Questions tagged [security]
Security covers a wide-ranging set of topics including Users, Permissions, Authentication, Authorisation, Upgrades, Firewalling, Hardening, etc.
2,518 questions
0
votes
0
answers
32
views
Lubuntu Security [duplicate]
I’m currently working on securing my Lubuntu system and have already implemented several basic security measures like configuring a firewall, managing user permissions, and setting up SSH. However, I’...
0
votes
2
answers
57
views
NordVPN on Snap Store of Ubuntu is legitimate?
but is the version of NordVPN available on the Ubuntu Snap Store (here's the link:) legitimate?
Running it doesn't do anything...
I reinstalled NordVPN from the terminal and now it works, but I wonder ...
- 21
0
votes
0
answers
51
views
How to find what is causing this network behaviour?
On one of my machines, something is trying to access nonexistent machines on my local network.
Results of arp -a:
ISP (192.168.0.254) à XX:XX:XX:XX:XX:XX [ether] sur eno1
? (192.168.0.231) à <...
0
votes
0
answers
23
views
Ubuntu Pro on a VirtualBox vm
I have a general question about using an Ubuntu vm on VirtualBox.
Is it okay to activate and use Ubuntu Pro on an Ubuntu VM in CISCO VirtualBox?
- 1
1
vote
1
answer
47
views
procfs access control ubuntu 24
After upgrading to Ubuntu 24, there was a problem with access to procfs files
The program requires access to the systemd process maps file
mv 2572 0.0 0.2 20472 11520 ? Ss 00:22 0:00 /usr/lib/systemd/...
0
votes
1
answer
50
views
How to check if an outdated package includes backported security fixes from newer version? [closed]
I want to host a web server on my Raspberry Pi 1B on my home network, so I want to make sure the software is up to date to minimize the security risk. I was looking into using lighttpd, and I got it ...
- 103
0
votes
0
answers
27
views
How to have rootless X on Ubuntu 24 LTS?
i have read directions: https://wiki.ubuntu.com/X/Rootless
but after a default install on my thinkpad t450, what steps are needed to have a rootless X? To avoid security issues eg.: https://lists.x....
- 131
1
vote
0
answers
200
views
EFI stub: WARNING: failed to measure data for event 1: 0xB000000009, may you provide a solution?
This message "EFI stub: WARNING: failed to measure data for event 1: 0xB000000009" is showing at the top left corner while I starting my laptop (Ubuntu 24.04 recently installed, Dell).
Any ...
0
votes
1
answer
42
views
Does Ubuntu OVAL list packages that are vulnerable (have CVE) but are not yet patched (have no USN)?
The Ubuntu documentation recommends using Ubuntu OVAL to track packages that are vulnerable and you should upgrade. In the final section "How Ubuntu OVAL data works" it states (emphasis mine)...
- 101
3
votes
0
answers
456
views
Will disabling AppArmor restrictions on 24.04 make a difference from 22.04
My question is not regarding the advantages/disadvantages of the new apparmor namespace restrictions of Ubuntu 24.04 lts.
I wanted to know if disabling the restrictions will make the system any more &...
- 197
0
votes
0
answers
22
views
hardware restricted password entry
Is there any way that you can restrict password prompts to accept input from only one device? If I were to have an extra keyboard hooked up can it be setup to be interpreted differently? Also I ...
1
vote
1
answer
67
views
How do I identify the last security update and roll it back/remove it?
My Ubuntu version: Ubuntu 22.04.5 LTS
LSS:
Where I live the government is known to have the capability to pollute security patches and updates, in other words when using Ubuntu's default GUI update ...
- 131
-4
votes
1
answer
87
views
Why are Security Issues in Ghostscript not yet fixed in Ubuntu?
Currently there are several known security issues in Ghostscript:
CVE-2024-29510
CVE-2024-29506
CVE-2024-29507
CVE-2024-29508
CVE-2024-29509
CVE-2024-29510, see https://nvd.nist.gov/vuln/detail/...
- 803
0
votes
1
answer
105
views
How to monitor and keep the Firefox deb updated? [duplicate]
Edit (Sep 6 at 21:52): This question is about how to keep Firefox deb updated, not about how to install it. The question has been answered in the comments and may now be closed.
I have installed ...
- 21
1
vote
0
answers
249
views
How to make Polkit work with XRDP
Certain settings in the desktop environment require additional authorization like the users section in the settings app. Working locally, it asks for a password and that's it. But in an Xrdp remote ...
0
votes
1
answer
54
views
What is /etc/pam.d/other actually do?
What is /etc/pam.d/other actually do?
The content of the file is:
auth required pam_deny.so
account required pam_deny.so
password required pam_deny.so
session required ...
