Go Premium for a chance to win a PS4. Enter to Win

x

Linux Security

The Linux operating system, in all its flavors, has its own share of security flaws that allow intrusions, but there are various mechanisms by which these flaws can be removed, generally divided into two parts: authentication and access control. Authentication is responsible for ensuring that a user requesting access to the system is really the user with the account, while access control is responsible for controlling which resources each account has access to and what kind of access is permitted.

Share tech news, updates, or what's on your mind.

Sign up to Post

bash-4.4$ mv -i dir2 dir3                                                                                                                          
bash-4.4$ ls -ltr                                                                                                                                  
total 12                                                                                                                                          
-rw-r--r-- 1 14392 14392  978 Nov 22 16:46 README.txt                                                                                              
-rw-r--r-- 1 14392 14392    7 Nov 22 16:47 456.txt                                                                                                
drwxr-xr-x 2 14392 14392 4096 Nov 22 16:49 dir3                                                                                                    


i tried as above but i did not get warning  like below

mv: overwrite `dir2'?


i tested with files also but no warning coming

bash-4.4$ touch a.txt                                                                                                                              
bash-4.4$ mv a.txt b.txt                                                                                                                          
bash-4.4$ ls -ltr                                                                                                                                  
total 12           …
0
Industry Leaders: We Want Your Opinion!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

I am getting this error message, when I was trying to run rpmbuild --rebuild lin_tape-3.0.23-1.src.rpm on Red Hat Linux 7.4 (Kernel version: 3.10.0-693.1.1.el7.x86_64). Can some one let me know what is problem and what should be the proper procedure to fix it. Here is the output mentioned below,

#rpmbuild --rebuild lin_tape-3.0.23-1.src.rpm
Installing lin_tape-3.0.23-1.src.rpm
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.sCvFVM
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf lin_tape-3.0.23
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/lin_tape-3.0.23.tgz
+ /usr/bin/tar -xf -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd lin_tape-3.0.23
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ exit 0
Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.KGligF
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd lin_tape-3.0.23
++ echo x86_64-redhat-linux-gnu
++ cut -f 1 -d -
+ p=x86_64
+ '[' x86_64 == i386 ']'
+ '[' x86_64 == i586 ']'
+ '[' x86_64 == i686 ']'
+ '[' x86_64 == ppc64 ']'
+ '[' x86_64 == powerpc ']'
+ '[' x86_64 == powerpc64 ']'
+ '[' x86_64 == s390 ']'
+ '[' x86_64 == s390x ']'
+ '[' x86_64 == ia64 ']'
+ '[' x86_64 == x86_64 ']'
+ proc=AMD
+ make KERNEL=3.10.0-693.1.1.el7.x86_64 PROC=x86_64 SFMP=0 driver
make: Nothing to be done for `driver'.
+ exit 0
Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.hQeoFx
+ umask 022
+ cd /root/rpmbuild/BUILD
+ '[' /root/rpmbuild/BUILDROOT/lin_tape-3.0.23-1.x86_64 '!=' / ']'
+ rm -rf …
0
I'm trying to run x11vnc with the --passwdfile option. This option sends a challenge string to the VNC client. The client opens a dialog on the user's screen asking for a password. The client then sends the response string back to the VNC server. The VNC server calls the program referenced by the --passwdfile parameter with this string in the following format:

A two-byte length (in this case 16), followed by the challenge string (16 bytes), followed by the response string (16 bytes). What I get back, in hex is:
 0: 0A 6E 65 78 74 0A 31 36 0A 23 36 F4 E1 03 EE 30    .next.16.#6....0
10: 16 85 FC E9 4C F1 F5 16 5C 2C D5 5C 93 C2 21 29    ....L...\,.\..!)
20: 3A DF C2 A2 7C E9 1F 1A D7                         :...|....

Open in new window

The <newline>next<newline> can be ignored as this is debug stuff from my script. The strings are:
Challenge:
23 36 F4 E1 03 EE 30 16 85 FC E9 4C F1 F5 16 5C

Response:
2C D5 5C 93 C2 21 29 3A DF C2 A2 7C E9 1F 1A D7

Open in new window

The manpage defines the response string as, "client's response (i.e. the challenge string encrypted via DES with the user password in the standard situation)." I have no further information or documentation. I assume one must use the challenge string to decode the response string and get the user-entered password, but I've no idea how to do that.
0
hi

How to Make The Text Cursor Automatically when i'm on console text ?
I use directly on boot the tty console and desactivate graphical mode.

