Highest Voted 'debian' Questions - IT Security Stack Exchange

1

vote

1 answer

Why doesn't my systemctl command work?

I'm working on a pentest VM, and have elevated my user privileges to that of a common user. I can see from my enumeration scans that systemctl has a SUID bit set, and has the ownership group listed as my current users group. I created a python…

asked Jun 25 '19 at 15:36

WR7500

113
1
3

1

vote

1 answer

Remove sync user to harden the system

I read a book about linux hardening (Hardening Linux by James Turnbull, 2005). The book suggests to remove the sync user. If I remove the sync user I am not able to call commands like ls and shutdown, because they are not found anymore. I used the…

hardening debian

asked Jun 11 '18 at 13:07

wake-0

229
2
9

1

vote

1 answer

Server get flooded by Avast Secure DNS

My server is getting flooded by Avast Secure DNS. This was generating high I/O while writing lots of entries in daemon.log and syslog files. Thank to fail2ban, I was able to ban those IP and get the server back to normal. I come here to ask for…

dns ddos debian

asked Jan 28 '18 at 07:16

JazZ

121
5

1

vote

0 answers

xhost si:localuser:foo security

With my current setup, I have two user accounts: internet and secure. For the user "secure", all networking is disabled with the iptables rule: -A OUTPUT -m owner --gid-owner 1000 -j DROP The user "internet" has Internet access, but cannot access…

linux web-browser exploit debian

asked Jan 20 '18 at 22:18

z6srRn

11
1

1

vote

1 answer

Suspicious SSH connection

this is the situation: vps with debian 8x32 virgin (new template of the provider's repository); exotic "user" and strong "password" ; 30 seconds later: command (apt-get update); 30 seconds later: command (netstat); netstat show : 1 x tcp…

ssh debian netstat

asked Nov 19 '17 at 11:20

vancloud

13
5

1

vote

1 answer

How to sandbox Firefox ESR for normal browsing?

I'm running Debian 9.1 with KDE and for security purposes I'd like to run Firefox ESR in a sandboxed mode. However I'd still like to use many normal Firefox features for my normal browsing, download files to my computer and store / access browsing…

firefox sandbox debian

asked Aug 01 '17 at 11:43

mYnDstrEAm

319
2
17

1

vote

0 answers

Frequent heavy CPU load from firefox browser -> malware?

Since recently I started to get very heavy CPU load on my 64bit Debian 9.0 Cinnamon machine. I have all my packages up to date including Firefox-ESR. Often the load is so heavy that I can hear my CPU. I also get it when restarting the browser in…

malware web-browser firefox debian cpu

asked Jul 09 '17 at 21:59

mYnDstrEAm

319
2
17

1

vote

1 answer

Is there a way to ask cracklib-check to go through a list of passwords?

I know cracklib-check can be used to check individual password, like - $ echo "12345" | /usr/sbin/cracklib-check 12345: it is too short If not wanting to be super-user as on Debian it requires to be superuser/root. The other way is of course to be…

passwords debian terminal

asked Mar 12 '17 at 08:26

shirish

151
4

1

vote

2 answers

How can we retire SHA1 in prefernce to SHA256 or SHA-3?

According to http://www.pcworld.com/article/3174676/security/sha-1-collision-can-break-svn-code-repositories.html and https://www.theregister.co.uk/2017/02/23/google_first_sha1_collision/ you could have two objects generating the same SHA-1…

sha opensource sha256 debian

asked Mar 09 '17 at 20:19

shirish

151
4

1

vote

1 answer

protect c ++ application via an automatic hardware binding

I have a Qt App which is running on a raspberry pi (Debian Wheezy). The raspberry image is autogenerated via a python script: - Get the latest version of the generic custom-raspi-image - Mount the image - Copy project specific program data into…

c++ debian raspberry-pi

asked Nov 29 '16 at 09:57

Dominic Jonas

111
2

1

vote

0 answers

Vulnerable Keys? CVE-2008-0166 openssl DSA Key Signature Blacklist coverage?

Would the current set of DSA key blacklists detect a DSA key that was generated with openssl on an affected/vulnerable system, BUT whose DSA parameters (dsaparam) were generated on an unaffected system? Additionally, would the current weak key…

openssl random key-generation cve debian

asked Nov 25 '16 at 10:58

rickhg12hs

163
6

1

vote

1 answer

error in running snoopy in kali linux 2016.2

I have installed the snoopy tool in Kali Linux but when I run the tool from terminal it's giving this error. Can you help me to solve this? I've also tried pip install libmproxy ___ _ _ _____ _____ ____ _ _ / __)( \( )( _ )( _ )( _…

kali-linux python ubuntu debian

asked Oct 18 '16 at 12:08

saivinay manapuram

11
2

1

vote

2 answers

Is wiping LUKS header needed?

So I previously had an encrypted install of Debian, and wanted to install a new distro with full system encryption again. Now I understand that you don't need to fill the disk with random data if you already had encrypted partitions, and that wiping…

encryption linux luks debian ssd

asked Aug 03 '16 at 09:21

Arch

11
2

1

vote

0 answers

Enabling specific access with iptables on Debian

I am running a Debian server that hosts several Docker containers but also works as my router and internet gateway. I am having trouble getting SSH access from outside (specific ipaddresses) working on the host (not in the docker containers. All…

ssh iptables debian

asked Jun 14 '16 at 06:26

Tony

11
1

1

vote

0 answers

Port Knocking origination matching problem

I set up port knocking using first this method using knockd and then I tried using this method using only iptables directly but when both failed I thought I'd check a bit deeper into the problem. Correct me if I'm wrong but it seems that though I am…

linux port-knocking debian

asked Apr 15 '16 at 09:39

L33tCh

111
3

Questions tagged [debian]