- 21
0
votes
0
answers
16
views
OpenLDAP Read access to users in a group for a certain DN
I want to implement an OTP service (privacyIDEA) with LDAP as backend.
The service needs access to user entries in the LDAP tree. I would like to restrict the access of the service account only to ...
- 23
0
votes
1
answer
237
views
AMD microcode update for sinkclose in Jammy(22.04)?
AMD has provided microcode fixes for their EPYC CPUs in their July microcode drops into linux-firmware. These are important to close the Sinkclose SMM hole.
Any reason these are not shipped (yet?) as ...
1
vote
0
answers
82
views
How to log internet connections per program?
I am looking for program or command that can log what programs connect where and when.
For example Wireshark can tell what connections were made and when but it cannot tell what program made this ...
- 13
-1
votes
1
answer
265
views
How to make AppArmor rule to prevent delete in specific directory for all apps instead of specific app?
I want to deny delete permission to everything that is in /home/don/testdir or it's sub directories for all apps without preventing create or write. As I understood this is not possible with ...
- 13
0
votes
1
answer
35
views
From where ca I download the gpg signing keys for atareao (e.g. touchpad-indicator) and for giuspen (x-tile)
This question pertains to Xubuntu 22.04 and arose in the preparation for Xubuntu 24.04:
I found
/etc/apt/trusted.gpg.d/atareao-ubuntu-atareao.gpg (belonging to touchpad-indicator) and
/etc/apt/trusted....
- 803
2
votes
2
answers
383
views
Does apt-add-reposity add gpg keys to the infamous and ill-reputed keyring /etc/apt/trusted.gpg?
This question arose with Xubuntu 22.04 in preparation for Xubuntu 24.04:
After reading the security warnings about apt-key, I first fixed it for the last package for which I stored the package signing ...
- 803
0
votes
0
answers
76
views
"User is not in the sudoers file. This incident will be reported" after erasing /etc/group [duplicate]
I login as the only one user in the system
However my /etc/group is empty and not editable.
When I try to access as root, I've got an error
"User is not in the sudoers file. This incident will ...
- 147
0
votes
0
answers
59
views
Ubuntu desktop 20.04 LTS security
I have download Ubuntu desktop version 20.40 LTS Iso image using windows 10 os from official Ubuntu.com web site. Not sure windows 10 had trustable security. My dell Inspiron 3050 Laptop has no DVD ...
0
votes
0
answers
63
views
usg audit give erroneous results
I ran the usg audit for cis level1 workstation. I noted a number of failures and set about to fix some of them. I then ran the audit again and the failures I fixed show up again. For example, ...
- 11
0
votes
0
answers
31
views
How to make a Hotspot with Security (Password) for use with KDEconnect
I have a Problem with Hotspots, every time I try to make one, it makes a Hotspot without any Password or Security.
Then I tried to change Password and Name, now every new Hotspot has that Name and ...
- 1
0
votes
0
answers
99
views
I cannot access MISP dashboard
T-Guard is an open-source unified security solution. I am in the process of installing T-Guard components. After following all the steps in the setup GUI interface (I will attach a picture).
I can ...
-3
votes
1
answer
7k
views
OpenSSH version upgrade to 9.8 [duplicate]
The versions of OpenSSH up to 4.4p1, plus versions from 8.5p1 to 9.7p1 running on glibc-Linux, are vulnerable. The latest version on Openssh was released on July 1, 2024. So when will the latest ...
0
votes
1
answer
233
views
Explain how the gpg verification and key obtaining documented in "How to verify your Ubuntu download" is safe against a MITM attack
Some Ubuntu mirror servers still use http instead of https. In addition, a manipulated iso image version with a matching sha256 sum could be foisted on a download server. To ensure tamper-proof and ...
- 803
1
vote
0
answers
82
views
How to disable the default of always auto connect to any new wifi network?
How to change the default configuration of always auto connect to any new wifi network it detects? I need to edit some generic default config manually? I need to recompile a patched wifi network app?
...
- 41
1
vote
1
answer
638
views
Apparmor "Complain mode" and SSSD not active
I just updated my RPI5 today. Using Ubuntu 24.04 LTS. During the upgrade I got errors messages saying that Apparmor had some problems about sssd.service (/etc/sssd/conf.d)...
First time it happened.. ...
0
votes
0
answers
22
views
Firewall to white- or black-list incoming requests
Well over a decade ago, when I was a Windows user, I used a Kaspersky firewall that would pop up when an application wanted was receiving a connection and allow me to allow or deny such connections.
...
- 2,881
1
vote
1
answer
74
views
Which app or service connected to a specific domain?
How do I find out which app or service tried to access a particular domain or url in the past?
Tried searching for this here and other websites but not getting relevant results.
