5 Benefits of Performing Security Audits on Your Servers

Past December, South Korea-based Cryptocurrency exchange Youbit shut down its door after it was hit by a cyber-attack (for the second time in 8 months). Only a week back, a Japanese Cryptocurrency exchange Coincheck was hacked, costing it more than $534 million. These instances of cyber-terrorism are not just limited to the crypto-community. The number [...]

2018-04-06T17:26:48+05:30March 13th, 2018|Server Administration, Server Security|0 Comments

Staying Safe and Secure in Amazon AWS

You're probably familiar with this icon and see it a lot these days. After all, it's one of the most trending things in business circles today. In case you're among the minority and have no idea about what the icon represents then here's a bit of useful information for you. The above icon is an [...]

2017-10-10T10:47:32+05:30September 23rd, 2017|Server Administration, Server Security|Comments Off on Staying Safe and Secure in Amazon AWS

Petya Ransomware

Petya ransomware derived its name from the movie, Golden Eye, a 1995 James Bond flick. It was first discovered in 2016, as member of encrypting ransomware. Its primary targets are Microsoft Windows-based systems. It prevents Windows from booting by corrupting the master boot record and encrypts a victim’s hard drive’s file system through the [...]

2017-08-22T21:10:21+05:30August 22nd, 2017|Server Administration, Server Security|0 Comments

Detect Windows SMB Vulnerability Using Metasploit Framework

At the time of this writing, the for MS17-010 exploit for metasploit framework is still in development. The copy can be seen at https://www.rapid7.com/db/modules/auxiliary/scanner/smb/smb_ms17_010 and https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue This serves as a purpose in order to test if any of your windows servers are still vulnerable to this hack. Metasploit Framework is a handy tool for [...]

2017-06-04T15:46:04+05:30May 20th, 2017|Penetration Testing, Server Security|0 Comments

Dirty COW Vulnerability ( CVE-2016-5195 )

A nine year old local privilege escalation vulnerability has been reported in linux kernel. All linux distribution are reportedly affected by this. In redhat/centos 5, 6 and 7, the way to identify the affected or unpatched system is like below. $ wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh $ bash rh-cve-2016-5195_1.sh An official version of the patch is not yet [...]

2019-10-09T11:45:03+05:30October 22nd, 2016|Server Administration, Server Security|0 Comments

Systemd NOTIFY_SOCKET Vulnerability

A systemd vulnerability has been reported which freezes systemd calls. Systemd has been widely adopted in latest Linux Distributions like Redhat Enterprise Linux, Ubuntu, Debian, SUSE Linux Enterprise Servers. Systemd is the daemon that manages other daemons in Linux. A zero sized message received in systemd notification socket will hang its pause system call. It [...]

2017-01-30T17:09:09+05:30October 8th, 2016|Server Administration, Server Security|Comments Off on Systemd NOTIFY_SOCKET Vulnerability

Server Hardening: Install and configure Chkrootkit

chkrootkit is a tool to locally check for signs of a rootkit. It is a common tool among system administrators to check for rootkits. Here, I will explain how to install chkrootkit and scan your server for rootkits. I will also explain how to write a bash script to automate the chkrootkit scan and email [...]

2009-09-20T22:28:38+05:30September 20th, 2009|Server Administration, Server Security, Uncategorized|Comments Off on Server Hardening: Install and configure Chkrootkit