Linux Security Weekly | 003 | Hello and welcome to Linux Security Weekly for June 10, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: Firefox 13 http://www.mozilla.org/en-US/firefox/13.0/releasenotes/buglist.html https://www.mozilla.org/security/announce/ http://www.ubuntu.com/usn/usn-1463-1/ http://www.debian.org/security/2012/dsa-2488 http://rhn.redhat.com/errata/RHSA-2012-0710.html http://rhn.redhat.com/errata/RHSA-2012-0715.html Firefox ESR http://www.mozilla.org/en-US/firefox/organizations/ http://www.mozilla.org/en-US/firefox/10.0.5/releasenotes/ BIND http://www.isc.org/software/bind/advisories/cve-2012-1667 http://www.isc.org/software/bind/advisories/cve-2012-1033 https://access.redhat.com/security/cve/CVE-2012-1667 http://www.ubuntu.com/usn/usn-1462-1/
Linux – How to find what version of a package is installed
Linux – How to find what version of a package is installed | Below are commands to verify the exact version of a package installed in Linux. Root prompt or sudo is not required! Red Hat or CentOS: $ rpm -qa | grep package Example: $ rpm -qa | grep openssl openssl-1.0.0-20.el6_2.5.x86_64 If a package is not installed, the output will return nothing: $ rpm -qa | grep
How to Grab | Disable BIND Version Banner
How to Grab | Disable BIND Version Banner | The BIND DNS server by default will broadcast its version publicly. Security-minded admins may want to disable broadcasting of the BIND banner. I’ll show you how! Grab BIND banner It is possible to use dig, host, nslookup or whatever your favorite DNS tool may be to query the BIND banner. I like the host command
Linux Security Weekly | 002
Linux Security Weekly | 002 | Hello and welcome to Linux Security Weekly for June 03, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: Ruby on Rails SQL Injection vuln – CVE-2012-2661 http://seclists.org/oss-sec/2012/q2/448 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2661 http://blog.pentesterlab.com/2012/06/cve-2012-2661-exploitation-write-up.html Debian stable – not affected. Sid
Linux Security Weekly | 001
Linux Security Weekly | 001 | Hello and welcome to Linux Security Weekly for May 27, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: Skype http://blogs.skype.com/garage/2012/05/skype_22_for_linux_hotfix.html http://www.skype.com/intl/en-us/get-skype/on-your-computer/linux Wireshark http://www.wireshark.org/news/20120522.html Google Chrome http://googlechromereleases.blogspot.co.uk/2012/05/stable-channel-update_23.html Debian http://www.debian.org/News/2012/20120512 sudo CVE-2012-2337 http://www.sudo.ws/sudo/alerts/netmask.html http://www.debian.org/security/2012/dsa-2478 http://www.ubuntu.com/usn/usn-1442-1/ https://bugzilla.redhat.com/show_bug.cgi?id=820677 openssl
Firewall Security Testing
Firewall Security Testing | Check out this article on Firewall Security Testing: If this topic is relevant to your interests, you may want to check out related training options: Assessing & Securing the Perimeter “Mastery of multiple security techniques are required to defend your network from remote attacks. InfoSec Institute’s Assessing and Securing the Perimeter takes you there.” Complete
Install nmap 6 on Debian or Ubuntu Linux
Install nmap 6 on Debian or Ubuntu Linux | nmap 6 is out! It will be a couple of centuries before this is available in Debian, so I’ll show you how to easily create a .deb package right now. The following steps will provide a .deb package which is easy to cleanly uninstall at anytime as needed. Updated 19 June 2012! 1. First install
Safari Browser – Not Safe
Safari Browser – Not Safe | Current versions of Firefox, Chrome, and IE9 have built-in protection or filtering to prevent social engineering execution of XSS and javascript in the URL bar. (As of this writing, Firefox 12, Chrome 18). The only major browser that currently does _not_ do so well for these protections is Safari. Safari 5.1.5 on OS X Lion
The Importance of Securing a Linux Web Server
The Importance of Securing a Linux Web Server | Linux web hosting is popular but that also makes Linux a target for malware and other malicious hacking. Here is a write up pointing out some general best practices for Linux web servers: The Importance of Securing a Linux Web Server If you find this topic interesting, you may also be interested in Linux Boot
OS X Firewall Not Stealth
OS X Firewall Not Stealth | By default, the OS X Lion firewall enabled and stealth actually has a few ports open, despite the System Preferences displaying no services running and no ports open. A nessus scan will reveal the following UDP ports open and broadcasting information: 5353 / UDP 123 / UDP 127 / UDP Note: Ignore port 4242 TCP
