Posts Tagged “Linux”
Posted by alex in Security
Yesterday I wrote an article about securing your /tmp and /var/tmp directories on a Linux server because I had found some files uploaded to the /tmp directory via the apache user. After locking down those directories I wanted to verify that there were no other issues on the server so I installed Rootkit Hunter and Rootcheck which are two applications that will assist you with verifying the integrity of your Linux server. Below is information on installing Rootkit Hunter and Rootcheck as well as information on how to use each of them effectively.
Read the rest of this entry »
Tags: --propupd, 1.3.6, 2.4, apache, application versions, backdoor ports, bind, CentOS, compile, install, Linux, linux malware, linux rootkit, malware, openssh, openssl, PHP, rkhunter, rkhunter.log, rootcheck, rootkit, rootkit hunter, tar
No Comments »
Posted by alex in Insights
A couple days ago a CentOS Linux server that I took over administration on had some mysterious files show up in the /tmp and /var/tmp directories. The files were placed in /tmp and /var/tmp by the apache user meaning there is some form of security hole in Apache, PHP, or one of the virtual hosts has an insecure application installed. Before looking into where the issue is I needed to lock things down so no applications could be executed from these directories in the future regardless of a security flaw in the future. Below are instructions on how to secure /tmp and /var/tmp.
Read the rest of this entry »
Tags: /tmp, /var/tmp, apache, binaries, CentOS, dd, executable, ext3, filesystem, format, fstab, Linux, mkfs.ext3, mount, noexec, nosuid, PHP, remount, tmpDIR, tune2fs
No Comments »
Posted by alex in Insights
I wrote a previous article about obtaining the BIOS version on a Dell Poweredge 650 server which had the end goal of updating the BIOS version on the server if a new BIOS version was available. So after obtaining the BIOS version of the Poweredge 650 server I needed the Dell Service Tag from the server so I could use Dell’s web site to see if a new BIOS version was available. Below is information on how to obtain the Dell Service Tag as well as the Dell Express Service code for the server if it is running a Linux operating system.
Read the rest of this entry »
Tags: 650, base10, base36, convert, Dell, dell service tag, dmidecode, express service code, Linux, poweredge, service tag, system-serial-number
No Comments »
Posted by alex in Insights
I have a development server, which is a Dell Poweredge 650, running CentOS Linux that is used for testing PostgreSQL database replication via log shipping and recently the server has been crashing after only running for a couple hours from a kernel panic. One of the things I wanted to verify is if there is a new BIOS version available but first needed to verify the current BIOS version installed. Below is information on how to determine what BIOS version a Linux server is using while the server is running.
Read the rest of this entry »
Tags: A04, BIOS, bios-vendor, bios-version, CentOS, decoder, Dell, dmi table, dmidecode, human readable, Linux, poweredge, poweredge 650, release date, smbios, vendor, version
No Comments »
Posted by alex in Security
Recently I was doing a security audit on a Linux server and noticed some Apache and PHP items that needed to be modified to make the server more secure. One of the items that should be disabled is allow_url_fopen because the risk that it can be abused. The issue is that allow_url_fopen is on by default even though many times it is never used on a server. Modify the below line in the Linux servers php.ini file which typically located in the /etc directory.
Read the rest of this entry »
Tags: .htaccess, /etc, allow_url_fopen, apache, CentOS, disable, fopen, httpd.conf, Linux, PHP, php.ini, virtual host
No Comments »
|
Entries (RSS)