Posts tagged with: tutorials (5)
tutorials
Create audit trails with sudoreplay
By Viktor Petersson on March 27, 2020
sudo is a tool used by most Linux/UNIX users on a daily basis to escalate permission. If you’re like me, you likely though that the features in sudo were “done” and final, just like you don’t monitor the the changelog for new features in tar (or at least I’m not). This is...
Continue reading
Meltdown and Spectre
By Fiona McAllister on January 20, 2020
Hardware Vulnerabilities: Meltdown and Spectre and how to protect yourself Introduction Meltdown and Spectre refer to 3 variants of hardware vulnerability found by the Google Project Zero Team and various other academic institutions and field experts. Unfortunately, these vulnerabilities exist on practically every piece of commercial hardware made since 1995. Companies such...
Continue reading
How to Securely Configure MongoDB
By Mahmoud Fahmy on November 24, 2019
How to Securely Configure MongoDB Required Skill Level: Intermediate Reading Time: 15-20 Minutes Introduction MongoDB is a NoSQL, document database that is widely used by companies and individuals. Its popularity and support makes it a contender for one of the best options for database needs. Unfortunately, its popularity makes it a target...
Continue reading
How to Audit OpenSSH Configuration and Secure It
By Mahmoud Fahmy on October 25, 2019
Introduction Required Skill Level: Beginner to Medium Reading Time: 15-20 Minutes In this post, we will review the fundamentals of a secure OpenSSH server. As you probably know the SSH (Secure Shell) is a method to remote login to a server. SSH is usually secure however if used with the default settings,...
Continue reading
What is SELinux and Why You Might Want It
By Fiona McAllister on October 15, 2019
Introduction Today we’re going to talk about SELinux - Security Enhanced Linux. For the everyday layman SELinux maybe daunting to setup, but is a good introduction into different ways to manage access control to your systems. More and more we give companies our precious data and the onus should be placed on...
Continue reading