Sep 292014
 

The most new and dangerous bug around it’s the one called “shellshock”, this is a security bug in the widely used Unix Bash shell which was disclosed on 24 September 2014. Many Internet daemons, such as web servers, use Bash to process certain commands, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.

The bug causes Bash to unintentionally execute commands when they are stored in specially crafted environment variables. Within days, a series of further related vulnerabilities in Bash were found, leading to the need for further patches.

By 25 September, botnets based on computers compromised with this exploit were being used by attackers for distributed denial-of-service attacks and vulnerability scanning, source wikipedia

Let’s see how to check if your computer or server is vulnerable.
Continue reading »

flattr this!

Apr 152014
 

An interesting article by Cirrus first posted on his blog

Hi

Again ill be writing about yet another TUI application, which will run with or without an X server. Those who know me are aware i prefer to use the console where possible, not because i wanna be l33t but merely because i find it does things better, faster and in many cases opens up more options/preferences than you get with the GUI counterparts. My latest find started life in or around December of 1994 as a DOS binary-only freeware. Thankfully at the tail end of 2003 someone took the time and effort to port it to Linux, and other ‘Unix like’ Operating systems.

Open Cubic Player (OCP) as mentioned will run in a TTY as well as in a graphical environment, here’s a few scrot’s of OCP

ocp02 ocp01

Continue reading »

flattr this!