HTML Lockdown software ( Discover How to Quickly & Easily Protect Your Web ) for $5

Discover How to Quickly & Easily Protect Your Web Pages from Unscrupulous Cyber-Thieves! Clearly, You Need Protection – You Need HTML Lockdown! That’s Right, HTML Lockdown Makes It Impossible for People to Read & Steal Your Source Code & Other Important Content!

by: cutkatty
Created: —
Category: HTML/CSS
Viewed: 311


sudo dpkg –configure -a fixes apt-get file lockdown. Subsequent package install results in package removal interrupted earlier

I’m new to linux(ubuntu 18.04). Clicked installed on a couple of packages on ubuntu software center, and then removed a few. I’m not sure if this is the general case, but my ubuntu put those task in queue. While the last package was being installed, which I decided wasn’t a priority at the time, I cancelled the installation, and proceeded to run an apt-get installation I needed urgently. This somehow messed up the process as ubuntu supposedly uses file lockdown, and I ended up terminating apt-get instance. Rebooted, and tried running the apt-get command to install the package, but it failed, with suggestion that I should run sudo dpkg --configure -a to correct the problem. I did, and the package was successfully installed, but the interesting part is, in-between the installation procedure, bash says Removing gnome-mines (1:3.28.0-1ubuntu1) …, sandwiched between installation procedure. What’s going on here? What exactly did sudo dpkg --configure -a do?

Note: I did earlier click remove on gnome-mines but I terminated the job before it even started. Did it somehow end up in task queue?

Get:5 http://in.archive.ubuntu.com/ubuntu bionic/universe amd64 gconf-service amd64 3.2.6-4ubuntu1 [2,036 B] Fetched 62.8 MB in 8min 39s (121 kB/s)                                          (Reading database ... 122669 files and directories currently installed.)```  Removing gnome-mines (1:3.28.0-1ubuntu1) ...  Selecting previously unselected package gconf2-common. (Reading database ... 122183 files and directories currently installed.) Preparing to unpack .../gconf2-common_3.2.6-4ubuntu1_all.deb ... Unpacking gconf2-common (3.2.6-4ubuntu1) ... Selecting previously unselected package libgconf-2-4:amd64. Preparing to unpack .../libgconf-2-4_3.2.6-4ubuntu1_amd64.deb ... Unpacking libgconf-2-4:amd64 (3.2.6-4ubuntu1) ... Selecting previously unselected package gconf-service-backend. Preparing to unpack .../gconf-service-backend_3.2.6-4ubuntu1_amd64.deb ... Unpacking gconf-service-backend (3.2.6-4ubuntu1) ... Selecting previously unselected package gconf-service 

Thousands of incoming SSH connection attempts despite firewall lockdown

So my server is getting slammed with thousands of SSH login attempts. Fail2ban is catching and banning them – but my inbox it’s worrying me and it filling up inbox with alerts. Here’s a sample of what I’m seeing:

May 28 15:26:09 sshd[4908]: input_userauth_request: invalid user test [preauth] May 28 15:26:09 sshd[4908]: pam_unix(sshd:auth): check pass; user unknown May 28 15:26:09 sshd[4908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=<<SNIPIP>> May 28 15:26:11 sshd[4908]: Failed password for invalid user test from <<SNIPIP>> port 41344 ssh2 May 28 15:26:11 sshd[4908]: Received disconnect from <<SNIPIP>> port 41344:11: Bye Bye [preauth] May 28 15:26:11 sshd[4908]: Disconnected from <<SNIPIP>> port 41344 [preauth] 

