enjoying using it. I liked it so much that this morning I created a 2nd partition on my desktop PC and installed Ubuntu to that as well.

I would like to ask about firewalls, anti-virus and spyware. Well basically do I need a firewall and anti-virus and what sort of risk is spyware to Linux systems?