On 2/13/25 10:50 AM, home user via users wrote:
(f40; gnome; last patched minutes ago)
When I ran chkrootkit, I got the following (including a few lines of context) regarding
"wted":
- - - - - -
[snip]
Checking `w55808'... not infected
Checking `wted'... 1 deletion(s) between Tue Jan 28 07:33:4
On 14/2/25 10:17, home user via users wrote:
On 2/13/25 3:11 PM, home user via users wrote:
On 2/13/25 2:40 PM, Jonathan Billings wrote:
On Feb 13, 2025, at 12:51, home user via users
wrote:
[snip]
What is "wted", and is there a security problem?
The “wted” function in the chkrootkit scri
On Fri, 2025-02-14 at 15:24 -0700, home user via users wrote:
> I use Firefox. There's that little shield icon just to the left of
> the address bar. I'm amazed (and concerned) at how many web sites
> that shield "says" are trying to track, cross-site track, and
> fingerprint. ...and how many si
Tim:
> > Having said all that, most people don't serve websites from their own
> > PC any more, few ISPs allow it.
Patrick O'Callaghan:
> I do run a small family webserver on my desktop, but I also have
> Fail2Ban installed. It registers multiple failed connection attempts
> every day, mainly fr
On 2/14/25 9:59 AM, Patrick O'Callaghan wrote:
On Sat, 2025-02-15 at 02:19 +1030, Tim via users wrote:
Having said all that, most people don't serve websites from their own
PC any more, few ISPs allow it.
I do run a small family webserver on my desktop, but I also have
Fail2Ban installed. It r
On 2/14/25 8:49 AM, Tim wrote:
Tim:
Is there a reason you feel the need to check for rootkits?
I'm under the impression that if you don't install things from outside
of the repos, and keep SELinux running, there's a so-close-to-zero
chance of you having a problem that it's not worth worrying ab
On Fri, 2025-02-14 at 14:51 -0700, home user via users wrote:
> On 2/14/25 3:49 AM, Patrick O'Callaghan wrote:
> > On Thu, 2025-02-13 at 23:32 -0800, Samuel Sieb wrote:
> > > Those tools are not going to provide any useful help.
> >
> > I tend to agree. I've never used either of them and have had
On 2/13/25 11:15 PM, Michael D. Setzer II wrote:
On 13 Feb 2025 at 20:39, home user via users wrote:
[snip]
So looks like 0.58 has some added things.
rkhunter seems to have the same version as sourceforge site.
Thank-you Michael.
My information came from "dnf history" and the tools' website
On 2/14/25 3:49 AM, Patrick O'Callaghan wrote:
On Thu, 2025-02-13 at 23:32 -0800, Samuel Sieb wrote:
Those tools are not going to provide any useful help.
I tend to agree. I've never used either of them and have had no
consequences as a result. Linux can have security issues of course, but
my
On Sat, 2025-02-15 at 02:19 +1030, Tim via users wrote:
> Having said all that, most people don't serve websites from their own
> PC any more, few ISPs allow it.
I do run a small family webserver on my desktop, but I also have
Fail2Ban installed. It registers multiple failed connection attempts
On Fri, Feb 14, 2025 at 11:50 AM Tim via users
wrote:
>
>
> Most of the time anti-malware running on Linux was to protect Windows
> machines on the same network. Such as scanning incoming mail before
> the Windows machines got it.
>
Decades ago at work many of us had email on IRIX64 or NextStep a
Tim:
> > Is there a reason you feel the need to check for rootkits?
> >
> > I'm under the impression that if you don't install things from outside
> > of the repos, and keep SELinux running, there's a so-close-to-zero
> > chance of you having a problem that it's not worth worrying about.
hom
On Thu, 2025-02-13 at 23:32 -0800, Samuel Sieb wrote:
> Those tools are not going to provide any useful help.
I tend to agree. I've never used either of them and have had no
consequences as a result. Linux can have security issues of course, but
my feeling is that they are much more likely to come
On 2/13/25 7:39 PM, home user via users wrote:
On 2/13/25 7:33 PM, Tim wrote:
On Thu, 2025-02-13 at 10:50 -0700, home user via users wrote:
When I ran chkrootkit, I got the following (including a few lines of
context) regarding
Is there a reason you feel the need to check for rootkits?
I'm u
On 13 Feb 2025 at 20:39, home user via users wrote:
Date sent: Thu, 13 Feb 2025 20:39:23 -0700
Subject:Re: security: wted?
