Red Hat / CentOS: Chroot Apache 2 Web Server

Posted on in Categories Apache, Linux distribution, package management, RedHat/Fedora Linux, Security last updated December 22, 2008

A chroot on Red Hat / CentOS / Fedora Linux operating changes the apparent disk root directory for the Apache process and its children. Once this is done attacker or other php / perl / python scripts cannot access or name files outside that directory. This is called a “chroot jail” for Apache. You should never ever run a web server without jail. There should be privilege separation between web server and rest of the system.

In this exclusive series, you will learn more about:

  • Securing an Apache 2 web server under Red Hat Enterprise Linux / CentOS Linux using mod_chroot
  • Virtual hosting configuration
  • Troubleshooting Chrooted Apache jail problem.

Debian GNU/Linux 4.0 Update 6 Released

Posted on in Categories Debian Linux, Linux distribution, Security, Security Alert last updated December 18, 2008

Didn’t take long to release new updated version.

The Debian project is pleased to announce the sixth update of its stable distribution Debian GNU/Linux 4.0 (codename “etch”). This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems. This update has been rated as having important security impact. You are advised to upgrade system ASAP.

FreeBSD Kernel Critical Update: arc4random predictable sequence vulnerability

Posted on in Categories FreeBSD, Security, Security Alert last updated November 25, 2008

FreeBSD today released a core (kernel) patched to plug “arc4random predictable sequence vulnerability” security hole in its operating systems version 6.x and 7.x stable release. When the arc4random random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random; and it may take up to 5 minutes before arc4random is reseeded with secure entropy from the Yarrow random number generator. All security-related kernel subsystems that rely on a quality random number generator are subject to a wide range of possible attacks. This update has been rated as having important security impact.

Debian Upgrade: GNU/Linux 4.0 Update 5 Available

Posted on in Categories Debian Linux, Howto, Linux, Linux distribution, Security, Security Alert last updated October 24, 2008

The industry strength community driven enterprise grade Debian GNU/Linux version 4.0 stable update 5 has been released and available for immediate downloaded as well as updates via apt-get package manager. This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems. All users are advised to upgrade system.

Security Alert: How To Stop Firefox Clickjacking Exploit Attack

Posted on in Categories CentOS, Debian Linux, fedora linux, Linux, Linux desktop, Mozilla, OS X, RedHat/Fedora Linux, Security, Security Alert, Windows, windows vista last updated September 26, 2008

Really scary exploit attack in wild, which affects all browsers under any desktop operating systems including MS IE, Linux, Apple safari, Opera, Firefox and Adobe flash. Any website that uses CSS and IFRAME (used to serve ads) can be used to attack on end users as attacker is able to take control of the links that your browser visits. In this article I will share few tips to stop this deadly attack until final patch is released by vendors.