Security

An all new category about current security issues like the shellshock bug


Encrypting and Decrypting data using SSL Key

First generate the RSA key (key.pem): openssl genrsa -out key.pem 4096 openssl rsa -in key.pem -text -noout   Then save the public key in pub.pem: openssl rsa -in key.pem -pubout -out pub.pem openssl rsa -in pub.pem -pubin -text -noout   As an example we're creating a simple text file and encrypt it: echo test12345 > […]


Securing SSH access with Port Knocking using iptables

This is working for Ubuntu and Debian and might be slightly different for other distributions. However, the rules that are implemented will work on every distribution's iptables. First install the package iptables-persistent: apt-get install iptables-persistent Do not save the current configuration when asked as we will create a new one. Now put the following contents […]


How to secure SSH server access with MFA

First install Google Authenticator: apt-get install libpam-google-authenticator This works well on Ubuntu (Trusty or newer). In case your distribution doesn't provide a package, have a look here. Next, login to your server with the user you're going to use MFA with, execute google-authenticator and follow the steps as indicated below. You may scan the QR-Code which is […]


Securing Mac-OS from CVE-2014-7169 (Shellshock / Bash bug)

For this to work you need to have Xcode installed. If you don't have it, try: sudo xcode-select –install In a terminal execute these commands: mkdir bash-fix cd bash-fix curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf – cd bash-92/bash-3.2 curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0 curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-053 | patch -p0 curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-054 | patch -p0 cd .. xcodebuild Wait until you […]


Securing Mac-OS from CVE-2014-6271 (Shellshock / Bash bug)

For this to work you need to have Xcode installed. If you don't have it, try: sudo xcode-select –install In a terminal execute these commands: mkdir bash-fix cd bash-fix curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf – cd bash-92/bash-3.2 curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0 cd .. xcodebuild Wait until you see "BUILD SUCCEEDED". Backup your old executables: […]


Test for Bash Bug Vulnerability CVE-2014-6271 (Shellshock)

Try this line in a Mac or Linux terminal to know if you're vulnerable nor not: env x='() { :;}; echo vulnerable' bash -c 'echo test' If you're not vulnerable, this line will just output "test", else it will output "vulnerable test". For Debian Wheezy users there's an official update available already. For those that […]


Upgrading Proftpd from 1.3.3a to 1.3.3g on Debian Squeeze

As the current version of Proftpd has some important security problems and as Debian does not provide an updated package yet, the best way to patch Proftpd is to download the updated sources and create your own debian package. To do this we need to first install some needed packages: apt-get install autotools-dev fakeroot dh-make […]