Interview: MalwareMustDie and their Linux malware research

Linux malware, research, and more With great pleasure, we interviewed unixfreaxjp. He is the leader and founder of the malware research group MalwareMustDie. We want to learn about their activities, Linux malware, and useful skills for security professionals. Keep reading! Interview MalwareMustDie About the MalwareMustDie organization So for those never heard about MalwareMustDie, can you tell us who you are? As stated on our web site. MalwareMustDie, is a white-hat anti cybercrime security research workgroup. launched in August 2012, is an Non […]

Read more

Using encrypted documents with vim

Encrypting files with vim Everyone has secrets. Or at least some data you don’t want to show others, right? Vim is a common editor to be found on Linux systems. It has an option to create and use encrypted files. We will look at how to configure it and use this encryption capability. Encryption is the process of fiddling with data so that others no longer can’t read it. The idea is that you still can, so when we speak […]

Read more

Changing file permissions on macOS (and using flags)

Using file flags on macOS While performing system hardening on macOS, you may encounter a typical chmod error. Something like this: chmod: Unable to change file mode on /usr/bin/gcc: Operation not permitted Even with root permissions, you can’t change the permissions of some files. How is this possible? This is caused by flags. Showing file permissions and flags To see if a file has any flags set, use the ls command with the l (el) and O (capital o). ls -lO /usr/bin/gcc […]

Read more

Is your /etc/hosts file healthy?

Audit your /etc/hosts file The /etc/hosts file is one of the few files you will always find on a Linux system. It stores the ‘hosts’ database, and can be used to resolve between IP addresses and hostnames. Although the file is very simple structured, it is still common to see minor issues with name resolving on systems. Guess what, your /etc/hosts file might be causing more trouble than you think. A regular check up won’t hurt. Order matters in name resolving […]

Read more

Tools compared: rkhunter VS Lynis

Rootkit Hunter and Lynis compared The question about what the differences are between rkhunter and Lynis is showing up more and more. Time to share the purpose of both and show the difference in its usage. As the author of both tools, I should have done this nine years ago. So with some little delay, here it is. Rootkit Hunter Written in 2003, rkhunter had the goal to detect malware on Linux and UNIX-based systems. The main target was rootkits, with […]

Read more

Why we use your open source project (or not)

Common mistakes in open source software projects While ‘shopping’ for some libraries, it struck me how many open source software projects are suffering from basic mistakes. Well, mistakes might sound too harsh. What I mean are those things you find on a project, which could be better. They are usually things not considered by the developer, as we (developers) were never told about them. Doing 10+ years of open source development now, I can safely say I made many mistakes. Time to […]

Read more

How to see the version of Oracle Linux

Determine Oracle Linux version Oracle Linux is based on Red Hat Enterprise Linux. At first, it may be confusing to determine what specific operating system is running. This is because both have the /etc/redhat-release file. If that file exists, use the cat command to display the contents. Next step is to determine if there is a /etc/oracle-release file as well. If so, then you can be sure that Oracle Linux is running. cat /etc/oracle-release Sample output might be: Oracle Linux Server release […]

Read more

Ubuntu Server Hardening Guide: Quick and Secure

Ubuntu Server Hardening Guide The system hardening process of a server is critical during and after installation. It helps the system to perform its duties properly and stay secured as much as possible. This blog post about Ubuntu system hardening will look into the most critical steps to take first. More detailed system hardening steps can be added on top of these, for which we will share some tools and guides at the end. As most security guides only tell […]

Read more
1234528