Protect against the BEAST attack in Nginx

Protect against the BEAST attack in Nginx   What is this BEAST? BEAST, or “Browser Exploit Against SSL/TLS” is an attack against the cipher block chaining (CBC) method used with SSL/TLS. The weakness was discovered in 2002, but finally proven in 2011 by security researchers Thai Duong and Juliano Rizzo. With real proof of concept code, they showed it was no longer a theoretical attack. To successfully perform the BEAST attack, there are some conditions which needs to be met: Vulnerable version of […]

Read more

Monitor for File System Changes on Linux

Monitor for File System Changes The most important areas with information security are preventing some events from occurring and detecting it if something still happens. Unfortunately most companies forget to put enough effort in detection unauthorized activities. In this article we have a special look at monitoring your file system, to detect changes to your critical system files and their configuration files. Method 1: File Integrity tools The first method is monitoring file changes with the help of specific tools. […]

Read more

Linux security: Reviewing log files

Linux security: Reviewing log files Log files are the precious collection of system events. Still many people don’t use them, until it is really needed. Let’s go from the reactive use of log files to a proactive stance. The Logging Dilemma Capturing events helps in troubleshooting. By defining what events are ignored and which ones are logged, we get a quick overview on the status of a system. The dilemma is usually in how much logging is enough to get […]

Read more

5 things you didn’t know about shell scripting

5 things you didn’t know about shell scripting Our security auditing tool Lynis is a toolkit consisting of several shell scripts. Many users of the software actually never realized it was written as a bunch of shells scripts.. The secret is out.. But why shell scripting? Here are 5 reasons! 1. Shell scripting is powerful Yes, people asked us why our tool Lynis was not written in Perl, Python, Ruby, C++ etc.. But honestly, why would we? It is portable, […]

Read more

Configure HSTS (HTTP Strict Transport Security) for Apache and Nginx

HSTS configuration for Apache and Nginx HTTP Strict Transport Security (or HSTS) is a security capability to force web clients using HTTPS. The idea behind HSTS is that clients which always should communicate as safely as possible. At achieve this, the web server and web browser will prefer the HTTPS protocol instead of HTTP. Benefits The clear benefit of “forcing” a client to use HTTPS directly, is decreasing the risk of sharing any sensitive information via a protocol which can […]

Read more

Check for a required reboot on Debian and Ubuntu systems

Required restart required? Administrators of Debian-based systems know they have to reboot their systems, just like any other Linux distribution. However, why is the reboot needed? Could we monitor for which systems need an actual reboot? Required reboot Software can contain issues, which we call bugs. Most bugs are just annoying if you encounter them and can be fixed by upgrading to a newer version of the software. Other bugs are special in the way that they may leak sensitive […]

Read more

How and why Linux daemons drop privileges

How and why Linux daemons drop privileges In this article we have a look at the privileges of Linux daemons and dropping privileges in particular. The samples provided are in C. Why drop privileges? Some daemons need root permissions to start. This happens for example when a daemon wants to bind to a low port (<1024). However running network based daemons with root permissions is considered to be a serious risk. In case of compromise of the process, an attacker […]

Read more

Security Program: Implementing Linux Security

Security Program: Implementing Linux Security Information security is possibly one of the hardest subjects in IT. Doing too less and you risk of security breaches. Doing too much will restrict the core businesses of your organization. With a proper security program, implementing Linux security can be greatly simplified. By having a structured approach, the strength of the defenses will increase, while risks decrease. In this article, we have a look at how to properly prepare security projects and changes. This […]

Read more
1202122232429