similar to: centos security

How can I find out that someone is using it's network card in promiscuous mode in a subnet? Thank you!

Situation: We are providing hosting services. I've grown tired of the various kiddie scripts/dictionary attacks on various services. The latest has been against vsftpd, on systems that I can't easily control vs. putting strict limits on ssh. We simply have too many users entering from too many networks many with dynamic IP addresses. Enter.... thinking about LIDS or Log Based

Hi All, Yes, I know, it's really really embarrassing to have to ask but I'm being pushed to the wall with PCI DSS Compliance procedure (http://en.wikipedia.org/wiki/PCI_DSS) and have to either justify why we don't need to install an anti-virus or find an anti-virus to run on our CentOS 5 servers. Whatever I do - it needs to be convincing enough to make the PCI compliance guy tick the

I can ssh into a remote machine. I can start X on that machine with startx How do I then start firefox on that machine (from the ssh prompt) and have it display on my machine in my office. So I want to be using firefox on the remote machine but displaying the screen output from firefox in my office. Both boxes are running centos 5. how is that done? Jerry

Hello guys, Whats is the best way to identify a possible user using a botnet with php in the server? And if he is using GET commands for example in other server. Does apache logs outbound conections ? If it is using a file that is not malicious the clam av would not identify. Thanks

Another alternative is to use a FIMS/HIDS such as Aide (Advanced Intrusion Detection Environment), OSSEC or Samhain. Be prepared to learn a lot about what your OS normally does behind the scenes (and thus a fair amount of initial fine tuning to exclude those things). Aide seems to work well (I've seen only one odd result) and is quite granular. However, it is local system based rather than

I have been dragging my feet on remote display, and have just gotten VNC going to have SOMETHING to move off the start line. But I need the 'best' for different situations, so I want to rate them. 1 to 3 where 1 is the 'best' for the catagory and 3 the loser. VNC RDESKTOP FREENX Server memory Server cpu client memory client cpu bandwidth

just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc.... None of these are valid users. I know that I can block sshd all together with iptables but that will not work for us. I did a little research on google and found programs like sshguard and

WE have a centos 5.3 install, and our server is keep getting hacked. We see load averages of 500+ and see people from all over the world logging into our server (used last). Is there a good place to start to avoid these kinds of things? For example, here is what I already did. Open up sshd port only setup iptables to only accept port 80 and 22 No FTP No other ports are allowed according to IP

Dear All, Sorry for disturbing, anyone have recommendation for a good open source library system. hope to do it for my church. Thanks

What are the ramifications to a large key length when using pub/priv keys for ssh authentication. I have some remote admin and file transfers to manage and only have ssh access w/o vpn to use for it. Thanks, jlc

Dear Mr/Mrs/Ms, I have e-mail server using Centos 4.1 So far I can send and receive e-mail using this server, but why to this address: retna at pttropical.co.id can not send? Every time I send e-mail to above address my server always respon with this massage: ----- Transcript of session follows ----- <retna at pttropical.co.id>... Deferred: mail.pttropical.co.id.: No route to host

Well, there's so few going right now that I'm showing 38 days to get the DVD. My normal dnld from a mirror travels appx. 600Mb/sec. I'll wait until most of the U.S. goes home before I give up and use the normal download though. Here's hoping... -- Bill

Hi All, I am looking for information on when CentOS 5 will be available for IA64. I found this forum posting but no responses http://www.centos.org/modules/newbb/viewtopic.php?topic_id=8714&forum=45 I am looking to perform a large migration of about 500 workstations from various Suse and Red Hat versions to CentOS to standardize some what. Because I have to support x86 (32 & 64) and

Hello, I need to know if there is something I am missing about file permission as I believe I am seeing some strange stuff on my system. I have a directory as follows: drwxrwxrwx 7 root root 4096 Mar 10 13:35 temp In this directory I have a file: -rw-r--r-- 1 root root 137 Oct 30 02:16 208-109-248-33test As a normal user should I be able to rename this file? I believe that only

I noticed that my server has a lot ca. 1000x auth failure from different alocated in China / Romania and Netherlands per day since 3 days It looks to me like somebody was trying to get into server by guessing my password by brute force. what would be the best to stop this attack and how? the server running apache mysql and ftp PORT STATE SERVICE 21/tcp open ftp 80/tcp open http 443/tcp

I''m running in circles with this issue... I accidentally did a ''puppetca --clean --all'' and lost all certificates. I was able to get the puppetmaster running and re-created certificates for the client system, but I get the following error: warning: peer certificate won''t be verified in this SSL session info: Caching certificate for w0f.lagged.com info:

I am using a number of DHCP devices on a network. Working fine with CentOS 5 x86_64. My question is now how do I tell the DNS (after I get my DHCP address) about my devices name and IP address so that others can find me by my machine name? I thought that was an automatic thing - but it appears not. Thanks, Jerry

Hi I just joined I have a serer who's purpose life is to be a fileserver/print server right now it is running windows 98 because it is an older computer look at an alternate os such as this will this allow windows based machines to talk to it save files retrieve files and also how difficult is it to install. -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hello; I'm running a FreeBSD 4.10-release-p2 box and both chkrootkit 0.44 & 0.45 report that my /sbin/init file is infected. It appears as though the egrep for "UPX" in the output of "strings" triggers the infected notice. When I copy the init file from an uninfected box to this one chkrootkit continues to report it as infected. Is chkrootkit reading a copy of the