Managing Local Root Folder Without Being Able To Access It
Nov 2, 2009
I'm planning a website at the moment but I'm wondering about a slight issue, regarding the local root folder of a website.
Currently, I'm using Dreamweaver to create a website and I have had no problems of uploading my files to a site through Dreamweaver before. But I will not have access to my computer for about one month every year. However, I have a laptop available during that month. But since my local root folder is located on my stationary computer it seems impossible for me to, in any way, use that laptop to manage my site (upload new files to the server).
I'm planning a website at the moment but I'm wondering about a slight issue, regarding the local root folder of a website.
Currently, I'm using Dreamweaver to create a website and I have had no problems of uploading my files to a site through Dreamweaver before. But I will not have access to my computer for about one month every year. However, I have a laptop available during that month. But since my local root folder is located on my stationary computer it seems impossible for me to, in any way, use that laptop to manage my site (upload new files to the server).
Get ready for another round of patching and reboots. See: [url]
Linux vmsplice Local Root Exploit By qaaz Linux 2.6.17 - 2.6.24.1
Debian also has a report but I'm trying to avoid linking to the source of the exploit. It works on 2.6.24, but only once. Then the box kernel panics (did for me). 2.6.24.1 is out as of couple days ago, but I'm not sure if it's still vulnerable. Seems like it is.
luki@tester:/tmp$ gcc t.c -o t luki@tester:/tmp$ ./t ----------------------------------- Linux vmsplice Local Root Exploit By qaaz ----------------------------------- [+] mmap: 0x0 .. 0x1000 [+] page: 0x0 [+] page: 0x20 [+] mmap: 0x4000 .. 0x5000 [+] page: 0x4000 [+] page: 0x4020 [+] mmap: 0x1000 .. 0x2000 [+] page: 0x1000 [+] mmap: 0xb7e6f000 .. 0xb7ea1000 [+] root To run a command as administrator (user "root"), use "sudo <command>". See "man sudo_root" for details.
root@tester:/tmp# id uid=0(root) gid=0(root) groups=0(root) root@tester:/tmp#
Are some days that in the root of my server there is a folder without a name. I think it is fail2ban to create this folder? Only I have access to the server.
Code: TMPS="/tmp/sim_cj" Line 399, file sim-2.5-3/install/sim
Code: cat $TMPS >> /etc/crontab
If a local user creates a symlink to that file, then writes to the sim_cj file being linked to, as SIM is being installed, they can influence the contents of /etc/crontab.
Contacted the vendor via email on 04/17/07, email bounced. Opened a ticket via their helpdesk ~5 days ago, no response.
Again, this is only an issue during the install, which is an extremely small window of time. Any bug that could lead to root access should be fixed, however.
I use Webmin (1.69) to work on my development environment. I am using Ubuntu Desktop 14.04 right now. I am not exactly an Ubuntu newbie but I would not call myself an expert either.
I created a virtual host (newdomain.local) with webmin. I filled in all the fields and saved the new VH definition. I added newdomain.local to my hosts file with an ip address of 127.0.0.1 and restarted apache.
When I go to [URL] ...., it is not taking me to the VH's home page but to the default home page.
how to setup a cron job to copy files & directories from one folder to the root folder. I have CPanel X.
My root directory is public_html/ I have another directory public_html/uploads containing both files and directories.
I need a cron job that will copy all the files & directories from public_html/uploads to the root public_html/
If it helps, here is some system info
General server information: Operating system Linux Service Status Click to View Kernel version 2.6.22_hg_grsec_pax Apache version 1.3.39 (Unix) PERL version 5.8.8 Path to PERL /usr/bin/perl Path to sendmail /usr/sbin/sendmail PHP version 4.4.4 MySQL version 4.1.22-standard cPanel Build 11.17.0-STABLE 19434 Theme cPanel X v2.6.0
I have a script running on my server that has access via port 1031, but I would like to block access to it from the public, and instead allow access only through a php proxy script on my server which will connect to port 1031 via 127.0.0.1 (i.e. 127.0.0.1:1031)
So some may be thinking why? Currently users gain access by heading to mydomain.com:1031 . However I would now like to include adverts along side the script (but can't physically make adjustments to the script as the company that made the script has vanished of earth) So the only way I can think of doing this, is by having the adverts in an Frame next to the proxy script.
So does opening up access via 127.0.0.1 just for this case, give me security problems?
I have a local web server that I want to make available outside of my local network of two computers. I configured NAT at my router, configured the firewall. I Typed the external IP and got nothing, while I still was able to access my web server by typing "localhost", I tried both IIS and Apache, but what is interesting is that fact that the other people can access my web server via that external IP, I just cannot access it from my local network.