To: Community support for Fedora users
Send reply to: Community support for Fedora users
From
On 2/13/25 7:33 PM, Tim wrote:
On Thu, 2025-02-13 at 10:50 -0700, home user via users wrote:
When I ran chkrootkit, I got the following (including a few lines of
context) regarding
Is there a reason you feel the need to check for rootkits?
I'm under the impression that if you don't install th
On Thu, 2025-02-13 at 10:50 -0700, home user via users wrote:
> When I ran chkrootkit, I got the following (including a few lines of
> context) regarding
Is there a reason you feel the need to check for rootkits?
I'm under the impression that if you don't install things from outside
of the repos,
On 2/13/25 3:11 PM, home user via users wrote:
On 2/13/25 2:40 PM, Jonathan Billings wrote:
On Feb 13, 2025, at 12:51, home user via users
wrote:
[snip]
What is "wted", and is there a security problem?
The “wted” function in the chkrootkit script runs “chwtmp -f /var/log/wtmp`
(the execu
On 2/13/25 2:40 PM, Jonathan Billings wrote:
On Feb 13, 2025, at 12:51, home user via users
wrote:
(f40; gnome; last patched minutes ago)
When I ran chkrootkit, I got the following (including a few lines of context) regarding
"wted":
- - - - - -
[snip]
Checking `w55808'... not infected
Che
On 2/13/25 1:15 PM, Barry wrote:
On 13 Feb 2025, at 17:51, home user via users
wrote:
When I ran chkrootkit
I cannot find evidence of this tool being maintained.
But I did find people saying its reports contain false positives.
Barry
Thank-you, Barry. I "patch" weekly. dnf says this
On 2/13/25 1:00 PM, Dave Close wrote:
home user via users wrote:
(f40; gnome; last patched minutes ago)
When I ran chkrootkit, I got the following (including a few lines of context)
regarding "wted":
- - - - - -
[snip]
Checking `w55808'... not infected
Checking `wted'... 1 deletion(s) between T
On Feb 13, 2025, at 12:51, home user via users
wrote:
>
> (f40; gnome; last patched minutes ago)
>
> When I ran chkrootkit, I got the following (including a few lines of context)
> regarding "wted":
> - - - - - -
> [snip]
> Checking `w55808'... not infected
> Checking `wted'... 1 deletion(s)
> On 13 Feb 2025, at 17:51, home user via users
> wrote:
>
> When I ran chkrootkit
I cannot find evidence of this tool being maintained.
But I did find people saying its reports contain false positives.
Barry
--
___
users mailing list -- users@l
home user via users wrote:
>(f40; gnome; last patched minutes ago)
>
>When I ran chkrootkit, I got the following (including a few lines of context)
>regarding "wted":
>- - - - - -
>[snip]
>Checking `w55808'... not infected
>Checking `wted'... 1 deletion(s) between Tue Jan 28 07:33:49 2025 and Tue
On 29/11/24 10:59, Barry wrote:
On 28 Nov 2024, at 22:45, Stephen Morris wrote:
being /usr/bin/egrep and /usr/bin/fgrep because it has said they have been
replaced by a script, is that standard Fedora?
Did you check what was in the files and where they were installed from?
The scripts print
On Fri, 2024-11-29 at 20:37 +, Will McDonald wrote:
> Indeed. I've jumped between RH-based and Debian-based distros a little in
> the last few years. I started tracking some of the deltas here:
> https://github.com/wmcdonald404/distrosetta-stone
You might want to change the yum references to d
On Fri, 29 Nov 2024 at 20:01, George N. White III wrote:
> On Fri, Nov 29, 2024 at 3:09 PM Will McDonald wrote:
>
>> On Fri, 29 Nov 2024 at 18:20, home user via users <
>> users@lists.fedoraproject.org> wrote:
>> There's a lot of commonality across most distros, so while something (the
>> link I
On Fri, Nov 29, 2024 at 3:09 PM Will McDonald wrote:
> On Fri, 29 Nov 2024 at 18:20, home user via users <
> users@lists.fedoraproject.org> wrote:
> There's a lot of commonality across most distros, so while something (the
> link I referenced, for example) was from an Ask Ubuntu branch of
> Stack
On Fri, 29 Nov 2024 at 18:20, home user via users <
users@lists.fedoraproject.org> wrote:
> On 11/28/24 10:24 AM, home user via users wrote:
> > (f-40, stand-alone workstation, gnome)
> >
> > A few times in the past couple of months, I've received the following
> warning from "chkrootkit":
> > - -
On 11/28/24 10:24 AM, home user via users wrote:
(f-40, stand-alone workstation, gnome)
A few times in the past couple of months, I've received the following warning from
"chkrootkit":
- - - - - -
bash.1[~]: chkrootkit
ROOTDIR is `/'
Checking `amd'... not found
[snip]
Checking `bindshell'... no
On Thu, 28 Nov 2024 at 17:38, Jeffrey Walton wrote:
> On Thu, Nov 28, 2024 at 12:25 PM home user via users
> wrote:
> > Checking `lkm'... You have 1 process hidden for ps command
> >
> > What's going on with that lkm warning?
