Posts Tagged ‘Security’
Limits.conf Guide
To restrict the number of files and number of processes used the user we use the following configuration in the file /etc/security/limits.conf. Syntax: The fields listed above should be filled as follows: can be: an user name a...
Enhancing Security with htaccess
What kind of security enhancement can be implemented within the Apache Web Servers htaccess files? Last month, someone asked the following question and decided to post it here for others. All you need to do is to add below into...
Ubuntu Security: Holes Found, Holes Fixed
Zdnet: “There are security holes in Ubuntu 10.04! The sky is falling! Bill Gates is the maker of the one true operating system; forgive us Bill for we have worshiped at the feet of false Penguin idols. Oh please, give me ...
WordPress 3.0.5 updates for 5 security issues
InternetNews: “The open source WordPress blogging platform is out with version 3.0.5, a new update fixing at least five security issues. Two of the issues are Cross Site Scripting (XSS) flaws which I personally consider t...
Detecting Memory Leaks in Kernel
Rants & Rambles: “The Linux kernel is predominantly written in C, so that programmers can stay close to the hardware. Also there were no large-scale managed languages at the time the project was started. There are so...
GnackTrack Penetration Testing Distro for Gnome
GnackTrack is a gnome based penetration distribution for all your penetration testing and hacking needs. It’s based on Ubuntu 10.04 and contains a considerable amount of tools that all run from the LiveDVD (also instalabl...
12 Year Old Alex Miller Spots Major Firefox Security Bug and Gets the $3000 Bounty!
Tech Drive In: “Alex Miller is just 12 years old, but don’t let his age fool you. This teenager has just made his mark in the technology world by spotting a major security bug in the world’s second most popula...
What’s new in Linux 2.6.36
H-Online: “The new kernel version is notable because it hasn’t grown in size – yet it contains hundreds of advancements which will be obvious to end users, who don’t often notice changes in their Linux distr...
The ps aux Command
The ps (i.e., process status) command is used to provide information about the currently running processes, including their process identification numbers (PIDs). In most Unix-like operating systems, the ps program displays the...
Use the lsof command
Use the “lsof” command. lsof stands for List Open Files. lsof can save you a lot of time and hassle if you are just checking on the status of your machine, but more importantly can give you valuable information and ...
SSH tricks and tips
Last time I had been posting about SSH security. It’s time to write something about the things that SSH can do out of the ordinary. If you’re a Linux system administrator, you’re probably already familiar with at leas...
Security Updates for Debian
Linux Compatible: “The following 3 security updates are available for Debian GNU/Linux - [DSA-2105-1] New freetype packages fix several vulnerabilities - [DSA 2106-1] New xulrunner packages fix several vulnerabilities - [...
Linux kernel update for openSUSE
Linux Compatible: “SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2010:039 Date: Wed, 08 Sep 2010 15:00:00 +0000 Affected Products: openSUSE 11.3 Vulnerability Type: local privilege escalation CVSS v2...
Howto block a ping via iptables on Fedora/CentOS
iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. Different kernel modules and programs are current...
Hack a Website Using Remote File Inclusion
Hacking Truth: “Remote file inclusion is basically a one of the most common vulnerability found in web application. This type of vulnerability allows the Hacker or attacker to add a remote file on the web server. If the a...
Root privileges through Linux kernel bug – Update
H-online: “As a potential attack scenario, Wojtczuk describes the X Server, where the distance between the boundaries of the heap and stack can be made very small by filling the memory with data such as pixmaps. A subsequ...
Protect Linux Against Overflow Exploits
Security Blanket: “An overflow is an anomaly where a program, while writing data to a memory buffer, overruns the buffer’s boundary and overwrites adjacent memory—which could be maliciously exploited. While the on...
Root access risks
Using the ‘root’ account is like being God on a Linux system. That means that you want to be extremely careful when working as root. With something as simple as a wrong keystroke you could do a great deal of damage....
Ubuntu’s two big advantages over Windows and Mac
Techrepublic: “I’ve been using the latest version (10.04) of Ubuntu Linux since April and there’s a lot to like about it. I announced earlier this year that I was giving desktop Linux another look, and I went with Ubu...
Nmap – Howto do ip and port scanning
Nmap is a powerfull scanner available in Unix/Linux system. It’s very usefull for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine againts single hosts. Below a...
Howto install ioncube loader on server
ionCube produces leading tools for PHP source code protection to secure your PHP software from prying eyes and to combat software piracy. Featuring an advanced compiled-code encoding engine that translates source to highly effi...
lsof – list open file
lsof is the Linux/Unix Super tool. I use it most for getting network connection related information from a system, but that’s just the beginning for this amazing and little-known application. The tool is aptly called lsof...
Howto disable ipv6 networking
Internet Protocol version 6 (IPv6) provides a new Internet layer of the TCP/IP protocol suite that replaces Internet Protocol version 4 (IPv4) and provides many benefits. Currently there are no good tools out which are able to ...
Tuning and managing sysctl
The Linux kernel provides the sysctl interface to modify values that reside under the /proc/sys directory. Sysctl is an interface that allows you to make changes to a running Linux kernel. Sysctl values are typically stored in ...
Selinux and Apparmor
Security-Enhanced Linux (SELinux) is a linux feature that provides a mechanism for supporting access control security policies, including U.S. Department of Defense style mandatory access controls, through the use of Linux Secu...
Linux partitions guides
Why Partition? This is a question that’s frequently asked, what is the use of partitioning. Many new linux system administrator create only two partitions / and swap for entire hard drive. This is really a bad idea. The r...
Detecting rootkits using chkrootkit and rkhunter
A rootkit is a collection of tools a hacker installs on a victim computer after gaining initial access. It generally consists of network sniffers, log-cleaning scripts, and trojaned replacements of core system utilities such as...
Tips Installing and Configuring Logwatch
Logwatch is a customizable log analysis system. Logwatch parses through your system’s logs and creates a report analyzing areas that you specify. Logwatch is easy to use and will work right out of the package on most linu...
Howto disable X windows or GUI on startup
Hey, I was wondering if it is possible to make it so on startup x windows is disabled, but I can login and start it using command startx? Well, anything is possible. In fact many dedicated servers does not require x windows or ...
Netstat show network status
Netstat is used more for problem determination than for performance measurement. And, the netstat command can be used to determine the amount of traffic on the network to ascertain whether performance problems are due to networ...
Howto keep SSH access secure
In order to enable ssh, you need to install openSSH. Most of the linux based had it installed by default. OpenSSH is a free version of the SSH connectivity tools that technical users of the Internet rely on. SSH is not only the...
Nmap network security scanner
Nmap (Network MAPper) is a network security scanner used to discover hosts and services on a computer network and is a free open-source port scanner available for both UNIX and Windows. It has succeeded to extend its discovery ...
Howto Disable/Enable php value
I think that you surely had alot of customers demanding to set any php value differently accustomed to their own needs. Here are the tips howto disable/enable any php value on globally setting or on per site basis. Globally set...
Disable_function on php.ini
Have you ever wonder php scripts are highly dangerous? PHP is a very powerful language, there are many dangerous scripts to hack or exploit php applications on your apache server. It carry alot potential script to mess up your ...
Password Generator
Everything need a password, your computers, emails, bank’s account, paypal, facebook, twitter and etc for security reason. What do you do if you are require to create a strong password when you are doing a web hosting bus...
