Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux

How to Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux Always keep backups. So backup now to an offsite location. Note the Linux kernel version running the following command: # uname -r Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux Type the following yum command: # sudo yum update You must reboot your Linux server using shutdown/reboot Read more about Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux[…]

Meltdown And Spectre Security Flaws

Articles and Information regarding the Meltdown And Spectre Security Flaws Links: https://meltdownattack.com/ https://hothardware.com/news/researchers-disclose-meltdown-and-spectre-cpu-vulnerabilities https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ Patches: VMware https://lists.vmware.com/pipermail/security-announce/2018/000397.html https://esxi-patches.v-front.de/ESXi-5.5.0.html#2017-09-14 How To’s Fix the Spectre on a CentOS/RHEL/Fedora/Oracle/Scientific Linux Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux

Install rkhunter on CentOS 6.6

Rootkit Hunter (rkhunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. Rootkits are self-hiding toolkits secretly installed by a malicious intruder to allow that user to gain access to the server. Rootkit Hunter offers protection by comparing SHA-1 hashes of important files with known good ones in a online database Read more about Install rkhunter on CentOS 6.6[…]

kernel: Firewall: *SYNFLOOD Blocked*

CSF Firewall is blocking these attacks in /var/log/messages Feb 25 02:13:33 servidor kernel: Firewall: *SYNFLOOD Blocked* IN=eth1 OUT= MAC=00:25:90:de:d3:d5:00:19:e8:f4:7a:3f:08:00 SRC=120.43.114.117 DST=64.150.187.59 LEN=52 TOS=0x00 PREC=0x00 TTL=47 ID=21531 DF PROTO=TCP SPT=4760 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Check with # netstat -alntp | grep SYN | wc -l You have set the following in your csf configuration but Read more about kernel: Firewall: *SYNFLOOD Blocked*[…]

Ghost Vulnerability

A very serious security problem has been found and patched in the GNU C Library called Glibc. It was announced on 27th January 2015.

Here are the affected Linux distros:

  • RHEL (Red Hat Enterprise Linux) version 5.x, 6.x and 7.x
  • CentOS Linux version 5.x, 6.x & 7.x
  • Ubuntu Linux version 10.04, 12.04 LTS
  • Debian Linux version 7.x
  • Linux Mint version 13.0
  • Fedora Linux version 19 or older
  • SUSE Linux Enterprise 11 and older (also OpenSuse Linux 11 or older versions).
  • SUSE Linux Enterprise Software Development Kit 11 SP3
  • SUSE Linux Enterprise Server 11 SP3 for VMware
  • SUSE Linux Enterprise Server 11 SP3
  • SUSE Linux Enterprise Server 11 SP2 LTSS
  • SUSE Linux Enterprise Server 11 SP1 LTSS
  • SUSE Linux Enterprise Server 10 SP4 LTSS
  • SUSE Linux Enterprise Desktop 11 SP3
  • Arch Linux glibc version <= 2.18-1

Read More to Fix the GHOST vulnerability on a CentOS/RHEL/Fedora/Ubuntu Linux
[…]

Install and Configure Monit on CentOS 6.6

Monit is not available from the system base repositories, you need to add and enable third party epel repository to install monit package under your RHEL/CentOS systems. # wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm # sudo rpm -Uvh epel-release-6*.rpm Install Monit # yum install monit Monit has it’s web interface that runs on port 2812 using web server. To Read more about Install and Configure Monit on CentOS 6.6[…]

Troubleshoot Network Scanning on Plesk Server

For abuse issues that involve your server host sending emails with complaints that your server is conducting network scanning. What is Network Scanning? Network scanning is a process of identifying active hosts on a network, either for the purpose of attacking them or for network security assessment. It laymans terms, if your hosting provider has Read more about Troubleshoot Network Scanning on Plesk Server[…]

Joomla protection

How to start protecting your Joomla Site Always keep Joomla core up-to date Always make sure you run the latest patched versions of extensions Make sure you choose strong passwords for all logins Check your own website for vulnerabilities Always check the webserver’s log files for potential hack attempts Secure your server if you host your Joomla website on Read more about Joomla protection[…]