Sep 292014
 

The most new and dangerous bug around it’s the one called “shellshock”, this is a security bug in the widely used Unix Bash shell which was disclosed on 24 September 2014. Many Internet daemons, such as web servers, use Bash to process certain commands, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.

The bug causes Bash to unintentionally execute commands when they are stored in specially crafted environment variables. Within days, a series of further related vulnerabilities in Bash were found, leading to the need for further patches.

By 25 September, botnets based on computers compromised with this exploit were being used by attackers for distributed denial-of-service attacks and vulnerability scanning, source wikipedia

Let’s see how to check if your computer or server is vulnerable.
Continue reading »

flattr this!

Aug 292014
 

If you manage a server with many different users or just your family computer you will probably have many different accounts to manage, and one important aspect of any account it’s its password.

In this small article I’ll show you how to use the basic passwd command but also how to do some small bash script or use a web application, if you have a more complex environment, such as a central ldap server that keep all your accounts information.
Continue reading »

flattr this!

Aug 132014
 

Article by giannis_tsakiris first posted on http://www.giannistsakiris.com

A hard link is actually nothing more than a regular directory entry, which in turn can be seen as a pointer to the actual file’s data on the disk. The cool thing about hard-links is that a file can be stored once on the disk, and be linked to multiple times, from different locations/entries, without requiring to allocate extra disk space for each file instance.

But then a question arises: Given a specific file on disk, how can someone know whether it is linked to by other directory entries or not? This can be easily answered using the ls command:

giannis@zandloper:/etc$ ls -l passwd
-rw-r--r-- 1 root root 1402 2008-03-30 17:49 passwd
;

Do you ever wonder what is this small number between the file permissions and the owner in the output of ls’s long listing format (its value is usually “1″ for files, or “2″ for directories)? This number is actually the link-count of the file, when referring to a file, or the number of contained directory entries, when referring to a directory (including the . and .. entries).
Continue reading »

flattr this!

Linux Terminal: the tee command

Linux Terminal: the tee command

The command “tee” it’s one of the basic commands that you should find in any system, yet it’s not so popular or use, this command reads standard input and writes it to both standard output and one or more files, effectively duplicating its input. It is primarily used in conjunction with pipes and filters. The [...]

Linux Terminal: Manage Processes with killall and kill

Original article by http://blog.shineservers.com/ Sometime a process “hang” both if you are using Gnu/Linux on your desktop (maybe a game ?) or as server, in these cases the best thing to do it’s to terminate that process, that probably is using precious resources, the basic commands to do this from a terminal are kill and killall. [...]