>
> Do you really need us to google it for you?
>
And what Jeffer
> On 28 Nov 2024, at 22:45, Stephen Morris wrote:
>
> being /usr/bin/egrep and /usr/bin/fgrep because it has said they have been
> replaced by a script, is that standard Fedora?
Did you check what was in the files and where they were installed from?
The scripts print a warning message then r
On Fri, 2024-11-29 at 09:45 +1100, Stephen Morris wrote:
> I've run chkrootkit and it said there were no issues, but rkhunter has
> reported two suspect files, being /usr/bin/egrep and /usr/bin/fgrep
> because it has said they have been replaced by a script, is that
> standard Fedora?
fgrep and
On 29/11/24 04:37, Jeffrey Walton wrote:
On Thu, Nov 28, 2024 at 12:25 PM home user via users
wrote:
(f-40, stand-alone workstation, gnome)
A few times in the past couple of months, I've received the following
warning from "chkrootkit":
- - - - - -
bash.1[~]: chkrootkit
ROOTDIR is `/'
Checking
On Thu, Nov 28, 2024 at 12:25 PM home user via users
wrote:
>
> (f-40, stand-alone workstation, gnome)
>
> A few times in the past couple of months, I've received the following
> warning from "chkrootkit":
> - - - - - -
> bash.1[~]: chkrootkit
> ROOTDIR is `/'
> Checking `amd'... not found
> [snip
On Fri, 2023-04-07 at 10:17 -0400, Todd Zullinger wrote:
> semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
> restorecon -R -v /web
>
That seems to do the trick, thanks.
> Yes, if you knew what command to use, finding the manpage
> [...]
The old UNIX joke was that any man page
Patrick O'Callaghan wrote:
> I've set up a simple web server for private use (though I will enable
> https access from outside the network), but I want some of the content
> to be outside the default /var/www/html tree. When I do this, I get
> file access errors when SElinux is enabled, but not whe
On 27/11/2021 18:08, Joachim Backes wrote:
On 11/27/21 09:42, Ed Greshko wrote:
On 27/11/2021 16:08, Joachim Backes wrote:
I'm running my F35 desktop with MATE. If I wake up after having suspended the
box using some key, no
password is requested, whereas the Cinnamon (I used it in F34) deskt
On 11/27/21 00:08, Joachim Backes wrote:
I'm running my F35 desktop with MATE. If I wake up after having
suspended the box using some key, no
password is requested, whereas the Cinnamon (I used it in F34) desktop
requests it. This Missing password
request in MATE seems to be a security hole.
On 27/11/2021 16:08, Joachim Backes wrote:
I'm running my F35 desktop with MATE. If I wake up after having suspended the
box using some key, no
password is requested, whereas the Cinnamon (I used it in F34) desktop requests
it. This Missing password
request in MATE seems to be a security hole.
On 27/11/2021 16:08, Joachim Backes wrote:
I'm running my F35 desktop with MATE. If I wake up after having suspended the
box using some key, no
password is requested, whereas the Cinnamon (I used it in F34) desktop requests
it. This Missing password
request in MATE seems to be a security hole.
On 21/09/2021 11:02, Fernando Cassia wrote:
On Mon., 20 Sep. 2021, 23:44 Ed Greshko, wrote:
*ok, I'm exaggerating*
Yes, any number of thing could happen. And, yes, people sometimes let their
guard down.
And extra layer of "protection" at the program level is hardly ever bad.
Badly, imp
On Mon., 20 Sep. 2021, 23:44 Ed Greshko, wrote:
>
>
> This means if you get an encrypted message, walk away from you system, and
> forget to secure it
> anyone can click on an encrypted message it will be displayed.
