Go Premium for a chance to win a PS4. Enter to Win

x

Linux Security

The Linux operating system, in all its flavors, has its own share of security flaws that allow intrusions, but there are various mechanisms by which these flaws can be removed, generally divided into two parts: authentication and access control. Authentication is responsible for ensuring that a user requesting access to the system is really the user with the account, while access control is responsible for controlling which resources each account has access to and what kind of access is permitted.

Share tech news, updates, or what's on your mind.

Sign up to Post

I recently installed LAMP, then set up virtual sites by running sudo mkdir example.com.

I don't remember if I did this from root or from my limited user account.

When I log into SFTP from my limited user account it says permission denied in my FTP client.

Is this because I created the directories from the root account?

is it safe to be able to read and write files from a limited user account?

What command should I run to set the proper permissions?

thanks
0
Independent Software Vendors: We Want Your Opinion
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

I installed a password program on  Linux Ubuntu and have been away from this computer for about six months and of course forgot my login password (my Super user I remember). I have almost no knowledge of computers can someone walk me through the process of getting past it to get back on that thing? Or do i light it on fire?? (I don't really want to light it on fire, lol). and there are some important docs on there.
0
I have this issue where non-root (ie non-priv) UNIX users or even applications could
alter or create files that are world-writable & this will easily become an audit issue.

As the creator/owner, they can always change the file permission using chmod.
"umask" can set the default settings for files created but this will not stop them
from altering it subsequently.

Q1:
Can provide sample ACLs or any method such that even owners of files can't alter
the UNIX file permission?

Q2:
Is there any way without using paid products (OpenSource is fine) to alert us if
file permissions are being changed?  Sort of File Integrity Monitoring but we
don't want to be alerted/notified if file content or dates are changed, only if
permission is changed.


We run Solaris 10 & 11 (both have ACL features) & AIX 6.x/7.x and RHEL 7.x.

Or is there a "find ..."  command which we can run daily to identify which files'
permissions got changed the last 1 day?
0
We have a vendor who has put his linux based appliance behind a firewall. If I ssh to the system from the same subnet as the linux appliance ssh succeed - giving me a login prompt and then succeeding with authentication. If I login to the linux appliance from the Outside of the firewall the conversation succeeds apparently - I get a login prompt. But when I enter the same credentials the connection is promptly terminated. If I look at the firewall I see only the allowed SSH session and no other denies to the server.
Any idea what might be going on? What logging could be looked at on the linux appliance to give us insight as to why the ssh connection is failing in the second case? Thank you
0
our lab recently has a new Ubuntu (14.04.1) machine but many of software package is out of date.
I try to update it before upgrade to Ubuntu 16.04. However, there is always problems for the command "sudo apt-get update"

I have googled this problem and change "/etc/apt/sources.list" several times, but the error still exists.
I am thinking the error may come from => Could not resolve 'hcapxb01'
I have no idea about the 'hcapxb01'.  My machine has internet connection but I can't ping or nslookup the  'hcapxb01'

Experts, please help me to slove "sudo apt-get update" error. Thank you
Snap1.png
0
hi,
to learn unix and its command what are best online site, learning videos, training sites that are free available out there including some books.
please advise
0
Hi,

how to import saved ssessions  from putty to mputty.(i saved about 50 sessions with names like integration, systest, prod1 etc in putty which i want to transfer over to mputty without again typing host, port saved session nae etc)

How to point mputty to use putty and get data from putty?
please advise
0
CIS has hardening guides for various Windows, UNIXes and Cisco switches/routers.
There are hardening guides for Juniper as well.

Now our Audit wants a hardening guide for WAF : we use F5.

Q1:
Can anyone point me to such a hardening guide for F5 WAF?

Q2:
if there's none, any link/authoritative guide indicating it's been
sufficiently hardened (as it's an appliance customized from RHEL 5?)
will be appreciated.

Need a good justification why we don't have hardening guide in place
for F5 WAF
1
How do i register SUSE Linux to customer portal?

also how to check what security packages are available to install?

