can someone please tell me how can we download malware pcap in ubuntu VM in microsoft azure?

I tried to download malware pcap on ubuntu VM in microsoft azure from the putty but it is not allowing me to do so .It gives following output: 2016-12-17-traffic-analysis-exercise.pcap.zip: Permission denied Cannot write to ‘2016-12-17-traffic-analysis-exercise.pcap.zip’

can someone please tell me how can we download malware pcap in ubuntu VM in microsoft azure?

How to encrypt /home directories in Ubuntu 20.04 with an alternative to eCryptfs?

I have a specific use case in which there are multiple users and I only need the Home folder for each encrypted using something like eCryptfs – https://www.howtogeek.com/116032/how-to-encrypt-your-home-folder-after-installing-ubuntu/ – but it is buggy and under-maintained and many have reported does not work with Ubuntu 18.04+ and even sometimes stuck in a login loop. Any alternative to eCryptfs? Thanks

OpenVPN works on Ubuntu but not Android – Name Resolution [migrated]

Setup:
Server1 – Primary DNS/Plesk
Server2 – Secondary DNS
Server3 – OpenVPN

On by local computer running Ubuntu 20.04 I can successfully connect to the OpenVPN server and browse any website. My public IP Address shows as the SERVER3 IP Address.

On my Android, I can successfully connect to the OpenVPN server but I can only browse websites hosted on Server1. All other websites get the DNS_PROBE_FINISHED_BAD_CONFIG error message. In the OpenVPN app it shows a successful connection and the correct IP Addresses.

I am using the exact same configuration file for both devices. Note, different certificates are used for the connection.

Looking at the syslog on Server1, I see:

client @0x7f79480ea2b0 ANDROID-PUBLIC-IP-ADDRESS#50743 (www.facebook.com): query (cache) 'www.facebook.com/A/IN' denied 

I don’t get these errors when browsing on the Ubuntu box.

My ovpn file:

dev tun proto tcp remote SERVER3 IP 443 resolv-retry infinite nobind user nobody group nogroup persist-key persist-tun remote-cert-tls server cipher AES-256-GCM auth SHA256 verb 3 key-direction 1 <certificates are here> 

My OpenVPN Config file:

management 127.0.0.1 5555 dev tun ca ca.crt cert server.crt key server.key  # This file should be kept secret dh none server 10.8.0.0 255.255.255.0 ifconfig-pool-persist /var/log/openvpn/ipp.txt push "dhcp-option DNS SERVER1 IP" push "dhcp-option DNS SERVER2 IP" keepalive 10 120 tls-crypt ta.key cipher AES-256-GCM auth SHA256 user nobody group nogroup persist-key persist-tun status /var/log/openvpn/openvpn-status.log log         /var/log/openvpn/openvpn.log log-append  /var/log/openvpn/openvpn.log verb 3 explicit-exit-notify 0 

Is this Ubuntu kernel version vulnerable to dirty cow? [closed]

I am attempting to escalate privileges on a CTF Ubuntu box but I am afraid to run dirty cow due to possible crash is this kernel version vulnerable to the exploit:

Linux ip-10.0.0.1 3.13.0-162-generic #212-Ubuntu SMP Mon Oct 29 12:08:50 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux?

The Ubuntu version is Ubuntu 14.04

Dirty cow documentation shows Ubuntu 14 versions < 3.13.0-100.147 are vulnerable although I am confused as to if this version is vulnerable and want to be somewhat positive before running it on the CTF / CapturetheFlag machine.

Using Ubuntu 18.04: On VestaCP installation, how to get result (https://subdomain.domain.tld:8083) instead of (https://123.312.321.23:8083) [closed]

I’m trying to install VestaCP on Ubuntu 18.04 but keep getting the following result after successful installation:

https://123.231.312.23:8083 instead of:

https://subdomain.domain.tld:8083

What do I have to do get this result: https://subdomain.domain.tld:8083?

I set hostname to server1: $ sudo hostnamectl set-hostname server1

then edit host file: $ sudo nano /etc/hosts

IP_address subdomain.domain.tld subdomain 

After all is done,I get hostname and FQDN as shown below, which is as it should be:

$   hostname server1 $   hostname -f server1.domain.tld 

But then, the result after successful installation: https://123.231.312.23:8083

What am I doing wrong?

Major security and usability flaw in Linux (root privileges and sudoers, folder access restriction, Ubuntu Linux)

Alright, let me give you the context. I am a business owner with strong technical background, say a programmer, though not an advanced system administrator. I’ve bought a VPS server where I want to host several applications and webpages. One of the apps consists of backend, admin frontend and user frontend, another one is just backend and frontend. So 5 different programmers develop those apps. From time to time, as the development takes its place, those programmers need to install and upgrade some packages, modify system configs and so on, i.e. they need ssh access and some root privileges.

