What does “Do you expect to run the X Windows System?” do when installing OpenBSD?
When installing OpenBSD 5.1, I got the question:
security
Debian unstable chroot security issues
This page describes how you can use the debootstrap utility to install a base Debian unstable/sid system on an existing Linux machine. The new install is accessible using chroot.
wpa_supplicant store password as hash (WPA-EAP with phase2=”auth=PAP”)
Is there a way to store my password in /etc/wpa_supplicant/wpa_supplicant.conf as some hash instead of plaintext?
Unauthorized access to cron
I was hacked this morning!
Is minissdpd known to have been auditted for security, at a similar level to avahi-daemon?
Ubuntu have or had an effort, sometimes described as No Open Ports for the default install.
Is Vim immune to copy-paste attack?
You should never paste from web to your terminal. Instead, you should paste to your text editor, check the command and then paste to the terminal.
How can I ssh to a remote server with an automated password and no key?
I have a remote server. I planned to use public keys to connect over ssh without typing the password but the remote system rejects public key authentication.
What user should apache and PHP be running as? What permissions should /var/www files have?
I just spun up an Ubuntu 11.10 box and then ran apt-get install apache2 php5 to install apache2 and PHP 5 on the box. Now it is functioning as a “web server” and it loads the “It Works!” page. Now I’m trying to tighten up security and I have the following questions about linux web servers:
How to trigger a system self destruct with a certain password is entered
How do I configure my system to destroy all personal data when a certain password is entered? The motivation behind this being NSA stuff.
How to “close” open ports?
A few days ago I started to care a lot about my data security, I end up nmaping myself with: nmap 127.0.0.1