Configure Apache SSL Cipher Suites for Best Security | Apache can be configured to use various SSL Cipher suites. For best security, set Apache SSL settings to use only the highest grade security ciphers. It has become common practice to also set the server to prefer an RC4-SHA cipher both for speed (it’s fast!) as well as a fix against the BEAST attack. Google,
Apache WordPress Drupal Website Permissions
Apache WordPress Drupal Website Permissions | Permissions on a Linux webserver is an often confusing topic but hopefully I can clear the mud. There may not be one right answer for all, but below are some suggested configurations! The following applies to WordPress, Drupal, or any similar application. Two concepts to hang on to: – In Linux there are users who
How to Generate a Private Key and CSR from Command Line
How to Generate a Private Key and CSR from Command Line | Use the following command to generate a private key and certificate signing request (CSR): $ openssl req -new -newkey rsa:2048 -nodes -keyout server_private.key -out server_csr.csr In the dialog that follows, pay particular attention to the CommonName (CN) indication. If you need a certificate for example.com, use example.com (exactly) as the CN. For example, if you
Nessus html5 URL
Nessus html5 URL | Nessus now has a fancy html5 interface! The URL is: https://localhost:8834/html5.html
Use nmap to check DNS configuration best practices
Use nmap to check DNS configuration best practices | A new NSE script in nmap 6.25 checks DNS zone configuration best practices. I’ll show you how it works! First, you will need nmap 6.25 (or later) installed: http://nmap.org/download.html Now with nmap 6.25 installed, run the below command against a DNS server. In this example, I am checking the configuration of the zone google.com from
Linux Security Weekly | 027
Linux Security Weekly | 027 | Hello and welcome to Linux Security Weekly for December 2, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News Firefox 17.0.1 Firefox ESR (10.0.11) http://www.mozilla.org/security/known-vulnerabilities/firefox.html http://www.mozilla.org/en-US/firefox/17.0.1/releasenotes/ http://www.mozilla.org/en-US/firefox/organizations/all.html PHP 5.4.9 and PHP 5.3.19 http://www.php.net/index.php#id2012-11-22-1 Linux rootkit
Linux Security Weekly | 026
Linux Security Weekly | 026 | Hello and welcome to Linux Security Weekly for November 18, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News PHP 5.5.0 Alpha1 released http://www.php.net/index.php#id2012-11-15-1 FreeBSD security incident http://www.freebsd.org/news/2012-compromise.html Drupal 7.17 – maintenance update http://drupal.org/drupal-7.17-release-notes Google
Wordfence: Security Plugin for WordPress
Wordfence: Security Plugin for WordPress | Here is a review of Wordfence, a WordPress security : Wordfence: Security Plugin for WordPress If you find this topic interesting, you may also be interested in Expert Pen Testing or CISSP training. Cool!
Linux Security Weekly | 025
Linux Security Weekly | 025 | Hello and welcome to Linux Security Weekly for November 11, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News joomla http://blog.sucuri.net/2012/11/joomla-2-5-8-and-3-0-2-released-security-updates.html http://developer.joomla.org/security/news/544-20121102-core-clickjacking http://developer.joomla.org/security/news/541-20121001-core-xss-vulnerability XSS vulnerability in swfupload in WordPress http://seclists.org/fulldisclosure/2012/Nov/51 https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/ netOffice Dwins SQL Injection
How to update VMware ESXi
How to update VMware ESXi | To update VMware ESXi, a patch can be easily applied at the ssh command prompt. Here is how it works! Note: make sure ssh is enabled to your ESXi server. First download the .zip patch file from the vmware website: http://www.vmware.com/patchmgr/findPatch.portal Next copy this .zip file to your ESXi installation via sftp. Make sure to
