I was actually browsing through the Freedombox site to look at the project and when I clicked on one of the links to the Linux Foundation I received the breach notification that now reads (Condensed Version): “Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that … Read more
Here is Justin’s top 5 UNIX security books. Title Author ISBN Practical UNIX and Internet Security Garfinkel and Spafford 1-56592-148-8 UNIX System Security David Curry 0-201-60640-2 The UNIX Programming Environment Kernighan and Pike 0-13-937681-X UNIX & Linux System Administration Handbook Nemeth et al 0-13-151051-7 Building Internet Firewalls O’Reilly and Assoc 1-56592-124-0
The Fedora Infrastructure was recently compromised. Hopefully they secured the systems using the CIS Redhat Linux hardening guide.
If you are an Ubuntu user and simply cannot wait to get the latest nmap features, follow the procedure below. Throw this into a file and call it, ‘build_nmap’ and copy it to the /etc/cron.daily directory and you will have a daily build of the latest and greatest version of nmap. P.S. The same procedure … Read more
This just in….US-CERT found to have plethora of security holes in their network. End of the world predicted in a matter of days.
For those of you actually know what encryption is and how to use it, here’s my public key to send secure transmissions. —–BEGIN PGP PUBLIC KEY BLOCK—– Version: GnuPG v1.4.10 (GNU/Linux) mQINBEx0a1MBEADLUM0L68NzlwJ+TWDKLhAcxPpf07qjW9uEkRVilCiUFreGzBUr XyKjIFo4KncFesVME9vfS67ODH4iWyjch1hjNKkgJf43f8hwN+mFntIyv0gv6V/n 4MV13i9oHv3JhmpkoZRMxeIbV9yt9mwtQLcw84TohX+r3NMYDut8MrKSgnmSi7ET DU5wqKG/6jsUlJgKJ82x4666pVgzSbSMYxmcHdkGKCzMJvBpO1hqc8tieON8BDs7 RIkUWmacNwW1Pb2ovrZBYKbVdSccHM/pc8Jd2kEhan8HZT8G6fnIjTb4ESzrE+GX XpTgorHBWgUYjGKvGx7rqd1sQvyBw+oO4cjpve7eRi2LdJ64u5TifZ5Yo5fYyw2J e+hk/clBqZhcHR9mnE5ch6oBjA/RjFq+K/qFWHQLJ8wblORnlE6iFq1edvAHEDDM PxXXiUCAqBab3iVRKHrF9hKaIRO7ObNmvDzurUbTlv8Ii9yXXxENNnJlNbKOVw92 0DTB+IkvhxlXHnjPjU20fAM3cFDi7JQNnC4fxrAJ7iiqRBqFKDqLDkBITuGK6Tqw WrYAsbAcIvtG/RLzEDThTFCu3CDNTvQZDYuj0GkuFTEvSsZ5+Z/x7noIFfAaIwV2 fvq8/EKYWmmwcp9vaHf1xOc5TYp6hrN0fHAoOQ4wJG3RyQUY8dA/Yye6hQARAQAB tDZKdXN0aW4gUi4gQW5kcnVzayAoR2VlayBhdCBMYXJnZSkgPGphbmRydXNrQGdt YWlsLmNvbT6JAjgEEwECACIFAkx0a1MCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B AheAAAoJEPP6QLl31M4959AP/0PcLBTJHsQKZr7Xf74OOeQC/Pbg6WQbCvYenQON rpfQFeHsK3NV7883ekD4yp+o5H2xuL94xtBAw2izfszl8wg/UmR5XYLlf9noUY+q NSOi7OKidRorJUdtJFBEpyxjItQWKo+xI5+WnrGap3Qb7ZFIbCuCVYRky2rzH29j a4FQYT1hWZrxaUGEjDwNytD9Vk35ojNaTp0DrSazIgXYJt6gIE3cYmTtJgBRovxZ tDexa/RCOLog7rsrCZMjYet1FgjKEa8Ls3GII/MD2yaXWMT+DpMcFgWcxveOkRwt 2IZJb4J/9YrcQKfiexkVWe/GH++jKeLMb6yIhVc7SlOrNuj+UuqHZaDfm40ZFOvs +++Z49kd+z01h63oa/6Rr8d+uX7ASuENckUvXeZeakMBWSGvJHry/9VCXeh327F/ wGf3MulNAz9ASNUE3LkbOwQKLmLEWs0EjMr77M0enKDZcIi0a+yyhIQBX2Qcmxaf JDt1X6TNHoQZrFJ/zDxBFSS6T9kmw8qRQJ4G09ehs5fujIUL1V31cLKETnwd8rFm hE1kHk+Lf8zPTi/h4NZqyyIwrWi2OTGpOOBU1VYnAXrvz0FSPtxJP8I0DyJDjlhD d3mZ1abFHDlTgwfBUjMN61ItlZ9bQdxsoMwS8brlGLKuTIWC0ji+SeOkO4d21APH … Read more
Here is some code that will add some security to your /etc/sshd_config file: Enable X11Forwarding Force Version 2 of the protocol Disable all the usual RHosts garbage Disable root logons Disable the use of empty passwords Copy the code below to a text file and make it executable then run it using the sudo command. … Read more
Traditionally one of the most dangerous practices surrounding UNIX is using the root account as your normal user account. This is the default under Backtrack and here’s how to fix it so you only use Root when you need to: 1. Open a Konsole session. 2. Type: adduser username. 3. You will be asked a … Read more
Ubuntu Security Resources Ubuntu Unleashed Ubuntu Geek This should be enough to get started. I’m currently working on extracting the *.debs from a Ubuntu Security Distro called Protech that can be find at http://www.lifedork.net/protech-ubuntu-based-linux-security-distro.html. I will then post an ISO so that you can add all of the security tools provided without having to re-install … Read more
So our overly paranoid friend over at NASA had a virus infected on a couple of astronauts laptops. What makes this even scarier is that it has happened before and they still don’t have these systems loaded with any type of Anti-Virus software. Couple of questions for our engineers at NASA: Why, why, and why … Read more