I have the Gnome Logs ...
- 11
0
votes
1
answer
390
views
Apt focal-update versus focal-security [duplicate]
What is the difference between the "updates" and "security" repos?
I'm asking because I want to set up and use unattended-upgrades, which only allow updates from "focal" ...
- 5
4
votes
1
answer
357
views
How to detect StripedFly malware in Ubuntu 22.04?
I was reading this article, and decided to search for sd-pam in the processes of one of my laptops.
I did ps -x | grep -i "sd-pam", and got
2864 ? S 0:00 (sd-pam)
29172 pts/0 ...
0
votes
0
answers
40
views
How to find retpoline return thunk for my machine
I'm interested in finding out, how jump2ret works as a mitigation for retbleed. For that I would like to copy the return thunk to a kernel module such that I can play around with it (i.e. write the ...
- 13
0
votes
1
answer
112
views
Malware in browser on Ubuntu?
By mistake I opened a link in a spam email and, even though the browser (Vivaldi) blocked the page from loading, I wanted to understand if there may have been a malware download or something else.
...
- 21
2
votes
1
answer
875
views
How do I apply only security updates in terminal? [duplicate]
My server uses the ubuntu operating system. After a while, I saw a lot of update notifications. But I only want to update the security part, so how do I use the command?
3
votes
1
answer
756
views
lscpu vulnerabilities and mitigation
I recently learned about lscpu command and was excited to know the architecture information. However, there is a section at the end where it shows lots of vulnerabilities. Did some google search and ...
1
vote
1
answer
574
views
Ubuntu 22.04: Server infected by a malware kdevtmpfsi [duplicate]
My freshly created server was infected by the kdevtmpfsi malware. I saw many articles advising how to permanently remove this malware, but none of them worked for me. After trying something and "...
- 171
0
votes
1
answer
177
views
Verifying Ubuntu ISO file
For some time now I have been wondering if verifying the PGP signature and sha256 hash are actually needed to check if there is any malware in the downloaded ISO.
Evertime I try to google this, i get ...
- 11
2
votes
2
answers
787
views
DISA STIG drive partitioning (LVMs) during install of Ubuntu 24.04?
I would like to install Ubuntu 24.04 on a new (physical) system and comply with the DISA STIG for drive partitioning and secure LVM mounts. That means 'noexec' for /var and /tmp. I don't see any way ...
- 41
1
vote
1
answer
116
views
Is there another way to update flatpak in Ubuntu 22.04 without adding the PPA?
Reason for asking is because of the Flatpak 1.12.7 vulnerability and system times out when trying to add the Flatpak PPA.
sudo add-apt-repository ppa:flatpak/stable -y
[sudo] password for daniel:
...
- 59
0
votes
0
answers
121
views
Was Remmina recently added to startup items in some recent (2024-04-25) update on 23.10
I restarted and noticed a strange applet icon in the top right. It was remmina. I didn't remember ever installing this so started looking into it. Apparently it's installed by default and is the RDP ...
- 619
0
votes
0
answers
70
views
Any 2FA (TOTP) app that syncs between iPhone and Ubuntu?
Does anyone know of a 2FA (TOTP) service or setup that syncs your 2FA codes/accounts between an iPhone app and a Linux or web app that you can use from Ubuntu desktop?
I used to use Authy to do ...
- 553
2
votes
0
answers
399
views
How to Disable Outgoing SSH for Users on Ubuntu Server While Allowing Incoming SSH Access?
Hello Ubuntu community,
I'm seeking guidance on how to implement a specific security measure on my Ubuntu server. I want to restrict all users from initiating outgoing SSH connections to external ...
- 21
4
votes
1
answer
498
views
Why does fail2ban report my auth.log file as removed?
I have logwatch running and I check every morning it's content. I have noticed that my auth.log file is erased after an apt upgrade and reboot.
Here is the fail2ban section of the logwatch after an ...
- 934
0
votes
0
answers
107
views
What to do with CVEs and vulnerable CPUs?
Recently a vulnerability that targets Intel CPUs and Linux OSs was reported on.
CVE-2024-2201 (aka: Inspectre Gadget / Spectre v2.0) has me rather concerned.
Q: I would like to know the correct ...
0
votes
1
answer
44
views
Is x.509 bypass a security risk?
I have an embedded system that is communicating with a server using SSL over WiFi to a router and then to the internet. I have what I've been told is the proper certificate for the server installed ...
- 1
0
votes
0
answers
28
views
New to apparmor- why are all downloaded appoarmor prifiles blanc?
background: I'm on Ubuntu 20.04.03 LTS and looking for "how to make my next installation more secure". I am interested in a topic that often relies on third party- and maybe older/not well ...
- 63