Questions tagged [ubuntu]
Ubuntu is a Linux version derived from Debian. For questions about Ubuntu that are not about security, please post on [AskUbuntu.SE].
316
questions
1
vote
0
answers
44
views
Ubuntu upgrade changed my home directory permissions - malicious or mistake? [migrated]
My setup
I have a private server (Ubuntu 22.04.4) that I use as a test server for my web development code.
Every couple of weeks I update it (sudo apt update; sudo apt upgrade -y). I don't usually ...
- 111
0
votes
0
answers
20
views
Is there any software needed to install from Parrot OS for TP-Link UB500 Nano USB bluetooth 5.0? [closed]
I am performing experiment on trying to capture Bluetooth traffic from the fitness device to the Mobile App installed on the Phone.
I am using commands like gatttool, hciconfig, hcitool lescan to scan ...
- 23
0
votes
0
answers
32
views
Python os.system() does not change EUID to 0, but os.execl() does, why? [duplicate]
I was working on a CTF challenge that involved a setuid-enabled binary, '/usr/bin/python' where the owner is 'root'. The user I assumed was "www-data", with UID=33. The goal was to create a ...
0
votes
1
answer
107
views
Do I need to implement additional security measures for my self-hosted container web app?
Could you please suggest if I need to do anything else to ensure that my server is secure against the most common attacks? Currently it seems fine to me, but I would highly appreciate if someone with ...
0
votes
1
answer
66
views
Random Requests Trying To Download Virus On Server?
So, I was hosting my website on fastapi, and then I saw this 2 requests on my server.
I found that there was link, that was linking to file named "shk" on random ip adresses. I tried to ...
- 3
1
vote
1
answer
166
views
Creating bootable USB from a compromised OS. Is it safe?
If we buy for instance a laptop with an OS pre-installed e.g. Ubuntu and but the original seller was not reputable and there are doubts with the preinstall.
My question is: if we use the laptop to ...
- 183
0
votes
0
answers
153
views
Cracking 1000-password assignment from hashed file
OS: Ubuntu 20.04 on VMWare, tool: John the ripper
The whole system is up-to-date
The file has 1000 hashed passwords. There are 40 rules provided, a small word list is provided to help crack part of ...
1
vote
2
answers
113
views
Detecting if application connects remotely in linux
Consider me the average Linux user. I know the basics of shell scripting and intermediate Python. However, I have very limited knowledge of system admin or security related matters.
Background:
Say ...
- 13
0
votes
0
answers
108
views
Fail2ban not resulting in any update of IPTables
I have:
Installed Fail2ban
Created a local jail file.
Changed lines within /etc/fail2ban/jail.local where enabled is mentioned x2 to true.
Added enabled = true to the Asterisk section of the jail....
0
votes
0
answers
158
views
Brute-Force by using XAMPP on windows, Ubuntu installed in Windows and DVWA
I am currently using XAMPP installed on windows to do a brute-force attack to DVWA. The command prompt that I used is Ubuntu, but the virtual machine is not opened and installed. Just a command prompt ...
1
vote
0
answers
66
views
Restricting ubuntu signing keys?
I started reading on apt and the security changes to always use GPG signing keys,
but further saw that it by default uses all configured GPG signing keys,
this seems like a small but unecessary ...
- 11
0
votes
1
answer
112
views
Is deploying a web application to a customer's encrypted drive a secure solution against code theft?
I have developed a web service for customer. The web service is written in Python and running in Docker containers. It is managed by docker compose.
The customer wants my web service to run on their ...
1
vote
2
answers
4k
views
How to update Ubuntu SSH version to latest version [closed]
I'm trying to update the Ubuntu OpenSSH version to 9.3p2, because of the CVE-2023-38408 vulnerability, but I can't.
The recomendation is update to last version: https://ubuntu.com/security/CVE-2023-...
0
votes
1
answer
501
views
Getting a couple of remote login and calls into Ubuntu server?
I have a ubuntu server (Ubuntu 22.10 x64) on Digital Ocean. And I am using fastapi, uvicorn, gunicorn and nginx as I used it for my backend api calls from my frontend and my frontend IP is dynamic.
...
- 1
1
vote
1
answer
387
views
Is my website under attack?
I have a web server. I was investigting why my nginx is keep crashing. I noticed a few other issues in my logs.
Note: In the log report, I replace the name of my website with example.com and my second ...
- 11