What’s interesting is when I attempt to connect using something like:
ssh test@myserverip -p 41344

my connection attempt eventually times out and I see no entry in auth.log – which is what I would expect to happen given I’ve locked the machine firewall down via UFW: (sidenote: I’m already running ssh on a non standard port)

ufw status verbose Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip  To                         Action      From --                         ------      ---- Anywhere                   DENY IN     144.202.55.196 Anywhere                   DENY IN     188.53.140.190 Anywhere                   DENY IN     185.50.197.159 Anywhere                   DENY IN     206.189.197.133 Anywhere                   DENY IN     61.175.121.73 Anywhere                   DENY IN     8.30.124.149 Anywhere                   DENY IN     193.105.134.45 Anywhere                   DENY IN     139.129.14.230 Anywhere                   DENY IN     37.247.96.111 22                         DENY IN     Anywhere 2200/tcp                   ALLOW IN    Anywhere 25/tcp                     ALLOW IN    Anywhere 80,443/tcp (Nginx Full)    ALLOW IN    Anywhere 2246                       ALLOW IN    Anywhere 2812                       ALLOW IN    Anywhere 2247/tcp                   ALLOW IN    Anywhere 19999/tcp                  ALLOW IN    Anywhere 82/tcp                     ALLOW IN    Anywhere 22 (v6)                    DENY IN     Anywhere (v6) 2200/tcp (v6)              ALLOW IN    Anywhere (v6) 25/tcp (v6)                ALLOW IN    Anywhere (v6) 80,443/tcp (Nginx Full (v6)) ALLOW IN    Anywhere (v6) 2246 (v6)                  ALLOW IN    Anywhere (v6) 2812 (v6)                  ALLOW IN    Anywhere (v6) 2247/tcp (v6)              ALLOW IN    Anywhere (v6) 19999/tcp (v6)             ALLOW IN    Anywhere (v6) 82/tcp (v6)                ALLOW IN    Anywhere (v6) 

So my main question is, how is it possible that someone is even getting a chance to attempt a login on port 41344 when I can’t?

Simple systemd service to lift kernel lockdown – permission denied

So, I have spent a long time trying to fix a simple systemd service which can lift the kernel lockdown. After a lot of time spent researching and googling I couldn’t find an answer to my question. What I want is a script to run before an exsisting service called nbfc.service is run. I tried to do this by making a new service which calls this script before nbfc.service is called. My service file looks like this /etc/systemd/system/lift-kernel-lockdown.serivce:

[Unit] Description=Disable kernel lockdown feature Before=nbfc.service  [Service] ExecStart=/opt/lift_kernel_lockdown.sh Type=oneshot  [Install] WantedBy=multi-user.target 

The script I wrote looks like this /opt/lift_kernel_lockdown.sh:

#!/bin/bash -ex  DEFAULT_SYSRQ=$  (sysctl -n kernel.sysrq) sysctl -w kernel.sysrq=1 echo x > /proc/sysrq-trigger   sysctl -w kernel.sysrq=$  {DEFAULT_SYSRQ} 

When I run the following command:

systemctl start lift-kernel-lockdown.service 

I get the following output:

Job for lift-kernel-lockdown.service failed because the control process exited with error code. See "systemctl status lift-kernel-lockdown.service" and "journalctl -xe" for details. 

When I after this run:

systemctl status lift-kernel-lockdown.service 

I get this output:

lift-kernel-lockdown.service - Disable kernel lockdown feature    Loaded: loaded (/etc/systemd/system/lift-kernel-lockdown.service; disabled; vendor preset: enabled)    Active: failed (Result: exit-code) since Sat 2019-04-06 23:48:03 CEST; 2min 34s ago   Process: 5459 ExecStart=/opt/lift_kernel_lockdown.sh (code=exited, status=203/EXEC)  Main PID: 5459 (code=exited, status=203/EXEC)  apr 06 23:48:03 davetop systemd[1]: Starting Disable kernel lockdown feature... apr 06 23:48:03 davetop systemd[5459]: lift-kernel-lockdown.service: Failed to execute command: Permission denied apr 06 23:48:03 davetop systemd[5459]: lift-kernel-lockdown.service: Failed at step EXEC spawning /opt/lift_kernel_lockdown.sh: Permission denied apr 06 23:48:03 davetop systemd[1]: lift-kernel-lockdown.service: Main process exited, code=exited, status=203/EXEC apr 06 23:48:03 davetop systemd[1]: lift-kernel-lockdown.service: Failed with result 'exit-code'. apr 06 23:48:03 davetop systemd[1]: Failed to start Disable kernel lockdown feature. 

