Sep 302014
 

tux-terminal.jpg
Article by Daniel Miessler first posted on his blog

lsof is the sysadmin/security über-tool. I use it most for getting network connection related information from a system, but that’s just the beginning for this powerful and too-little-known application. The tool is aptly called lsof because it “lists openfiles“. And remember, in UNIX just about everything (including a network socket) is a file.

Interestingly, lsof is also the Linux/Unix command with the most switches. It has so many it has to use both minuses andpluses.

usage: [-?abhlnNoOPRstUvV] [+|-c c] [+|-d s] [+D D] [+|-f[cgG]]
 [-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+|-M] [-o [o]]
 [-p s] [+|-r [t]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names]

As you can see, lsof has a truly staggering number of options. You can use it to get information about devices on your system, what a given user is touching at any given point, or even what files or network connectivity a process is using.

For me, lsof replaces both netstat and ps entirely. It has everything I get from those tools and much, much more. So let’s look at some of its primary capabilities:

Continue reading »

Flattr this!

Sep 292014
 

The most new and dangerous bug around it’s the one called “shellshock”, this is a security bug in the widely used Unix Bash shell which was disclosed on 24 September 2014. Many Internet daemons, such as web servers, use Bash to process certain commands, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.

The bug causes Bash to unintentionally execute commands when they are stored in specially crafted environment variables. Within days, a series of further related vulnerabilities in Bash were found, leading to the need for further patches.

By 25 September, botnets based on computers compromised with this exploit were being used by attackers for distributed denial-of-service attacks and vulnerability scanning, source wikipedia

Let’s see how to check if your computer or server is vulnerable.
Continue reading »

Flattr this!

Sep 142014
 

sanctum

I’ve recently bought an offer for Sanctum 2 on Steam, and while at the start I was a bit skeptic, I must say that I like this mix between a Tower Defense and an FPS.

Sanctum 2 is the sequel to the world’s first Tower Defense/FPS hybrid game
Pick from four unique character classes and take up the mission of protecting the Cores from hordes of mysterious aliens. In Sanctum 2 you play your character exactly the way you want through the new and extensive customization system. Pick your own loadout of towers, weapons and perks, and pick well, because you are humanity’s last defense against the hordes set out to destroy it.

The normal cost of the complete bundle that includes the game + 5 DLC it’s around 23 € on Steam, but if you like it I suggest to put it on your wishlits and wait for some offer, the game it’s a bit old and so offers should be frequent, I got it with a discount of the 70%

The game has a great graphics, still it’s playable on my crappy computer, and both the solo campaign and the online co-op multiplayer are funny enough, so let’s see now some detail about this game:

Continue reading »

Flattr this!

Sep 132014
 

Systemd
Article by Stuart Burns first posted on Openlogic.com

With Red Hat Enterprise Linux 7 released and CentOS version 7 newly unveiled, now is a good time to cover systemd, the replacement for legacy System V (SysV) startup scripts and runlevels. Red Hat-based distributions are migrating to systemd because it provides more efficient ways of managing services and quicker startup times. With systemd there are fewer files to edit, and all the services are compartmentalized and stand separate from each other. This means that should you screw up one config file, it won’t automatically take out other services.

Systemd has been the default system and services manager in Red Hat Fedora since the release of Fedora 15, so it is extensively field-tested. It provides more consistency and troubleshooting ability than SysV – for instance, it will report if a service has failed, is suspended, or is in error. Perhaps the biggest reason for the move to systemd is that it allows multiple services to start up at the same time, in parallel, making machine boot times quicker than they would be with legacy runlevels.

Continue reading »

Flattr this!

Sep 082014
 

Guest post by Sophie Davidson

Modern day criminals are no longer entering banks with ski masks and pistols. Today’s felons are moving into cyberspace to accomplish their nefarious goals.

Remember the old adage, “a criminal always returns to the scene of the crime”? It turns out this maxim holds a lot of weight with regards to DDoS cybercrime.

Double DDoS

Recent research from BT revealed that about 41% of online businesses surveyed were victims of DDoS in the last 12 months. The more notable findings of the research showed that, of those attacked, over 78 percent were subsequently hit a second time shortly thereafter.

Distributed Denial of Service attacks or DDoS encompass a large variety of cyber threats designed to overwhelm a target’s server, or jam up their network. By disrupting a target’s resources, the hackers succeed in preventing normal traffic (such as users or customers) from passing through.

The effects of these attacks are potentially devastating. After being hit by a strong attack, it takes on average at least 12 hours to offer full service back to users.

What can happen in 12 hours? This sort of disruption could mean losing hundreds of thousands of dollars in revenue. Or, perhaps worse, the trust between the user and the online business, built up over months or years, could be lost in a matter of minutes.
Continue reading »

Flattr this!