System Security

Brian McKee brian.mckee at gmail.com
Thu May 8 23:50:37 UTC 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bob Cortez wrote:
> While using Firefox lately, I've been getting these random sites
> attempting load - not pop ups - sometimes I'll get a system message
> saying it's not a valid destination, other times it just  goes to the
> URL..  I've installed firestarter, and have ran chkrootkit and
> rkhunter.  Everything came back looking fine except for the warnings
> below from the rkhunter log.  I'd like to know what I should do about
> these, (if anything) and how to do it.
> 
> [13:50:03] Performing system configuration file checks
> [13:50:03] Info: Starting test name 'system_configs'
> [13:50:03]   Checking for SSH configuration file             [ Found ]
> [13:50:03] Info: Found SSH configuration file: /etc/ssh/sshd_config
> [13:50:03] Info: Rkhunter option ALLOW_SSH_ROOT_USER set to 'no'.
> [13:50:03]   Checking if SSH root access is allowed          [ Warning ]
> [13:50:03] Warning: The SSH and rkhunter configuration options should be
> the same:
> [13:50:03]          SSH configuration option 'PermitRootLogin': yes
> [13:50:03]          Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no

Bob - did you alter the /etc/ssh/sshd_config file to allow root logins?
While I'm not in front of an Ubuntu box at the moment, I can't see that
being the default - esp since the root account is disabled.

First thing I'd do is look at that file and see if it has been changed.
 Then ask yourself - did I do this?

Start there

Brian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFII5HNGnOmb9xIQHQRAg2mAJ4v83SoEc4Pl+ZZS/8II3uJA/O3lwCfaZ+j
uYpzVFky1oTbvWtqUMIh/rc=
=N8Ts
-----END PGP SIGNATURE-----




More information about the ubuntu-users mailing list