Server Security

Critical BASH vulnerability discovered – update BASH on your CentOS Linux server!!! ## Shellshock vulnerability ## Summary >> A critical code execution vulnerability (Remote) affecting bash (Unix shell) has been discovered on September 24, 2014. >> The vulnerability occurs because bash does not stop after processing the function definition; it continues to parse and execute shell commands following the function …

very serious security problem has been found in the Linux kernel. A 0-day local privilege escalation vulnerability has existed since 2012. This bug affects millions of Android or Linux applications to escalate privileges. Any server or desktop (32 or 64 bit) with Linux Kernel version 3.8+ is vulnerable. How do I fix this problem? The bug As per the original …

Overview rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. Instructions 1. Log into your …

The Exim mail server has a lot of options/commands to find out the details of spammers easily from the command line. We can find out the mail queue details, spam mail sender details, spam mail counts etc from the link I mentioned above. Here is a script/piped-command to find out the spam mailing script’s location/folder in the server. It would …

In this time, we all are aware about the new Open SSL Heartbleed vulnerability. The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. You will get more details from this link Heartbleed. The open SSL version 1.0.1 version has vulnerabilities except 1.0.1g and other versions. Different communities …

Maldet also known as Linux Malware Detect virus scanner for Linux. Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates …

Having such issue starting/stopping CSF on RHEL/CentOS 7? # csf -x *WARNING* URLGET set to use LWP but perl module is not installed, reverting to HTTP::Tiny You have an unresolved error when starting csf: Error: /sbin/ifconfig (ifconfig binary location) -v does not exist!, at line 2510 in /usr/sbin/csf You need to restart csf successfully to remove this warning, or delete …