[Lancaster] remote desktop / xdmcp problem
Wayne Ward
wayne at lancastercomputers.co.uk
Sat Aug 15 03:21:35 UTC 2009
I used to setup various security measures when i was running the "big
stuff" online
i never chrooted anything to be honest because it was complicated as it
was plus i was just moving my internet faced servers
into virtulisation as i was leaving but had some machines running in
vmware as this would be easy for me to get support for as things were
getting fairly big from smallish company to enterprise :)
the servers i built from scratch gentoo boxes hardened kernel - hand
built iptables firewall although we was behind a firebox i had full
control of what was going in and out (real paranoid!) - very cut down
install no X of course - remote secure logging with syslog-ng - tripwire
(a must) - chrootkit on regular cron - snare or snort
and to top it all of very secure coding if you can !!!
most of the above programs sends emails so i used to get them on my
phone any sign of tampering ssh straight into the logging server and see
what the hells going down!!!
in them eight years i never had a hack - I had two mail servers online -
4 web servers - 4 database server (behind the firewall) and various
other bits of kit - we did play with a honeypot!
When you start playing try bastille - its a script that locks down a
box, the thing is you can see the kind of things it starts locking down
so puts you in the frame of mind of lock down :) hey you got to start
somewere!
then get loaded up with some tools go to a friends hows get some beers
and try crack it ;) if you get in then your server wants setting up
properly ;) various goodies to hit it with are available if you want
something fast nmap it see if the ports are shut properly then nessus it
this will tell you if its vunerable or actually just kill the box then
you know it isnt setup right ;)
plenty of howtos about that will help you more on google ...
as there are plenty of other things to tighten security :
* User Account Administration
* Filesystem Security
* System Resource Limits
always have a backup always have a plan for that day when you come in
and your web page says hAckEd bY......
Regards
Wayne :)
ps i liked this so much i blogged it ;)
andy baxter wrote:
> Re-sending as the original hasn't got to the list yet...
>
> Wayne Ward wrote:
>> hi andy hows the performance of the new small factor box you bought?..
>> have you thought of how you are going to setup the test web server yet
>> IE chroot or in a virtual machine ...
>>
>>
> It uses about 40-50% CPU playing a dvd from a usb drive in mplayer. Not
> sure if it's using the hardware acceleration on the graphics chipset.
> The CPU is 1.2Ghz single core, and I have 1Gb of RAM. Seems pretty good
> so far.
>
> What I would like to do is run the net-exposed server stuff in some kind
> of virtual machine, then write a script which monitors the filesystem
> the VM is running on to look for any signs of a break in. (Using aide,
> chkrootkit, etc. ). I don't know much about virtualisation, so any
> advice would be appreciated here. I was thinking user-mode linux might
> be good for this, but not sure yet. The idea is to keep the monitoring
> program one level above the stuff it's monitoring, to make sure it's not
> the first thing that gets compromised if someone cracks the machine.
>
> any thoughts?
>
> andy
>> Wayne
>>
>> andy baxter wrote:
>>
>>> Thanks! I hadn't thought of using vnc. It turns out there's a program
>>> called x11vnc which grabs the current X11 display and turns it into a
>>> vnc server session.
>>>
>>> It's working great - I'm now playing a film on the mini-itx box with
>>> the
>>> keyboard and mouse controlled by my laptop.
>>>
>>> Cheers,
>>>
>>> andy
>>>
>>> John Scott wrote:
>>>
>>>> Try VNC...If I remember correctly, it grabs the current X session and
>>>> displays it locally.
>>>>
>>>> Cheers
>>>> John
>>>>
>>>> -----Original Message-----
>>>> From: lancaster-bounces at mailman.lug.org.uk
>>>> [mailto:lancaster-bounces at mailman.lug.org.uk] On Behalf Of andy baxter
>>>> Sent: 14 August 2009 01:23
>>>> To: Lancaster Linux User Group
>>>> Subject: [Lancaster] remote desktop / xdmcp problem
>>>>
>>>> Hi all,
>>>>
>>>> I have two machines, a laptop and a mini-itx box. I want to be able
>>>> to run an X session on the mini-itx box and have it displayed on
>>>> both machines at the same time. This is different from the standard
>>>> xdmcp remote desktop situation where you want a different session
>>>> on the client to the mini-itx box - what I want is to have the
>>>> keyboard and mouse from the laptop controlling the session, but to
>>>> have the same session displayed through the video card on the
>>>> mini-itx.
>>>>
>>>> Does anyone know how to do this? I already have standard xdmcp
>>>> logins working.
>>>>
>>>> (The original problem was to find a simple way of playing videos
>>>> and music on the mini-itx box without having to have a keyboard and
>>>> mouse permanently attached to it.)
>>>>
>>>> Cheers,
>>>>
>>>> andy
>>>>
>>>> _______________________________________________
>>>> Lancaster mailing list
>>>> Lancaster at mailman.lug.org.uk
>>>> https://mailman.lug.org.uk/mailman/listinfo/lancaster
>>>>
>>>>
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Lancaster mailing list
>>> Lancaster at mailman.lug.org.uk
>>> https://mailman.lug.org.uk/mailman/listinfo/lancaster
>>>
>>
>>
>
>
--
Regards,
Wayne ward
07957448652
Lancaster Computers
www.lancastercomputers.co.uk
wayne at lancastercomputers.co.uk
Computers - Laptops - Servers - Web Services
More information about the Lancaster
mailing list