≡ Menu

Security

FreeBSD Unix Find Out Which Programs Are Listing On a Given Port Number

I‘m a new FreeBSD Unix system user. How can I find out the process/programs names listing on a certain port on a FreeBSD Unix systems using command line? How do I lookup the process which is currently bound to the given network port on a FreeBSD server?
[click to continue…]

Ubuntu Linux: Edit and Open Files That Require Administrator Privileges

There are certain files in Ubuntu Linux (or Unix-like systems) that only root user access or edit. How can I edit and/or open files that requires admin (root) access on a Ubuntu Linux?
[click to continue…]

Glibc: GHOST Vulnerability Test To See If a Linux Sever Is Secure

The GHOST (CVE-2015-0235) is serious network function vulnerability in Glibc. How do I check and test if a my Linux based server is secure using command line options?
[click to continue…]

How To Patch and Protect Linux Server Against the Glibc GHOST Vulnerability # CVE-2015-0235

A very serious security problem has been found in the GNU C Library (Glibc) called GHOST. How can I fix GHOST vulnerability and protect my Linux server against the attack? How do I verify that my server has been fixed against the Glibc GHOST vulnerability?
[click to continue…]

How To PFSense Configure Network Interface As A Bridge / Network Switch

I have Soekris single board communication embedded computers which is optimized for low power and network usage. The server has four Ethernet ports. I’ve installed PFSense firewall on it and configure WAN + LAN ports. How do I setup IPv4 software bridge using PFSense so that the rest of ports act as a network switch?
[click to continue…]

Linux: Hide Processes From Other Users

I run a multi-user system. Most users access resources using ssh client. How can I stop leaking process information to all users on Linux operating systems? How do I prevent users from seeing processes that do not belong to them on a Debian/Ubuntu/RHEL/CentOS Linux server?
[click to continue…]

Linux: Log Suspicious Martian Packets / Un-routable Source Addresses

I run a web-server and I would like to log packets with un-routable source addresses on Linux operating system. How can I log spoofed packets on Debian / Ubuntu / CentOS / RHEL / Linux based server? How can I log a Martian packet (packet from Mars) on Linux operating systems?
[click to continue…]

Increase NFS Client Mount Point Security For a Web-Server noexec, nosuid, nodev Options

I am using NFS server version 4.x on a CentOS/RHEL based system. I’m mounting my shared /var/www/ directory on five Apache based nodes using the following syntax:

mount -t nfs4 -o rw,intr,hard,proto=tcp rocknas02:/httproot/www /var/www/

I noticed that due to bug in my app user can sometime upload executable or other device files to get out of chrooted Apache server. How can I prevent such security issues on a CentOS or RHEL based NFS client and sever setup?
[click to continue…]

Nginx: Allow All But Block Certain POST Request URLS For Selected Spammer IP Address/CIDR

I am a small business and ecom site owner. I also run a WordPress based blog to connect with my customers. However, I get too much spam from certain IPs and net-blocks. How do I block access to certain url(s) such as example.com/blog/wp-comments-post.php for selected IP address and CIDRs? How do I allow everyone including IP address 1.2.3.4 to access my blog but block IP address 1.2.3.4 accessing only example.com/blog/wp-comments-post.php? How do I block POST requests for selected IPs/CIDR on nginx?
[click to continue…]

Ubuntu Linux: Turn On Exec-Shield Buffer Overflow Protection

I am trying to set exec-shield protection on Linux as described here but getting the following error on Ubuntu Linux server version 12.04 LTS:

sysctl -w kernel.exec-shield=1
error: “kernel.exec-shield” is an unknown key

How do I fix this problem and make sure exec-shield buffer overflow protection security feature turned on Ubuntu Linux?
[click to continue…]