THREAT TRACE and TRACK are two HTTP methods used to debug web applications. These methods could be used by malicious users to perform Cross-site Tracing attacks which are used to bypass authentication token protections. httpd server is vulnerable to TRACE requests and this needs to be remedied, We need to disallow http trace requests in… Read More »
Details of the Vulnerability THREAT: The user ((local service account) has blank password in the shadow file, which allows to connect to the system without entering a password. IMPACT: An attacker may connect to the system by knowing just the username. SOLUTION: Set a password for the user(local service account). ( Many companies security policy… Read More »
This vulnerability allows a attacker to decrypt ciphertext using a padding oracle side-channel attack. POODLE affects Secure Socket Layer (SSL) version 3.0. It does not affect Transport Layer Security (TLS). To remediate this vulnerability SSL 3.0 should be disabled To check if your server is vulnerable follow the below steps Make a script file say… Read More »
Step by step tutorial to install OpenVPN on redhat/centos 6.X servers in the Amazon EC2 Cloud. Login to the Amazon EC2 Cloud Install the following # yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel -y Next download LZO RPM and the repo RPMForge has to be configured # wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm Prior to adding correct… Read More »
In our previous session we have seen what is Linux and history of Linux In today’s session we shall see what is a Linux Shell, Linux Architecture & Linux Directory Structure. Linux Shell Shell is a user program Shell is a environment provided for user interaction. Theoretically speaking Shell is a language interpreter that executes… Read More »
We shall start from Linux Administration ( Fundamentals) What is Linux Linux is an operating system, unlike other operating systems. We shall see how it is different from other operating systems. Linux is free Linux is portable to any hardware platform Linux was made to keep running on and on Linux is secure and versatile Linux… Read More »
Yum Detailed configuration according to specific requirement: Introduction: YUM (Yellowdog Updater Modifier) is the package manager which contains the RPM package files for Linux. RPM package file is a Red Hat Package Manager file that enables easy software installation on Red Hat/CentOS Linux. YUM Repositories hold RPM package files and enable download and installation of… Read More »
You have subscribed to a cloud service and build a Linux Virtual Machine (VM) from an existing image on the cloud …now you need to connect to your linux machine using a putty ( ssh client)…but most of the could providers provide a private key with the .pem extension which putty cannot authenticate directly as… Read More »
MediaWiki is a free Open Source server-based software designed to run on a large server farm for a website that gets millions of hits per day. MediaWiki is extremely powerful, scalable software and excellent for wiki implementation. It uses PHP to process & display data stored in a database.The Pages inside it use MediaWiki’s wikitext… Read More »
Maximum numbers of Organizations rely on LINUX SERVER’S, so as a Linux Admin we need to secure the Linux Server against any attack, Hence Enhancing Server security Any Linux Server online(either on WAN or LAN) is susceptible to attack as most of the applications and system software that are developed are intended for use on… Read More »