Thanks for your reply,

someone talk me about : /etc/inittab, or /etc/fstab
But i don't think it's good idea to modify 2 by 5
0
So we have Linux 6.5 Server and when ever I SSH into it from a workstation to view the audit logs my UID is attached to someone else that is logged in (SSH) AUID.

I understand that the AUID is the Audited User ID and UID is the user ID.  So if I login as MikeP my AUID and UID should be MikeP and if I, from that log  in should ssh to a different machine using different credentials that the AUID stays the same but the UD changes to the new credentials.

So if MIkeP ssh to another workstation as Mike-local then the AUID should stay MikeP and the UID now becomes Mike-local.  

However, for us that is not happening.  The AUID is selecting who ever is attached to the system when we SSH or login locally.

Has anyone experienced this before and what could be causing it?

Thanks,
john
0
I’m having trouble setting up LUKS on a Red Hat Test Server. I decided not to have a DEV prompt for a passphrase at boot but to use manual decryption instead. This is supposed to require execution of the cryptsetup commands and mounting. I attempt to set it up on a blank second disk I recently installed. Here’s the session…

**************************

sudo cryptsetup luksOpen /dev/sdb crypt-sdb
# enter /dev/sdb password

sudo cryptsetup luksClose /dev/sdb crypt-sdb

**************************



This then caused RHEL to freeze and force a cold reboot. I then used yum to run updates. I try again…



**************************

sudo cryptsetup luksOpen /dev/sdb crypt-sdb
# enter /dev/sdb password
#[<username>@localhost dev]$ sudo cryptsetup luksClose /dev/sdb crypt-sdb
Device sdb not found

# [<username>@localhost dev]$ sudo mount /dev/sdb
mount: can't find /dev/sdb in /etc/fstab

**************************



So I attempt to enter /dev/sdb in /etc/fstab but unsuccessful since it’s read-only. I try this.



**************************

[<username>@localhost etc]$ sudo cryptsetup luksFormat /dev/sdb
[sudo] password for <username>:

WARNING!
========
This will overwrite data on /dev/sdb irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase:
Verify passphrase:
Cannot format device /dev/sdb which is still in use.
[<username>@localhost etc]$ sudo umount /dev/sdb
umount: /dev/sdb: not mounted
[<username>@localhost …
0
Hi Experts
i need to disable ubuntu desktop 17.10  GUI and startup with command or tty only
i googled for this and i found that i need to run this command
sudo systemctl stop lightdm.service
but i got error the lightdm is not available
0
I am using rubinus 3.86 and CentOS7(x86_64).
The installation directory is / var / home / ap / rubinius.

I attempted to install nio4r using the gem command and it failed.
The log at that time is as follows.

It is described as "method_missing", but what does it mean?

cat /var/home/ap/rubinius/gems/extensions/x86_64-linux/2.3/nio4r-2.1.0/gem_make.out

current directory: /var/home/ap/rubinius/gems/gems/nio4r-2.1.0/ext/nio4r
/ var / home / ap / rubinius / bin / rbx -r ./siteconf20171112-15122-n0ryc2.rb extconf.rb --with-ldflags = - L / var / home / lib / gcc5 / lib64
checking for unistd.h ... yes
checking for sys / select.h ... yes
checking for poll.h ... yes
checking for sys / epoll.h ... yes
checking for sys / event.h ... no
checking for port.h ... no
checking for sys / resource.h ... yes
                  main # Rubinius :: Loader at core / loader.rb: 861
                script # Rubinius :: Loader at core / loader.rb: 679
           load_script. Rubinius :: Code Loader at core / code_loader.rb: 590
           load_script # Rubinius :: Code Loader at core / code_loader.rb: 505
            __script__ # Object at extconf.rb: 21
   << (method_missing) # Kernel (NilClass) at core / zed.rb: 1413

undefined method `<< 'on nil: NilClass. (NoMethodError)

An exception occurred running extconf.rb
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and / or headers. Check the mkmf.log file for …
0
Hello Folks,

does anybody have any idea on how to remove/hide Places from the top panel?

Thanks for looking
0
Hi,

I am looking for some test cases I can include in a virtual network to create rules that can make sense in an office scenario, like prohibiting social media, proxies, etc. Any ideas are appreciated, so that I will apply rules according to a particular test case. Any difficulty level, and the more original they are, the better!