>
. If you walk away from your system and forget to secure it and you don't
trus
Roberto Ragusa wrote:
> and then the best:
> - installs with: "curl http://random_site/install_script | sudo bash"
Owww, my eyes! Please, make it stop.
Any software I see which recommends that idiom in their
instructions is immediately on the "never install this
crapware under any circumstances.
On 12/17/20 6:58 PM, Jorge Fábregas wrote:
Yes... and how the malicious bits were delivered thru the update
mechanism...a nice reminder for us on how careful we need to be when
adding 3rd-party repos be it yum repos, flatpak repos, container repos
and so on.
True.
Even a single gpgcheck=0 is a
On Thursday, December 17, 2020 10:08:54 AM EST Jonathan Ryshpan wrote:
> I read that there has been a major security hack of at least two
> companies, FireEye and SolarWinds, which supply security software
> to the US Government and to major corporations. (see:
> https://www.nytimes.com/2020/12/1
On 12/17/20 1:41 PM, stan via users wrote:
> The deeper issue is that this illustrates how easy it is for skilled
> programmers to insert malicious code into software so that it does
> nefarious things while not being detected. That certainly affects
> Fedora because it affects any system using co
On Thu, 17 Dec 2020 07:08:54 -0800
Jonathan Ryshpan wrote:
> I read that there has been a major security hack of at least two
> companies, FireEye and SolarWinds, which supply security software to
> the US Government and to major corporations.
> (see:
> https://www.nytimes.com/2020/12/16/opinio
On Thu, Dec 17, 2020 at 07:08:54AM -0800, Jonathan Ryshpan wrote:
> I read that there has been a major security hack of at least two
> companies, FireEye and SolarWinds, which supply security software to
> the US Government and to major corporations.
> (see:
> https://www.nytimes.com/2020/12/16/
On 11/06/2018 08:49 PM, finn via users wrote:
Why wouldn't you regular review your task manager, system settings
etc. to confirm your machine has been not comprised ? (Here, few
things which you can do to confirm there isn't a breach in your system).
1. Failed logins: /var/log/messages
2. last
On 07/21/2017 07:49 PM, Tim wrote:
Today I received this email, here's the salient portion:
On 21/7/2017 6:24 am, upda...@fedoraproject.org wrote:
BEWARE:
Because of https://bugzilla.redhat.com/show_bug.cgi?id=1366968
you need to switch your system to SELinux permissive mode.
That message is
Today I received this email, here's the salient portion:
On 21/7/2017 6:24 am, upda...@fedoraproject.org wrote:
BEWARE:
Because of https://bugzilla.redhat.com/show_bug.cgi?id=1366968
you need to switch your system to SELinux permissive mode.
How was that ever accepted as a solution? That kind
On Wed, 10 Aug 2016 13:06:33 -0600
Kevin Fenzi wrote:
> This was fixed in july in Fedora kernels:
>
> * Tue Jul 12 2016 Josh Boyer - 4.6.4-201
> - CVE-2016-5389 CVE-2016-5969 tcp challenge ack info leak (rhbz
> 1354708 1355615)
Thanks Kevin, that's what I wanted to know. Phew! Sigh of relie
On 08/10/2016 03:06 PM, Kevin Fenzi wrote:
On Wed, 10 Aug 2016 11:50:37 -0700
Gordon Messmer wrote:
On 08/09/2016 10:44 PM, Rick Walker wrote:
I'm very skeptical.
Take a look at the pdf linked in the first message. The challenge
ack limit was intended to improve security, but created a
si
On Wed, 10 Aug 2016 11:50:37 -0700
Gordon Messmer wrote:
> On 08/09/2016 10:44 PM, Rick Walker wrote:
> > I'm very skeptical.
>
> Take a look at the pdf linked in the first message. The challenge
> ack limit was intended to improve security, but created a
> side-channel attack that could allo
On 08/09/2016 10:44 PM, Rick Walker wrote:
I'm very skeptical.
Take a look at the pdf linked in the first message. The challenge ack
limit was intended to improve security, but created a side-channel
attack that could allow someone who doesn't control the communication
path to reset conne
On 10 August 2016 at 06:44, Rick Walker wrote:
>
>> 1. Open /etc/sysctl.conf, append a command
>> "/net.ipv4/tcp_challenge_ack_limit = 9".
