One of the earliest Linux distros and officially consist of only free software. Many distros has been derived from the Debian codebase, like Ubuntu and Knoppix.
Questions tagged [debian]
91 questions
1
vote
1 answer
Why doesn't my systemctl command work?
I'm working on a pentest VM, and have elevated my user privileges to that of a common user. I can see from my enumeration scans that systemctl has a SUID bit set, and has the ownership group listed as my current users group.
I created a python…
WR7500
- 113
- 1
- 3
1
vote
1 answer
Remove sync user to harden the system
I read a book about linux hardening (Hardening Linux by James Turnbull, 2005). The book suggests to remove the sync user. If I remove the sync user I am not able to call commands like ls and shutdown, because they are not found anymore.
I used the…
wake-0
- 229
- 2
- 9
1
vote
1 answer
Server get flooded by Avast Secure DNS
My server is getting flooded by Avast Secure DNS. This was generating high I/O while writing lots of entries in daemon.log and syslog files. Thank to fail2ban, I was able to ban those IP and get the server back to normal.
I come here to ask for…
JazZ
- 121
- 5
1
vote
0 answers
xhost si:localuser:foo security
With my current setup, I have two user accounts: internet and secure. For the user "secure", all networking is disabled with the iptables rule:
-A OUTPUT -m owner --gid-owner 1000 -j DROP
The user "internet" has Internet access, but cannot access…
z6srRn
- 11
- 1
1
vote
1 answer
Suspicious SSH connection
this is the situation:
vps with debian 8x32 virgin (new template of the provider's repository);
exotic "user" and strong "password" ;
30 seconds later: command (apt-get update);
30 seconds later: command (netstat);
netstat show :
1 x tcp…
vancloud
- 13
- 5
1
vote
1 answer
How to sandbox Firefox ESR for normal browsing?
I'm running Debian 9.1 with KDE and for security purposes I'd like to run Firefox ESR in a sandboxed mode.
However I'd still like to use many normal Firefox features for my normal browsing, download files to my computer and store / access browsing…
mYnDstrEAm
- 319
- 2
- 17
1
vote
0 answers
Frequent heavy CPU load from firefox browser -> malware?
Since recently I started to get very heavy CPU load on my 64bit Debian 9.0 Cinnamon machine. I have all my packages up to date including Firefox-ESR. Often the load is so heavy that I can hear my CPU.
I also get it when restarting the browser in…
mYnDstrEAm
- 319
- 2
- 17
1
vote
1 answer
Is there a way to ask cracklib-check to go through a list of passwords?
I know cracklib-check can be used to check individual password, like -
$ echo "12345" | /usr/sbin/cracklib-check
12345: it is too short
If not wanting to be super-user as on Debian it requires to be superuser/root. The other way is of course to be…
shirish
- 151
- 4
1
vote
2 answers
How can we retire SHA1 in prefernce to SHA256 or SHA-3?
According to http://www.pcworld.com/article/3174676/security/sha-1-collision-can-break-svn-code-repositories.html and https://www.theregister.co.uk/2017/02/23/google_first_sha1_collision/ you could have two objects generating the same SHA-1…
shirish
- 151
- 4
1
vote
1 answer
protect c ++ application via an automatic hardware binding
I have a Qt App which is running on a raspberry pi (Debian Wheezy).
The raspberry image is autogenerated via a python script:
- Get the latest version of the generic custom-raspi-image
- Mount the image
- Copy project specific program data into…
Dominic Jonas
- 111
- 2
1
vote
0 answers
Vulnerable Keys? CVE-2008-0166 openssl DSA Key Signature Blacklist coverage?
Would the current set of DSA key blacklists detect a DSA key that was generated with openssl on an affected/vulnerable system, BUT whose DSA parameters (dsaparam) were generated on an unaffected system?
Additionally, would the current weak key…
rickhg12hs
- 163
- 6
1
vote
1 answer
error in running snoopy in kali linux 2016.2
I have installed the snoopy tool in Kali Linux but when I run the tool from terminal it's giving this error. Can you help me to solve this?
I've also tried pip install libmproxy
___ _ _ _____ _____ ____ _ _
/ __)( \( )( _ )( _ )( _…
saivinay manapuram
- 11
- 2
1
vote
2 answers
Is wiping LUKS header needed?
So I previously had an encrypted install of Debian, and wanted to install a new distro with full system encryption again. Now I understand that you don't need to fill the disk with random data if you already had encrypted partitions, and that wiping…
Arch
- 11
- 2
1
vote
0 answers
Enabling specific access with iptables on Debian
I am running a Debian server that hosts several Docker containers but also works as my router and internet gateway. I am having trouble getting SSH access from outside (specific ipaddresses) working on the host (not in the docker containers. All…
Tony
- 11
- 1
1
vote
0 answers
Port Knocking origination matching problem
I set up port knocking using first this method using knockd and then I tried using this method using only iptables directly but when both failed I thought I'd check a bit deeper into the problem.
Correct me if I'm wrong but it seems that though I am…
L33tCh
- 111
- 3