Thanks in advance
0
Lessons on Wi-Fi & Recommendations on KRACK
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

hi,

I connnected to one production inace went to the log directory where bunch of log files there.

how to continuosly monitor logs for any possible errors , exceptions.

how frequently new files created?
do i have to do vi command to open the log file

please advise
0
On SLES 12.2 I do the following as root user:

mkdir -p /some/directory/ramdisk
chown -R simpleuser:users /some
chmod 777 /some/directory
chmod 777 /some/directory/ramdisk

Open in new window


Then I add this to /etc/fstab:
ramfs /some/directory/ramdisk ramfs defaults 0 0

Open in new window

followed by
mount /some/directory/ramdisk

Open in new window


What I expect is a ramfs mounted to /some/director/ramdisk, owned by simpleuser and users, with permissions set to 777.

Surprisingly, after rebooting the machine, the owner of /some/director/ramdisk is root:root, and the permissions have changed to something more restrictive. I deem that more of a feature  than a bug, but that behaviour is really annoying in the environment I use it in.

Currently I do an explicit change of ownership and permissions prior to starting the application that uses the ramdisk (in the respective script, with sudo), but I deem that not very elegant.

Any hint what causes the changes, and how to prevent them ?
0
hi,

i have log directory with say 40 log files in it

i have to search on "NullPoinerException" on above files and find out which file has this exception and which line

how do i grep this?

can i do these kinds of things on winscp etc some gui tools rather than putty?
0
hi,

In below grep command

grep -C20 command "session" fileName


what is meaning of -  and C and 20.
 please advise
0
Hi,

shared book marks in winscp name can i give custom names like Integration Log path, Production1 Log path etc. can you please advise

if path says crm/net/logs etc on Production1, Production2, Production 3 boxes then i cannot clearly distinguish and add as separate names. please advise
0
1. Centos server 6.9 in AD = OK

2. Only access feathers for users of group_USER_AD, applying control via /etc/security/access.conf = OK
3. Blocked root access directly to no server. /etc/ssh/sshd_config (PermitRootLogin no) = OK

 4. To use local account, you will need to use "su -" and do not log in without server with local account = OK

----------------

I have an application that runs with a local account. How can I release the user's access to use the winscp tool and write the application's non /home? Attempts without success

1.) Add the network user's AD group within the application's local group.

2.) There are many network users AD. I can not add one by one in the local group.

How do I solve it?
0
Can i able to connect SuSE linux to Redhat satellite and patch?
0
Hello ,

I have a problem with interfaces on a multihomed topology. My interfaces can not ping each other and can not ping theirselves too
sysctl as given below.

But it is able to ping the interface ip when i directly write ping 37.123.98.142 , if the both interface are not able to ping this interface's ip how does it ping it or from where ?

I have to let them have access each other how shoud i do it ?

Note: loopback interface activated
Note2: em interfaces are all down

[root@spd network-scripts]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.p1p1.rp_filter = 2
net.ipv4.conf.p1p2.rp_filter = 2
net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.lo.rp_filter = 2
net.ipv4.conf.p1p1.accept_local = 1
net.ipv4.conf.p1p2.accept_local = 1
net.ipv4.conf.all.accept_local = 1
net.ipv4.conf.default.accept_local = 1
net.ipv4.conf.lo.accept_local = 1
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.p1p2.arp_filter = 0
net.ipv4.conf.p1p1.arp_filter = 0
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.p1p1.arp_announce = 2
net.ipv4.conf.p1p2.arp_announce = 2

Open in new window


PING 37.123.98.142 (37.123.98.142) from 37.123.98.142 p1p1: 56(84) bytes of data.

^C
--- 37.123.98.142 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2055ms

[root@spd network-scripts]# ping -I p1p1 37.123.98.138
PING 37.123.98.138 (37.123.98.138) from 37.123.98.142 p1p1: 56(84) bytes of data.

^C
--- 37.123.98.138 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3064ms

[root@spd network-scripts]# ping -I p1p2 37.123.98.138
PING 37.123.98.138 (37.123.98.138) from 37.123.98.138 p1p2: 56(84) bytes of data.

^C
--- 37.123.98.138 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1038ms

[root@spd network-scripts]# ping -I p1p2 37.123.98.142
PING 37.123.98.142 (37.123.98.142) from 37.123.98.138 p1p2: 56(84) bytes of data.