>
> I'm very skeptical. The default on my stock machine is 100. You can check
> your own with:
>
> sysctl -A | grep tcp | grep limit
>
> In the
Yetjust another reason why I love Linux?!the patching system. Its on
POINT! when it comes to catching and preventing these kinds of
things?.this community handles its BUSINESS!...LOL!On Aug 10, 2016
12:17 AM, stan wrote:
>
> Hi,
>
> There is a severe security hole in TCP on
On Wed, Mar 23, 2016 at 08:43:36PM +, Troels Arvin wrote:
> When I install Fedora from a netinstall image:
> Given that I initially
> - check the SHA256 checksum of the Fedora-Server-netinst-x86_64-23.iso
>file
> - check the GPG signature of the file which contained the checksum
>(the
On 03/23/2016 01:43 PM, Troels Arvin wrote:
When I install Fedora from a netinstall image:
Given that I initially
- check the SHA256 checksum of the Fedora-Server-netinst-x86_64-23.iso
file
- check the GPG signature of the file which contained the checksum
(the Fedora-Server-23-x86
Hi
On Sat, Jun 6, 2015 at 2:54 PM, Martin Cigorraga wrote:
> Hello,
> I would like to know if it is enough to install the 'Security Lab' group
> in order to get all the goodies from that spin.
>
Yes
Rahul
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscriptio
A brief update,
You nailed it: I went with a basic install (I don't know to which group
httrack belongs to) and this time were able to finish the process as
expected.
Cheers.
On Mon, Dec 29, 2014 at 1:33 AM, Martin Cigorraga wrote:
> Thanks Jim, will do!
>
> On Sun, Dec 28, 2014 at 1:37 AM, Jim
Thanks Jim, will do!
On Sun, Dec 28, 2014 at 1:37 AM, Jim Lewis wrote:
>
> > Hi all,
> > I'm trying to install the spin on VirtualBox (4.3.20) on an F21 x86_64
> > host
> > and got stuck there, anyone else?
> > Regards,
> > -Martin
> > --
>
> Hi Martin,
>
> Check this: https://bugzilla.redhat.
> Hi all,
> I'm trying to install the spin on VirtualBox (4.3.20) on an F21 x86_64
> host
> and got stuck there, anyone else?
> Regards,
> -Martin
> --
Hi Martin,
Check this: https://bugzilla.redhat.com/show_bug.cgi?id=1130550
I ran into it when attempting to install the Fedora_Server inst ima
On 03/11/2014 11:38 AM, Dustin Kempter issued this missive:
We've looked in /var/log/messages, and in the /var/log/security file
The /var/log/security file rotates, so make sure you're looking at the
appropriate one. It may have rotated since this occurred.
No smoking gun, only thing we have
Dustin Kempter wrote:
we looked at the .bash_history file for postgres and see no entries for pg_ctl
however we do see the service stop command in the root .bash_history file, but
we have no
timestamps in the bash_history file
Add this to a file in /etc/profile.d/mycustom.sh:
export HISTTIMEFO
We've looked in /var/log/messages, and in the /var/log/security file
No smoking gun, only thing we have so far is this:
In the postgres log we see this:
2014-03-07 15:58:09 MST [27223]: [18-1] db=,user=,host= LOG: received
smart shutdown request
Indicating the db received a shutdown request, t
On 03/11/2014 10:45 AM, Mark Haney wrote:
It limits you to who has either
sudo access (you/do/ have root ssh access disabled, right?) or
physical access to the machine. I'd look in the logs specifically for
sudo calls.
Not quite. Even if you have root access by ssh disabled, there's
nothing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/11/14 13:30, Dustin Kempter wrote:
> Hi,
>
> we have a server (CentOS 6.4) running PostgreSQL, recently someone
> shut the db down and we want to find out who did this...
>
> I see the db shutdown request in the postgresql log, and I suspect
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/21/2014 02:07 PM, Robert P. J. Day wrote:
>
> i was trying to be delicate, but what i was told is that being
> manufactured in china was enough to make them ineligible for entry
> into secure US military installations. you can make of that
On Fri, 21 Feb 2014, CS DBA wrote:
> On 2/21/14, 11:54 AM, Robert P. J. Day wrote:
> > On Fri, 21 Feb 2014, CS DBA wrote:
> >
> > > Hi All;
> > >
> > > I just ordered a Lenovo Thinkpad W540,
> > >
> > > the specs list this:
> > > Security Chip 2 Security Chip Enabled
> > >
> > > I pla
There's no need to be concerned. You're conflating a few different issues.
