Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I have an AWS EC2 Ubuntu instance protected by SSH Key. I was thinking, it is secure enough, but I have received an email from Amazon, telling what my instance has been hacked and used for port scanning.
I do not have a reason not to believe Amazon security team, but I do not understand how it is possible. I only use SSH Key to login to the instance, the Key has not been exposed to the world, it only being used from my home computer.
Is there are some security holes in Ubuntu I do not aware of? Is SSH Key is secure enough?
The Instance uses default 64-bit Ubuntu image, provided by AWS. It does not host any web pages.
The default ubuntu image only allows login using SSH keys and prohibits password based logins. Unless you have changed this configuration, it is very unlikely someone got in through SSH.
While unknown vulnerabilities in Ubuntu most certainly exist, their value is very high and it is extremely unlikely that someone will waste potentially millions of dollars worth of vulnerabilities to take over your particular server.
The most likely explanation is that you are running some piece of software (most likely a web application) which is vulnerable and were compromised through it.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
Let's say I have a 100G disk which i want to expose as an ISCSI-target and I have configured 2-ISCSI-portals(IP1, IP2) which can be used to access the ISCSI-target
Note: I have used more than one portal for my High-Availability Use-cases
Let's say, From the Host, I have used IP1 for the login to the ISCSI-Target and am able to connect to the target successfully. After some time Say, because of some reason IP1 is down.is there a config/way to specify the ISCSIADM to fall back to IP2 for connecting to ISCSI-target
As stark says in the comments above, the answer is to use dm-multipath. There are numerous articles on how to set this up, but the short answer is that it'll likely "just work".
First, install multipathd on your system. Then, when you use iscsiadm in discovery mode, so long as your iSCSI target reports both portals, Linux is going to connect to both portals. You'll get two block devices, both with the same SCSI WWN. Multipathd wakes up, sees the two devices with the same WWN, and bundles them into a /dev/dm-X device for your use. From that point forward, multipathd manages the paths according to how you've configured its policy. The default may be fine for your use.
The key point here is that iscsiadm and iSCSI are kind of "out of the way". You'll have a session for each path. The sessions may come and go. DM-Multipath manages which sessions are involved in providing access to your LUN.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
Hi I am tying to connect my local machine to Azure Linux (ubuntu 18.04) VM using PUTTY but it gives below error
I am referring to the below link
https://learn.microsoft.com/en-us/azure-stack/user/azure-stack-dev-start-howto-ssh-public-key?view=azs-2008#connect-with-ssh-by-using-putty
Are you not able to ssh only while using the putty? Can you connect by using any other way?
Error message what you posted above looks very general and the root cause for this issue could be anything.
Please, check that post on Ubuntu. There is a nice article, please review it. The only difference, it's about the EC2 instances, but nature the same:
This error can occur under the following circumstances:
You’re not connecting with the appropriate user name for your AMI
when you negotiate an SSH session with a VM.
You’re using the wrong
private key when you negotiate an SSH session with a VM.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
My old parents have been hacked/virus-ed for the nth time.
I have an old HP server.
I thought of rebuilding it with VMWare (free version) or Oracle virtualbox and having them use windows in a controlled environment. I would back it up and patch it, etc. Maybe they RDC to my server.
I assume I would need a Windows server license to allow multiple connections. (I could also use it for myself to host Plex media server.)
At a 10,000 foot level, is this possible or just a technology quagmire?
Super User SE might be a better place for this.
Anyway: Are they using it for anything windows-specific? My parents used to use my Linux-based computer for web browsing, now they use an Android tablet for the same. Running a virtualised Windows on top of the former could've been an alternative. Also, backing up and rolling back is easier if you use virtualisation, just use something else for permanent data storage. Maybe a remote storage with backup and rollback (for ransomware) either your own infrastucture or in the cloud. (like syncthing, owncloud, etc.)
I'm assuming here they don't have trade secrets or plans of a home-built nuclear plant or anything that kind.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
is it possible to use transaction layer security (tls) to secure an external client/server application without modifying the code of the application itself?
Say a client application on a machine connects to several servers on several machines over an unsecured connection. I want to encrypt this connection using openssl/tls, but I can't modify neither client nor servers, but the machine configurations (linux os running underneath). I just found stunnel but it seems that it just supports a 1:1 connection.
Thanks in advance.
If you have a finite (and reasonably small) number of servers and you can configure the port number on your client for each connection, you could run stunnel on multiple ports, each one corresponding to a different destination.
However, it sounds like setting up a VPN between all these machines would be a better option. Some VPN implementations rely on TLS, but I'm not sure it would be the best choice here. You might want to investigate other methods, such as IPSec too.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I was wondering about the following: if I access another Computer over a video stream, (maybe like remote desktop), could the NSA read the websites and texts from that stream, even though only video is transmitted?
thanks!
Remote Desktop, as in RDP does not stream video. Unlike other remote desktop software, RDP actually uses kernel level access which is why RDP is so much smoother than a lot of the software that uses images.
RDP is vulnerable to man-in-the-middle attacks, but this is pretty unlikely to happen to you unless you are a highly valuable target. You can use SSL to prevent this sort of thing.
Regardless of all of that, your question seems to be about image-based remote desktop. You are, I think, correct in your assumption that the images are difficult to read vs. just intercepting plain text/html/etc. If the transmission was intercepted, they could "play it back" if it was not encrypted, and see what happened. The thing is, even the transmission between you and the remote host are secure - what about the transmission between the host and the internet? It is likely that whatever you are doing can be traced to the host, and then to you.