Disable SSLv3 in Lighttpd to protect against POODLE attack

Disable SSLv3 in Lighttpd Protecting against the POODLE attack The POODLE attack has entered the news a few times now. The issue behind the POODLE attack is serious, as it abuses a weakness in the protocol, not the implementation. This means the only proper fix is abandoning the SSLv3 protocol and use the newer TLS protocols. Disable SSLv2 and SSLv3 Lighttpd commonly has its configuration settings stored in /etc/lighttpd/lighttpd.conf. Open this file and add the following two statements, to disable […]

Read more

Finding setuid binaries on Linux and BSD

Finding setuid binaries for Linux and BSD systems Why setuid? Binaries with the setuid bit enabled, are being executed as if they were running under the context of the root user. This enables normal (non-privileged) users to use special privileges, like opening sockets. While this seems unnecessary for a normal user, it is actually needed for simple commands like ping. Finding files with setuid bit To discover all files with the setuid bit, we can use the find command. Depending […]

Read more

How to check if your Arch Linux system needs a reboot

Arch Linux reboots How to check if a reboot is needed By default Arch will install the kernel in /boot with the name vmlinuz-linux. To determine if the system is running the latest kernel, we can compare the running kernel and the one on disk. Running kernel One way to determine the running kernel is with the uname command. By default installed and with the -r parameter it will provide the kernel release version. [root@archlinux ~]# uname -r 3.17.4-1-ARCH Kernel […]

Read more

Perform NetBSD security audit with pkg_admin

Perform NetBSD security audit Security audit of NetBSD software packages with pkg_admin NetBSD is especially known for it’s diverse platforms it can run on. What is less known is the ability to audit the installed packages. In this article we have a look on how to audit NetBSD and ensure the file integrity of your packages. Performing a security audit is easy, as long as you use the right tool! Packages When using packages, their metadata will be installed in […]

Read more

Exporting nftables rules and configuration

Exporting nftables rules The usage of nftables will slowly grow in the upcoming years, with the goal to become the successor of iptables. Where iptables rules are harder to parse, nftables comes by default with an exporting facility. Exports formats include JSON and XML. Command syntax When using the command line utility nft for the first time, it looks a little bit unfriendly to the user. No suggestions on what to do, nor clear help on often used commands. To […]

Read more

Finding boot logs in systemd journals

Finding boot logs in systemd journals Systemd used a binary log to store information about specific events. These events include the boot sequence and the related output. In this article we have a look at finding our boot logs in systemd journals. Binary logging When using systemd, boot data is stored in journals, a binary format. There is big benefit of saving boot data in a binary format: log information of each boot can be stored separately, linked to other […]

Read more

Alternative for netstat: ss tool

Alternative for netstat System administrators and security professionals searching for listening ports on a server, are definitely familiar with the netstat command. However, newer distributions do not have the tool default installed anymore. Time to start using ss besides our beloved netstat command. ss Socket statistics, or ss for short, is an easy replacement command for netstat. One way to use it, is with parameters ss -aut -a: show listening and non-listening sockets -u: show UDP -t: show TCP [root@archlinux […]

Read more

Linux Capabilities 101

Linux Capabilities 101 Tutorial about how capabilities work in Linux Even seasoned Linux administrators may not see capabilities a lot in their daily duties, but they are still used all the time. This features was added to Linux 2.2 and gave us new possibilities regarding security. In this guide we have an in-depth look on how can leverage them to increase security. The problem It is good to know why capabilities were implemented at the first place. Let’s assume we […]

Read more
1161718192029