The security chip is a TPM, and they have been fairly common for several
years. It just allows secure key storage for software that might need it. A
TPM won't get in your way.
The other issue is UEFI Secure Boot. There's l
On Feb 21, 2014, at 11:50 AM, CS DBA wrote:
> Hi All;
>
> I just ordered a Lenovo Thinkpad W540,
>
>
> the specs list this:
> Security Chip 2 Security Chip Enabled
>
>
> I plan to run Fedora 20 on it. Is this something I should be concerned about?
> Can it be disabled in the b
2014-02-21 19:58 GMT+01:00 CS DBA :
> On 2/21/14, 11:54 AM, Robert P. J. Day wrote:
>
>> On Fri, 21 Feb 2014, CS DBA wrote:
>>
>> Hi All;
>>>
>>> I just ordered a Lenovo Thinkpad W540,
>>>
>>> the specs list this:
>>> Security Chip 2 Security Chip Enabled
>>>
>>> I plan to run Fedora
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/21/2014 01:50 PM, CS DBA wrote:
> Hi All;
>
> I just ordered a Lenovo Thinkpad W540,
>
>
> the specs list this: Security Chip 2 Security Chip
> Enabled
>
>
> I plan to run Fedora 20 on it. Is this something I should be
> conce
On 2/21/14, 11:54 AM, Robert P. J. Day wrote:
On Fri, 21 Feb 2014, CS DBA wrote:
Hi All;
I just ordered a Lenovo Thinkpad W540,
the specs list this:
Security Chip 2 Security Chip Enabled
I plan to run Fedora 20 on it. Is this something I should be
concerned about? Can it be disa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/21/2014 01:54 PM, Robert P. J. Day wrote:
>
> i don't know about that chip, but a few weeks ago, i was down
> south chatting with some military IT contractors, and they told me
> that in most sites they work in, *no* *one* is even allowed int
On Fri, 21 Feb 2014, CS DBA wrote:
> Hi All;
>
> I just ordered a Lenovo Thinkpad W540,
>
> the specs list this:
> Security Chip 2 Security Chip Enabled
>
> I plan to run Fedora 20 on it. Is this something I should be
> concerned about? Can it be disabled in the bios?
i don't know
bruce writes:
> However you can also mod the ssh_config (i believe) to have it auto
> use the keyFile with the pub/private key to negotiate the user/passwd
> process for the ssh cmd. This is useful when remotely/programatically
> accessing the ssh cmdline process for running remote apps, xferring
Wolfgang,
Right in what you wrote. And what you wrote allows for ssh commands to
be used where you specify the keyFile.
However you can also mod the ssh_config (i believe) to have it auto
use the keyFile with the pub/private key to negotiate the user/passwd
process for the ssh cmd. This is useful
bruce writes:
> And regarding the ssh/remote access, you specify public/private keys,
> and you have the key process run from the key file. This allows a user
> to be able to ssh into the box without having to use the ssh passwd,
> but only from the corresponding box that has the associated public
On Sat, 21 Dec 2013 19:36:26 -0500, bruce wrote:
> For sake of discussion, assume a fresh base desktop install of the OS
> (Fed/RHEL/Centos).
>
> After doing the install from the iso(s), you install :
> -rkhunter
> -chkconfig
Did you mean "chkrootkit"? If so, it's only for experienced users (who
Hi Wolfgang,
Ok, say you have a box that you want to remotely access. Never a need
to access the box via the gui/login.
And regarding the ssh/remote access, you specify public/private keys,
and you have the key process run from the key file. This allows a user
to be able to ssh into the box witho
bruce writes:
> You then mod SSH as required to disable root login
> OK, what else should you do?
Root login isn't a bad idea in and of itself. More important is to not
allow anything but public key logins (eg. ECDSA, RSA). For people
logging in with root credentials, give everyone a different
> Andre Robatino fedoraproject.org> writes:
>
>> Does it seem like https://bugzilla.redhat.com/show_bug.cgi?id=754857 ? If so,
>> you could work around it by increasing the VM's HDD space (KVM's default is 8
>> GB).
>
> Ignore this. You already ruled it out, sorry.