I am using Windows XP Pro, and since I updated to Internet Explorer 7 I am having problems getting web sites to work on my PC in Internet Explorer using the local IIS web server. These web sites are using ASP and Access databases.
The two errors I get are:
Operation must use an updateable query.
or
Cannot modify the design of table 'TABLE_NAME'. It is in a read-only database. (they are not read only!)
Does anyone know how I can get this working so I can test my web sites locally before uploading them to the live sites?
to the httpd-manual.conf to enable access by other machines on my network but it seems to be hard coded to localhost only.
Is there something else I can add to httpd-manual.conf to enable it or do I need to copy manual folder to the htdocs folder and then restrict that <Directory> ?
Linux version: Linux version 2.6.9-023stab033.9-entnosplit (root@rhel4-32) (gcc version 3.4.5 20051201 (Red Hat 3.4.5-2)) #1 SMP Tue Dec 5 14:54:16 MSK 2006
Running on top of Virtuozzo 3.x, SLM
Running the DirectAdmin control panel, v.1.30.2
For a couple years I've been maintaining a VPS, and I've had a command in root's .bash_profile to mail me the contents of `who` whenever root logs in (I'm certain this wouldn't catch everything, but I at least get mailed when I ssh in). However last night I got one of the dispatch emails, one that was definitely not caused by me logging in, and it was missing the `who` output in the body.
I started doing some looking, starting with the logs. /var/log/messages contained these lines:
Sep 17 00:58:49 vps sshd(pam_unix)[16277]: session opened for user root by (uid= 0) Sep 17 00:59:17 vps sshd(pam_unix)[16277]: session closed for user root
/var/log/security contained:
Sep 17 00:58:49 vps sshd[16277]: Accepted password for root from 65.98.70.202 port 45053 ssh2
To me this is pretty clear that someone had shell access to root. The session lasted just under 30 seconds. The security log showed no signs of previous failed login attempts. I referred to this topic [url]to try to find anything unusual
/var/log/wtmp has a reference somewhere to the accessing IP on grep, but 'who' will not reveal it, the same way that my email message was missing that info.
Everything else looks clean, I've run chkrootkit and rkhunter, all the warnings (issued by rkhunter) are benign, the .bash_history is clean (not flushed or any suspicious commands), logs are clean, nothing unusual is running, can't find anything out of place.
So basically I'm completely confused and have no idea what to make of all this. Was there a glitch? I can only assume that I am somehow compromised, but don't know what to make of all the data I've gathered. I'd really appreciate opinions from some of you that know this stuff way better than I do. The only action I've taken so far is changing the root password.
I am actually very inexpirience in server management. I have a small - I believe - problem. I need to get config file onto my computer from my root server. I can access it through terminal, but it is not very confortable. The config file is on root server.
the file is located at //etc/xxx.conf
Do I need to use web browser to do it? If so how?
Or is there a way that I log to my root server through ssh and transfer onto my computer?
I want to grant different access rights for certain folders to a large group of users of my apache WebDav server.There are access control lists for each folder on the server. Based on the rights in the access control lists the users should only have access to the folders listed in the ACL lists.In addition to that some users have only "read", some also "write" rights for the folders.How can I set up the described access rights on my WebDav server?
I've just signed up for my first VPS with CMBHosting and the person in charge, Chetan Bakhru, seems like a genuinely nice, friendly and helpful person. In other words this new service look promising at the moment.
However ...
When I signed up I selected his CentOS/LXAdmin plan because I figured that with a pre-installed control panel like LXAdmin I could avoid as much ssh as possible and simply get "up and running" more quickly. Plus I have some experience managing my own CentOS development machine, and I know that a special software package I plan to install runs on CentOS "out of the box" -- so I was expecting good things from this new VPS.
But when my account was created LXAdmin did NOT create an FTP admin account for me with root access to my VPS!
Instead it created an account that drops me into web server's document root folder, and this is far too limiting for me. I really need FTP root server access -- and I'm surprised that LXAdmin did not provide this access by default.
Not only that, but it appears that I cannot create a new FTP account that has any deeper access than the existing admin account!
Does anyone with LXAdmin experience know if this is the way LXAdmin normally works by default? Or is this perhaps a special configuration created by my new VPS host?
in order to secure my server against instrusion, i disabled ssh root login and created a user for myself. however in order to access the user i need to enable SSH Password authentication
I dont enable password authentication all the time and i keep it disabled unless i need to do something via ssh.
Now my question will be, is there a way to keep the user i created and keep the root login disabled and password authentication disabled but use ssh keys for the user i created?
I was informed that if i opt to login to ssh via the user i created, the only way to do that is to enable password authentication as it cannot work with ssh keys. is this true?
I really hope someone can help me how to use the user i created together with ssh keys so i dont have to enable password authentication when loggin to ssh