When I run the command:

journalctl -xe 

I get the output:

                                           wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            _init/<@resource:///org/gnome/shell/ui/keyboard.js:503:13 apr 06 23:48:03 davetop gnome-shell[1495]: JS ERROR: TypeError: this._currentWindow is null                                            _setCurrentRect@resource:///org/gnome/shell/ui/keyboard.js:536:13                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            _init/<@resource:///org/gnome/shell/ui/keyboard.js:503:13 apr 06 23:48:03 davetop gnome-shell[1495]: JS ERROR: TypeError: this._currentWindow is null                                            _setCurrentRect@resource:///org/gnome/shell/ui/keyboard.js:536:13                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            _init/<@resource:///org/gnome/shell/ui/keyboard.js:503:13 apr 06 23:48:03 davetop polkitd(authority=local)[876]: Operator of unix-session:2 successfully authenticated as unix-user:david to gain TEMPORARY authorization for action org.freedesktop.systemd1.manage-u apr 06 23:48:03 davetop systemd[1]: Starting Disable kernel lockdown feature... -- Subject: Unit lift-kernel-lockdown.service has begun start-up -- Defined-By: systemd -- Support: http://www.ubuntu.com/support --  -- Unit lift-kernel-lockdown.service has begun starting up. apr 06 23:48:03 davetop systemd[5459]: lift-kernel-lockdown.service: Failed to execute command: Permission denied apr 06 23:48:03 davetop systemd[5459]: lift-kernel-lockdown.service: Failed at step EXEC spawning /opt/lift_kernel_lockdown.sh: Permission denied -- Subject: Process /opt/lift_kernel_lockdown.sh could not be executed -- Defined-By: systemd -- Support: http://www.ubuntu.com/support --  -- The process /opt/lift_kernel_lockdown.sh could not be executed and failed. --  -- The error number returned by this process is 13. apr 06 23:48:03 davetop gnome-shell[1495]: JS ERROR: Exception in callback for signal: activate: Error: Error invoking IBus.set_global_engine_async: Expected function for callback argument callback, got u                                            setEngine@resource:///org/gnome/shell/misc/ibusManager.js:207:9                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            activateInputSource@resource:///org/gnome/shell/ui/status/keyboard.js:490:13                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            _emit@resource:///org/gnome/gjs/modules/signals.js:128:27                                            activate@resource:///org/gnome/shell/ui/status/keyboard.js:65:9                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            _inputSourcesChanged@resource:///org/gnome/shell/ui/status/keyboard.js:620:13                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            reload@resource:///org/gnome/shell/ui/status/keyboard.js:369:9                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            _ibusSetContentType@resource:///org/gnome/shell/ui/status/keyboard.js:691:9                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22                                            _emit@resource:///org/gnome/gjs/modules/signals.js:128:27                                            _setContentType@resource:///org/gnome/shell/misc/ibusManager.js:183:9                                            wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22 apr 06 23:48:03 davetop systemd[1]: lift-kernel-lockdown.service: Main process exited, code=exited, status=203/EXEC apr 06 23:48:03 davetop systemd[1]: lift-kernel-lockdown.service: Failed with result 'exit-code'. apr 06 23:48:03 davetop systemd[1]: Failed to start Disable kernel lockdown feature. -- Subject: Unit lift-kernel-lockdown.service has failed -- Defined-By: systemd -- Support: http://www.ubuntu.com/support --  -- Unit lift-kernel-lockdown.service has failed. --  -- The result is RESULT. apr 06 23:48:03 davetop polkitd(authority=local)[876]: Unregistered Authentication Agent for unix-process:5450:312328 (system bus name :1.439, object path /org/freedesktop/PolicyKit1/AuthenticationAgent,  lines 2683-2736/2736 (END) 

I truly have no idea where to go from here or how to solve it, I would truly appreciate the help from someone with knowledge about this. Sincerely, David