No, this was. My whole disk was
On Tue, 2012-02-07 at 20:40 +0100, Gergely Buday wrote:
> Hi,
>
> I tried to install the fedora 16 security spin onto my fedora 15 box
> as a kvm virtual machine, twice, but both times it failed just before
> the end. In the second attempt I created a larger disk image so not
> that is the problem
On Fri, May 20, 2011 at 07:19, Tim wrote:
>> Is that for your entire network, or just one computer? If it's just
>> for the one machine, you might find it easier to maintain a simple
>> hosts file.
>
> You might want to read my first paragraph, again...
>
> Though, even for just one computer, it o
Tim:
>> I do something similar with my DNS server. I have a dead zone file,
>> which produces instant fails to any queries to any domain names I
>> associate it with. It gives me neat, central, management of all
>> computers on the LAN.
Dotan Cohen:
> Is that for your entire network, or just one
On Thu, May 19, 2011 at 17:05, Tim wrote:
> I do something similar with my DNS server. I have a dead zone file,
> which produces instant fails to any queries to any domain names I
> associate it with. It gives me neat, central, management of all
> computers on the LAN. My named.conf file also h
On Thu, May 19, 2011 at 16:38, Alan Cox wrote:
>> Going back to my first example, simply blocking doubleclick.com cookies
>> wouldn't be enough to stop them tracking you. The mere loading of their
>> graphics has counted you, and put your IP into their database to track
>> for the rest of your br
Awesome solution. Thank you for helping to improve the world!
- Original Message
> From: Tim
> To: Community support for Fedora users
> Sent: Thu, May 19, 2011 10:05:27 AM
> Subject: Re: security in firefox4
>
> On Thu, 2011-05-19 at 14:38 +0100, Alan Cox wrote
On Thu, 2011-05-19 at 14:38 +0100, Alan Cox wrote:
> The internet works better in my experience when
> www.google-analytics.com
> (and ssl.google-analytics.com) get blocked at firewall level or stuck
> in /etc/hosts as 127.0.0.1
I do something similar with my DNS server. I have a dead zone file,
> Going back to my first example, simply blocking doubleclick.com cookies
> wouldn't be enough to stop them tracking you. The mere loading of their
> graphics has counted you, and put your IP into their database to track
> for the rest of your browsing session. You need to stop loading their
> gr
On Thu, 2011-05-19 at 17:50 +0900, Misha Shnurapet wrote:
> * blocked third-party cookies while online (may prevent advertisement
> networks from carrying information between sites)
I don't think it quite does what people hope. Well, not any more.
Third party cookies are cookies that don't belon
Misha Shnurapet:
>> * used Flash Block to only watch the clips I intend to watch (may
>> prevent click-jacking)
Dotan Cohen:
> This is the single best performance enhancement that I've ever done to
> a computer, it works better than a memory upgrade. Everyone for whom
> I've installed Flashblock h
2011/5/19 Misha Shnurapet :
> Here's what I did for privacy in Firefox:
> * used the BetterPrivacy plugin to delete Flash cookies on exit
> * set the browser to delete *regular* cookies on exit
You can use the CookieCuller extension to keep the cookies that you
want, such as logins.
> * blocked
19.05.2011, 17:07, "Dotan Cohen" :
> On Wed, May 18, 2011 at 23:55, Aaron Konstam ; wrote:
>
>> Thanks that worked to stop tracking. But I am still confused by the
>> official directions to use an option under tools?
>
> On Windows the Preferences menu item in under Tools, on Linux it is
> under
On Wed, May 18, 2011 at 23:55, Aaron Konstam wrote:
> Thanks that worked to stop tracking. But I am still confused by the
> official directions to use an option under tools?
>
On Windows the Preferences menu item in under Tools, on Linux it is
under Edit. I have no idea why that is, probably hist
On Wed, May 18, 2011 at 10:02:54PM -0400, Genes MailLists wrote:
> Also delete your flash cookies and turn them off ...
Yes.
> flash P2P as well for good measure.
Couldn't hurt.
> Many of the 'bad guys' have switched primarily to flash cookies now
> ... so deleting the regular cookies wont re
On 05/18/2011 09:49 PM, bruce wrote:
>
> no guarantee that won't happen..
>
> if you really don't want to be tracked. clean out your cookies
> regularly, as well as change your dynamic ip address every couple of
> hours...
>
> there you go!
>
Also delete your flash cookies and turn them off
1 - 100 of 138 matches
Mail list logo
