Categories
Security Ubuntu

Installing Zoneminder on Ubuntu 11.04

I have been experimenting with Zoneminder recently, using the pre-built package for Ubuntu 11.04. I couldn’t get the package to work properly but found some very useful instructions in the Zoneminder Wiki that made it work.

When I finish the installation I will put this into an install script.

 

 

Categories
Security Ubuntu

Ubuntu 10.10 SSH login message fix

Do you get two welcome messages when logging in to your Ubuntu 10.10 host? I have experienced it on hosts upgraded from 10.04 and on freshly built hosts from the downloaded CD-ROM images. The problem can be easily fixed using…

sudo rm /etc/motd.tail

If you are still using password based login for SSH, consider using key based logins instead. It is very easy to set up, convenient to use and secure. If you also use PuTTY on a Windows PC you can use Pageant as the automatic authentication agent.

Categories
Security Ubuntu

Securing the list of last logged in users

The command ‘last‘ lists the times and dates of successful logins. The command ‘lastb‘ lists unsuccessful attempts. I found that both unnecessarily had public read access on most of my Ubuntu servers.

Two log files provide the data used by last and lastb. Both can be secured by changing the permission to 660.

sudo ls -l /var/log/?tmp
sudo chmod 660 /var/log/?tmp
sudo ls -l /var/log/?tmp

Afterwards, to list successful logins, use:-

sudo last

To list unsuccessful logins, use:-

sudo lastb

Categories
Security Ubuntu

Restricting access to ftpd

Whether the ftp daemon is in use or not on a Linux host, it’s a good idea to restrict the system user accounts from using it. Any user ID that is in /etc/passwd that is not permitted to use ftp should be copied to /etc/ftpusers. The following commands for Ubuntu create the file with a list of all users.

sudo awk -F”:” ‘{ print $1 }’ /etc/passwd | sort > ~/ftpusers

Edit the resulting ~/ftpusers to remove the IDs that are allowed to use ftp.

sudo nano ~/ftpusers

Then move the file from your home directory to /etc.

sudo mv ~/ftpusers /etc