I have worked on RHEL and we use subscription manager to register with customer portal or redhat satellite.

what is the procedure for suse linux? what tool similar to redhat satellite SuSE uses?
0
Hi,

When i search on below command
ps -ef|grep zyz3abc
i see all the proceses running for zyz3abc
how to seach using particular port number(1567) to filter down more granular

 i tried

ps -ef|grep zyz3abc grep 1567
did not see to work.
please advise
0
NFR key for Veeam Backup for Microsoft Office 365
LVL 1
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

hi,

how to copy test folder files
from below
/crm/home/systemtest/security/test
to below folder
/crm/home/XYZ3ABC/config/security/test

trying cp command but not working
is -r different from -R

please advise
do i need to go to /crm/home/XYZ3ABC/config/security/test to execute cp command or  to  /crm/home/systemtest/security/test
0
Hi,

Lets say i want to copy bunch of files from

/crm/home/XYZ3ABC/opt/company/bea_domains/12/xyz3abc


to

/crm/home/XYZ3ABC2/opt/company/bea_domains/12/xyz3abc2

How to this copy paste.
can i do using winscp whose interface easy to me and more convenient to work than unix screens which according to me most non user friendly

Also once i copy files i need to edit those bunch of files from xyz3abc to xyz3abc2 etc
any way i can edit files without using vi which i am not 100% comfortable.
can i use winscp to edit or any other good open source tools apart from winscp

please advise
0
I have the following RPM installed on my server.  based on the security report, its RHSA-2016:0005 missing.

rpcbind-0.2.0-12.el6.x86_64

according to RHSA-2016:0005 , i need to install

Red Hat Enterprise Linux Server (v. 6 for 64-bit x86_64)
rpcbind-0.2.0-11.el6_7-x86_64

This is my running kernel. RHEL 6 x86_64.
2.6.32-642.11.1.el6.x86_64


is it true vulnerability ? or is it false positive? please explain.
0
Hi,what is difference between 755 and 777 privileges to a directory or a file in unix world.
please advise
0
Hi,

I see some folders( say folder_A which contains folder_C and folder_B which contains folder_D which again contains folder_#))  has xyz as owner. I want to change owner to abc to those folders and sub folders. How can i do it. How do same thing on some files say File_A and file_B etc preoperty files.please advise
0
Hi,

I have a folder called

home/system/xyz

now xyz has many sub directories  like abc , def
now abc has directories like lms, pqr etc

xyz is currently owned by me. problem is others cannot see xyz and its all subdirectories for possible issues on the server settings.
now i want to give ownership to xyz directory to ADMIN user say  crm and password say p@ssword so that all the team mates who has ADMIN crm  access can view and modify any directories and files within xyz no matter how deep they are.
how to give access to this one?
0
Experts - I’d like to create a Linux/Unix read-only-root role for Auditors, InfoSec and Tech Ops, so they can examine a system without risk of breaking anything.
-      Using sudo or Centrify, we can grant the privileges to run some commands as root, e.g.  ls, cat, cksum and tail –f
-      I don’t want to allow root privileges for e.g. find, view or more/less, as they can be used to modify a system

Creating the role is easy; Making it easy to use is harder
-      `sudo cat filename |less` would work fine – the `cat` is run as root, the `less` as the unprivileged user. I can create a little script utility called something like “Auditors_less” to remove the need to remember the syntax.
-      `dzdo cat filename > ~/my_copy_of_filename` would work for the same reason, and give them a local copy to work with. Call it “Auditors_cp” or just “Acp”
(`dzdo` is the Centrify equivalent to sudo)

Replacing the functionality of `find` is the part I can’t figure out. The output of `find` gives the full path to a file. `find` also allows you to select on ownership, permissions etc., but that part could be replaced by
`dzdo ls -l |grep {pattern}`

So a scriptlet that takes a starting directory as input and produces output in the form
/path/to/file      : ls –l output of file
would be great, as grep can filter the output, e.g. for globally writeable files/directories

I’ve found similar questions on formatting `ls -lR` output on stackoverflow.com, but no usable answers – general opinion seems to be…
0
Hi,
how to transfer
site booksmarks to shared bookmarks in winscp

please advise
0
Hi,

how to teach winscp remember password. Every time entering password is pain for me. please advise
0
Free Backup Tool for VMware and Hyper-V
LVL 1
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

I'm having a small issue with a recently provisioned Debian 9.1 VM (from an online hosting company).