^C
--- 37.123.98.142 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2060ms

Open in new window


[root@spd network-scripts]# ping 37.123.98.142
PING 37.123.98.142 (37.123.98.142) 56(84) bytes of data.
64 bytes from 37.123.98.142: icmp_seq=1 ttl=64 time=0.019 ms
64 bytes from 37.123.98.142: icmp_seq=2 ttl=64 time=0.022 ms
64 bytes from 37.123.98.142: icmp_seq=3 ttl=64 time=0.017 ms
64 bytes from 37.123.98.142: icmp_seq=4 ttl=64 time=0.015 ms

Open in new window




Open in new window

0
Hello ,

Is there any possible way to drop bogus packets as seem below .

for this packets ; packet payload is smaller then the length of the packet

 Screen-Shot-2017-08-23-at-22.22.46.png
0
Keep up with what's happening at Experts Exchange!
LVL 11
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Hi,

I have user called xyz under that folder there is folder call test under that there is folder called abc, def, hij etc

i want to search to search in all above folders and subfolders for a particular keyword say " nullpointerexception " how t do that .
please advise
0
hi,

winscp how to sudo as admin?
I currently logged in as my user say xyz but i am not able to delete particulr folder/directory. I have to login or pseudo as admin user say rrr to that. how to psedo in the winscp to rrr user?pleaseadcise
0
Hi,

winscp how to compare 2 different unix users say xyz and abc by opening xyz on left hands side and abc on right hand side. As of now on the left hands side i was able to open my windows laptop folder structure like C drive etc and on right hands side i am able to open one unix user like abc or xyz etc. please advise
0
Hi,

I have xyz.ccfg under my weblogic server.

I logged in to unix weblogic server box.
How do i search on above file name 'xyz.ccfg' to find its exact location like

abc/home/user1/......

i am not sure exactly where it is?


please advise
0
Hi Experts

I am trying install CentOS 6.8 minimal thru kick start on an Virtual Machine(VMware workstation) and assigning kickstart file thru http on another VM, kickstarts goes thru smoothly creates partitions and all but stuck on repo section unable to find repo following types of error, errors attached

Stuck with this error from few days, Please help

In /var/www/html location has ks.cfg file and all centos 6.8 minimal dvd content as it is

[root@srv1 html]# ls
CentOS_BuildTag  isolinux                  RPM-GPG-KEY-CentOS-6
EFI              ks.cfg                    RPM-GPG-KEY-CentOS-Debug-6
EULA             Packages                  RPM-GPG-KEY-CentOS-Security-6
GPL              RELEASE-NOTES-en-US.html  RPM-GPG-KEY-CentOS-Testing-6
images           repodata                  TRANS.TBL

Open in new window


Section of kickstart file i am assign is shown below
# Kickstart file automatically generated by anaconda.

#version=DEVEL
install
url --url=http://10.0.0.11/
text
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --mtu=1496 --bootproto static --ip 10.91.48.17 --netmask 255.255.255.224 --gateway 10.91.48.1 --noipv6 --nameserver 8.8.8.8 --hostname nac17
network --onboot no --device eth1 --bootproto dhcp --noipv6 --hostname nac17
rootpw  --iscrypted 
# Reboot after installation
reboot --eject
firewall --disabled
authconfig --enableshadow --passalgo=sha512
selinux --enforcing
timezone --utc Asia/Kolkata
#bootloader 

Open in new window

0
Hi,

I am working on a tenable nessus audit file for ibm aix.

What i am trying to achieve is 2 compliance check on the /etc/hosts.equiv file:

1. To find all UID less that 100 and UID not equals to the default system user ids (0,1,2,3,4,5)

2. To find all GID less that 100 and GID not equals to the default system group ids (0,1,2,3,4,5)

<custom_item>
type: CMD_EXEC
description: "UID less than 100 and not system default UID"
cmd: ""
expect: ""
</custom_item>

<custom_item>
type: CMD_EXEC
description: "GID less than 100 and not system default GID"
cmd: ""
expect: ""
</custom_item>

I am really new to working with tenable and also new to aix.

Really apperciate if anyone can help me out with what i should put for the cmd and expect statement on how to make the compliance check work.

Thanks really apperciate it!

Link: https://www.ibm.com/support/knowledgecenter/ssw_aix_71/com.ibm.aix.security/passwords_etc_passwd_file.htm
0

Linux Security

The Linux operating system, in all its flavors, has its own share of security flaws that allow intrusions, but there are various mechanisms by which these flaws can be removed, generally divided into two parts: authentication and access control. Authentication is responsible for ensuring that a user requesting access to the system is really the user with the account, while access control is responsible for controlling which resources each account has access to and what kind of access is permitted.