Have I been hardware hacked/backdoored? [closed] - linux

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I'm on Linux Mint, never connected to the internet for weeks, and still not connected, doing some python programming (Python 3.6).
I happened to look at the firewall program in it 'report' section and see this
(please not that the firewall was actually set to ALLOW outgoing until I changed it just before this screenshot (it was only set to block incoming). Again, to my knowledge I am not, and have not, been connected to the internet at all and my networking is turned off.:
I'm not a network programmer, but this seems to be showing that these applications have been accessing network ports, correct?
Why would python 3.6 (which I was using) be on this list or ever need to connect to any port at all?? Am I looking at nefarious activity here?
I've heard that software can be placed directly on the hardware of a system. IS it possible that my network interface card could be activated and used without giving any indication?
And again, why would my python 3.6 application be on a firewall report at all?
I'm very concerned about this. Can someone enlighten me?

What you are looking at are mostly servers that are listening for incoming connections. That certainly covers ntpd, cups, ntpd.
It looks like some python programs have also been listening for connections, maybe as part of your programming exercises.
The fact that programs are listening for incoming connections doesn't mean anything has actually connected to them, or even that anything could.
An address of "*" indicates that it's a potential connection, not an actual connection that happened.

Related

How can I port forward without access to my router? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I have a small django project running on my Ubuntu laptop; I am developing it with a friend. Since we live in different states I want him to be able to interact with my website outside my network since he's going to be helping me evaluate it on a daily or weekly basis.
I currently have a working apache2 server running my django website. I can't port forward because the internet in my campus apartment is managed by the building admin. It's nothing fancy, really, it's just a standard Spectrum router.
Is there a way I can port forward using only my Ubuntu Laptop?
I read this on quora:
https://www.quora.com/How-can-I-port-forward-in-Debian-based-Linux-without-router-or-using-cellular-data-or-portable-mobile-WiFi
and by the looks of it; this seems to be at the OS level? is that enough?
also, would I be able to do this method on any standard network I connect? like my grandma's?
Any guidance is appreciated
I sorry if I am not understanding correctly, you have internet access but not admin control of the router? you could still port traffic to your apache server but network firewalls would probably stop you on that one.
I would highly recommend google colab I think it would be your best choice as you could sync your hard drives source to google colab for your buddy to check in on your coding...

Configure isciadm to fall back to another iscsi-portal if one is down [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
Let's say I have a 100G disk which i want to expose as an ISCSI-target and I have configured 2-ISCSI-portals(IP1, IP2) which can be used to access the ISCSI-target
Note: I have used more than one portal for my High-Availability Use-cases
Let's say, From the Host, I have used IP1 for the login to the ISCSI-Target and am able to connect to the target successfully. After some time Say, because of some reason IP1 is down.is there a config/way to specify the ISCSIADM to fall back to IP2 for connecting to ISCSI-target
As stark says in the comments above, the answer is to use dm-multipath. There are numerous articles on how to set this up, but the short answer is that it'll likely "just work".
First, install multipathd on your system. Then, when you use iscsiadm in discovery mode, so long as your iSCSI target reports both portals, Linux is going to connect to both portals. You'll get two block devices, both with the same SCSI WWN. Multipathd wakes up, sees the two devices with the same WWN, and bundles them into a /dev/dm-X device for your use. From that point forward, multipathd manages the paths according to how you've configured its policy. The default may be fine for your use.
The key point here is that iscsiadm and iSCSI are kind of "out of the way". You'll have a session for each path. The sessions may come and go. DM-Multipath manages which sessions are involved in providing access to your LUN.

Stop wifi beacon when idle [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I can't believe no one ever did this, but I'm searching for days now and haven't found anything.
I have just bought a Raspberry Pi 4 and would like to use it as a wifi access point (for information, I will probably install Gentoo with hostapd in it).
I would like this access point to be in “passive” mode, only listening to new devices and not emitting beacon when there is no station connected to it. I looked at hostapd configuration file, but I could not find anything suitable.
I wonder if I can, by order of preference:
find a configuration option to manage this automatically;
be able to automatically capture connection/disconnection events and switch beacon on/off using a bit of shell scripting;
if nothing else is available, modify a driver or an application to add this no beacon idle mode.
Have someone ever heard of a way to do this?

Linux open ports manually and valid reasons to do it [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
How open a port manually?
I know that if I install apache opens port 80, ssh opens port 22 and that I can change port number in your configuration files.
I was listening to people talk about open ports manually.
How can I make this process? When should I do it?
Thank you.
The question is bit vague. For example you open a port 'manually' if you write some code instructing doing so. By editing a configuration file (like for sshd), you did it 'manually'. You get a bunch of default opened ports by just booting Linux. Do you need all of them? How secure is having these ports opened?
How can I make this process? , When should I do it?
In simple: You should do it every time you need, like you did on SSH probably for Security through obscurity or disabling services/programs that you are not using (prevention).
A much better approach than messing around with a bunch of processes (at least at the beginning) is setting up a firewall like iptables, block everything and start discovering what you need or not need to be left opened. 'man nmap' is your friend also.

Difference between KLIPS and Netkey IPSEC stacks in Linux [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I know both are IPSEC stacks in Linux kernel and that KLIPS is older and Netkey is newer but other than that I find no other documentation of them. I want to know the real technical differences between them. Is there any one here who can tell me the difference or share some documentation source?
Any help would be appreciated.
From the article linked by shdobxr, the most relevant part regarding the difference between KLIPS and Netkey seems to be the following:
When you apply firewall (iptables) rules, KLIPS is the easier case,
because with KLIPS, you can identify IPsec traffic, as this traffic
goes through ipsecX interfaces. You apply iptables rules to these
interfaces in the same way you apply rules to other network interfaces
(such as eth0).
When using NETKEY, applying firewall (iptables) rules is much more
complex, as the traffic does not flow through ipsecX interfaces; one
solution can be marking the packets in the Linux kernel with iptables
(with a setmark iptables rule). This mark is a member of the kernel
socket buffer structure (struct sk_buff, from the Linux kernel
networking code); decryption of the packet does not modify that mark.
Writing in 2014, all linux distros should now come with a kernel that support both KLIPS and Netkey.
http://www.linuxjournal.com/article/9916
This is by far the best break down of a VPN setup with either. You should be able to deduce what you need for this article.
Good luck!

Resources