FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 05-08-2008, 11:50 PM
Brian McKee
 
Default System Security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bob Cortez wrote:
> While using Firefox lately, I've been getting these random sites
> attempting load - not pop ups - sometimes I'll get a system message
> saying it's not a valid destination, other times it just goes to the
> URL.. I've installed firestarter, and have ran chkrootkit and
> rkhunter. Everything came back looking fine except for the warnings
> below from the rkhunter log. I'd like to know what I should do about
> these, (if anything) and how to do it.
>
> [13:50:03] Performing system configuration file checks
> [13:50:03] Info: Starting test name 'system_configs'
> [13:50:03] Checking for SSH configuration file [ Found ]
> [13:50:03] Info: Found SSH configuration file: /etc/ssh/sshd_config
> [13:50:03] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
> [13:50:03] Checking if SSH root access is allowed [ Warning ]
> [13:50:03] Warning: The SSH and rkhunter configuration options should be
> the same:
> [13:50:03] SSH configuration option 'PermitRootLogin': yes
> [13:50:03] Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no

Bob - did you alter the /etc/ssh/sshd_config file to allow root logins?
While I'm not in front of an Ubuntu box at the moment, I can't see that
being the default - esp since the root account is disabled.

First thing I'd do is look at that file and see if it has been changed.
Then ask yourself - did I do this?

Start there

Brian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFII5HNGnOmb9xIQHQRAg2mAJ4v83SoEc4Pl+ZZS/8II3uJA/O3lwCfaZ+j
uYpzVFky1oTbvWtqUMIh/rc=
=N8Ts
-----END PGP SIGNATURE-----

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 05-09-2008, 12:25 AM
"Bob Cortez"
 
Default System Security

On Thu, May 8, 2008 at 3:50 PM, Brian McKee <brian.mckee@gmail.com> wrote:
Bob - did you alter the /etc/ssh/sshd_config file to allow root logins?

While I'm not in front of an Ubuntu box at the moment, I can't see that

being the default - esp since the root account is disabled.
I'm certain I didn't edit it directly.* It's possible I could have done it without knowing I suppose with a GUI.

I went ahead and change it no.* I have no reason to need remote login as root to this laptop.


Thanks.

Bob

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 05-09-2008, 06:42 PM
"Miano, Steven M."
 
Default System Security

>
> Bob - did you alter the /etc/ssh/sshd_config file to allow root logins?
> While I'm not in front of an Ubuntu box at the moment, I can't see that
> being the default - esp since the root account is disabled.


SSH is not Ubuntu specific, and as such it actually is set to allow root logins as the default. I too don't know why anyone would allow it - however that's how it is. : (

Everything else looked normal to me on that log listing. It is very odd that random sites are attempting to be opened on your desktop though, you may want to actually comb through your process list and discover what each and every process running is doing (quite educational along the way).

Regards,

Steven

CONFIDENTIALITY NOTICE: This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. If you are not the intended recipient of this e-mail, please notify the sender immediately by return e-mail, purge it and do not disseminate or copy it.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 05-09-2008, 08:11 PM
"Felipe Figueiredo"
 
Default System Security

On Fri, May 9, 2008 at 3:42 PM, Miano, Steven M.
<Steven.Miano@mybrighthouse.com> wrote:
>>
>> Bob - did you alter the /etc/ssh/sshd_config file to allow root logins?
>> While I'm not in front of an Ubuntu box at the moment, I can't see that
>> being the default - esp since the root account is disabled.
>
>
> SSH is not Ubuntu specific, and as such it actually is set to allow root logins as the default. I too don't know why anyone would allow it - however that's how it is. : (
>

This comes from Debian, which in turn comes from upstream. Apparently,
DD's could not reach a consensus on wether allowing or disallowing
root logins by default, and the policy was to follow upstream (which
allows by default). Google is your friend.

regards
FF

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 07:01 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org