When deploying the VM I am provided with Key-Based Authentication for the machine. Those work fine (with the new "debian" super user, root not being anymore active by default) but I'd like to be able to use user / pass too (if nothing else for console access).

How do I set my password ? I tried
passwd debian

Open in new window

but I am prompted for the "old" password which I don't know...

Also - even if it is not best practice - can I activate the root user ?
0
what is meaning of root.
why i have to go to root. what i can do from root what i cannot do from root. what i can do using my user.
how unix allows logging in as different user say John when i logged in as say xyz

any online link or free video tutorials explaining all these concepts? an how to practice please advise
0
Hello ,


any body know what is the meaning of this numbers in iptables config file :

*raw
:PREROUTING ACCEPT [1318098:74794423]
:OUTPUT ACCEPT [2065:1143634]

Open in new window

0
Hello ,

When we add this rules for forwarded traffic it is dropping all packets as they are invalid. There is no notrack rule on the server, why does it see the forwarded traffic as it is invalid ?


#-A FORWARD -p tcp -m conntrack --ctstate INVALID -j DROP
#-A FORWARD -p tcp ! --syn -m conntrack --ctstate NEW -j DROP

Open in new window

0
Hello ,

We are facing with some kind of an attack as given below  also i have attached the pcap file ,

important thing is that  ;
  1. IP addresses spoofed with our country's ISP ip addresses
  2. TTL has been spoofed also and the TTL values are in the range of the ip address owners - you should find and edit the same ddos on github with name VSE
  3. Data is a copy of real packet used on this protocol for counter strike
  4. Destination port is also counter's port
  5. checksums are correctly generated

how should i block this kind of attack without blocking the real users ?



Protokol :17  Source IP :85.104.15.177  Source Port :58061  Destination IP :213.238.166.2  Destination Port :27015  TTL :108  Paket Boyutu :51  Checksum :9777  Data :FFFFFFFF71636F6E6E6563743078304135423333304500  
Protokol :17  Source IP :95.13.27.190  Source Port :55271  Destination IP :213.238.166.2  Destination Port :27015  TTL :111  Paket Boyutu :51  Checksum :64648  Data :FFFFFFFF71636F6E6E6563743078303044414236313000  
Protokol :17  Source IP :88.238.142.125  Source Port :55150  Destination IP :213.238.166.2  Destination Port :27015  TTL :105  Paket Boyutu :51  Checksum :37970  Data :FFFFFFFF71636F6E6E6563743078304138383935423800  
Protokol :17  Source IP :85.103.139.224  Source Port :52054  Destination IP :213.238.166.2  Destination Port :27015  TTL :108  Paket Boyutu :51  Checksum :49529  Data 

Open in new window

0
hi,

now setup the first MySQL 5.7. 19 and now created a user to access it from a remote machine.

how can I grant the full right on everything to this user by doing this:

GRANT usage  on *.* TO xyz@localhost;

what I got is :

ERROR 1133 (42000): Can't find any matching row in the user table


GRANT ALL PRIVILEGES on *.* TO xyz@localhost;

and I got :

ERROR 1133 (42000): Can't find any matching row in the user table


the same message,

how can I solve it?
0

Linux Security

The Linux operating system, in all its flavors, has its own share of security flaws that allow intrusions, but there are various mechanisms by which these flaws can be removed, generally divided into two parts: authentication and access control. Authentication is responsible for ensuring that a user requesting access to the system is really the user with the account, while access control is responsible for controlling which resources each account has access to and what kind of access is permitted.