And here is the tricky part. It is obvious that I don’t want them to see and gain access to the folders they are not supposed to see, i.e. the devs of the first app shouldn’t have access to the folders of the second app and vice versa. Moreover the backend dev of the first app shouldn’t have access to the frontend folders of the same app and the same goes for the second app. Also I would like to restrict access for them to certain commands like visudo or reboot, so they wouldn’t be able to lock me out of my own server or reboot it without my consent.

Now, if I give them sudo privileges for them to be able to run administrative tasks needed for their development – then they have access to everything and it becomes practically impossible to restrict access for them to certain folders and commands. On the other hand if I DON’T give them sudo privileges, then it becomes a huge pain for me to every time install packages and give them access to certain files and commands they need to continue development. There are over 1500 commands and the corresponding number of system files in Linux they could potentially need access to, so it’s very VERY unconvenient for me to spend so much time to administer the VPS, especially getting the fact that I’m not a very advanced system administrator and I don’t have much time because I need to run my business.

There are already numerous posts and threads on the Internet where people try to find solutions to somewhat close problems like these: One, Two, Three, Four, Five, Six, Seven, Eight, Nine, and they still have no reasonable solutions to them, only those that involve some supercomplex activities and anyway not giving a needed result.

So from my point of view as a business owner it should be something like this: there is a root user who can do everything. He can create admins and define access rights for them, for example in that very sudoers file. Then it’s his decision whether to give access to an admin to the sudoers file itself and any of the folders and commands of his choice. For example an admin could be able to run any command in the system except “reboot” and “visudo” and he can access all files and folders except /etc/sudoers and say /var/www/private_folder even WITH sudo privileges invoked (meaning he can’t even copy those files, overwrite them, chmod and chown them and so on, i.e. access them with any command).

That would immediately make the whole system administration A LOT more easier and logical, eliminating the need for complex solutions like chroot jails, separate bash environments, splitting servers into virtual machines, using containers and so on. And it’s so simple, a matter of a couple of conditions in the code, if I understand it correctly from a developer’s perspective. Also, I want to be in control of my VPS, not having to trust any other third person believing he/she won’t steal my information and/or destroy my whole system either by making a mistake or intentionally and basically it can be considered as a serious security vulnerability from a certain point of view.

This seems so obvious and logical for me, that I was really discouraged and embarrassed that it’s really isn’t like that in Linux. Maybe 20 years ago when Linux was created it was enough to have only a root and sudoers and the rest of users to accomplish tasks they had at that time, but today everything goes a bit different way already and that archaic approach is not usable anymore.

Of course I realize I can understand something wrong and there is a strong reason why it has to be as it is, then please let me know why is it so and what is a correct and easy way of solving my problem described above without a need to build a behemoth on my VPS or manually administering it all the time by myself. After all it should be user-friendly, right? Now it’s not.

On the other hand if there is no such a solution, then I would really be willing to even pay someone who could implement some kind of a patch or a package that will allow to solve this problem.

GUI for LAMP stack with ubuntu on WSL2 for website development

Currently I am using WAMPserver on Windows, I'm very happy with it, but Drupal requires Drush and Composer for website maintenance and updates, all the literature is written for linux.

So I am looking into using WSL2 with ubuntu – and I am looking for a tool similar to WAMPserver for ubuntu

What I particularly appreciate in WAMPserver is that everything comes pre-installed and pre-configured, and the program takes care of creating new vhosts, etc. as needed, no need to do anything in the…

GUI for LAMP stack with ubuntu on WSL2 for website development

Is a firewall enough of a security measure for an Ubuntu server that hosts a website?

I recently got a VPS with Ubuntu on it, and I’d like to start creating a very basic website. However, I don’t know what steps I should take to secure this server.

I’m new with Ubuntu, new with security and new with creating websites (the website will probably be just HTML, CSS, Django/Python and some database).

My biggest concern is that some hacker could try to use it as a zombie and I won’t know. Or that robots could try to log in and sneak at whatever data I’ll store on that machine and I won’t know. Or who knows what else.

I found the firewall information page on the Ubuntu website, but will that be enough ?

P.S.: If it’s impossible to give an answer, I’d also appreciate a book/website recommendation for Ubuntu and security complete beginners

How to protect my ubuntu linux computer from screen capture programs or keystroke loggers?

I have a Ubuntu home PC. I often use this system to enter passwords to various websites. Some sites also offer a graphical on screen keyboard to protect from keyloggers. However, I suspect that even the on screen keyboard is not safe from malicious software which records the computer screen. I want my passwords to be safe from such programs. Of course, I do ensure that I don’t install insecure programs but I would like to have an additional layer of security.