Showing headlines posted by abefroman

PenTesting.Cloud, a free learning platform, has released their first 4 challenges. Utilize your Linux and Cloud Computing skills to exploit vulnerabilities in a lab environment. New challenges are released every two weeks. They are setup in a CTF style, where you can earn points and compete against other members.

Ever notice that email remains active when you suspend an account? The danger here is that cPanel allows email to be forwarded to a script. Therefore, if a forwarder is set to a malicious script this can be triggered, even after the account has been suspended. For example a forwarder to a reverse shell. Luckily there is an easy way to block this.

WordPress is a popular favorite among web site owners and its also a favorite among hackers. We reached out to WordPress.org as well as Automattic for comment on why they think this is the case and any future plans they have to make it more secure, particularly for themes and plugins created by 3rd parties, which is where the majority of the exploits are. Automattic has not responded to our request. WordPress.org got in touch with us stating they do review any plugins hosted by WordPress, but have no control over plugins not hosted by them. He also stated he didn’t have any information if any thing would be done differently by WordPress as far as how they handle non-hosted 3rd party themes and plugins in the future.

SiteBios is a free, OpenSource, Python based, 3 tier Linux control panel for CentOS 6 or 7. It consists of your LAMP stack and suite of shell scripts to help you manage your server. Started in 2013, SiteBios is the work of open source contributors from around the globe and is currently used by thousands of domains. Recently SiteBios has moved from Beta Version 0.6.5 to Stable Version 1.0, which is the version we’ll be installing today...

Today we’ve had the pleasure of interviewing a developer for the Site Bios control panel. SiteBios is a free, open source control panel for Linux, specifically CentOS. It contains your essential LAMP stack, where M denotes for MariaDB and P includes both PHP and a full features Post Fix mail service.

Today when people hear the word Pine, they automatically think about the Christmas tree, about its meaning and the joy of Christmas. For others, the word PINE brings back memories from "the good old days", the days when Linux and especially the folks at the University of Washington needed a good, easy to use and most important: free mail managing program. Thus, in 1989, Pine was conceived, and its name had nothing to do with the tree, simply because PINE is an abbreviation of the most generic software name: Program for Internet News and E-mail.

Last week we wrote about a 0-day exploit with cPanel. Now that all the cPanel servers have auto-updated, and patched the vulnerability, they have released additional info on the security update. They actually fixed 2 major security issues. Both issues were labeled as "important", which seems to be one of the highest, if not the high classification, and includes among other things remote code execution exploits, which thankfully were not the type of these 2 exploits.

cPanel Inc. has released a notice stating to upgrade cpanel via a "cPanel News: Targeted Security Release 2012-05-31 Announcement". These notices are extremely rare and should be taken very seriously. They did not give very many details other than to upgrade ASAP and they would release more specifics shortly, after everyone has a chance to upgrade.

As part of your overall hardening, and suite of security software you have installed, an IDS and/or IPS should not be left out. This is also a requirement for PCI Compliance. And IDS/IPS is very important for a number of reasons, first because when you are hacked, typically some sort of activity preceeded the hack, such as a port scan, which and IDS could detect, and an IPS could block. In addition the logs from your IDS/IPS can serve as part of your audit trail when investigating a security breach.

If you have an asterisk phone server running on a public IP, using the freePBX web GUI, and don’t have one of the latest releases it may be vulnerable. Its very common to have freePBX on an Internet routed IP, especially if you have multiple locations using the same freePBX server. And the scary part is, little documentation exists about this vulnerability, and as of right now its not listed on CVE details:

http://www.cvedetails.com/vendor/6470/Freepbx.html

There seems to be a belief these days that complying with the PCI standard is bound to be expensive and difficult to put in place. Actually if you have a Linux system, this doesn't have to be the case at all. However, while a Linux system is generally thought to be better for security, nevertheless, there are weaknesses to Linux that could be exploited by a potential hacker, and knowing these weaknesses and knowing how to deal with these weaknesses can be crucial to the server administrator who wants to ensure that his systems and networks are PCI complaint.

This article is going to tell you how to institute 'defense in depth' to ensure PCI compliance on a Linux platform. Before we go ahead with the details, you'll obviously want to know what defense in depth actually means. Now the entire basis of defense in depth is that your integral server has layer upon layer of security that ensures that intrusion is almost impossible.

PCI compliance is all about protecting your core servers, and you can't be careful enough when you go about this. Protecting your servers is all about guarding key components from the rest of your online systems, and most important of all, perhaps, is isolating the server that you use for crucial credit card data from the rest of the systems on your network. This is really the heart and soul of PCI compliance. Now I'm sure that the team you have in charge of security and PCI compliance has set up a Linux based system for your core servers. However, it's very unlikely that every system on your network uses Linux. Under such circumstances, every system that does not use Linux is a potential threat to the security of your network and to integrity of your PCI compliance.

With the Payment Card Industry Security Standards Council releasing their new standards version, PCI DSS 2.0, it is important to take a look at the security of your Linux server. Since the cPanel brand control panel and Web Host Manager software is the most popular control panel for Linux servers, we will cover achieving PCI compliance on a cPanel server. In this article we will also be using a CentOS server, and the commands should be the same/similar on CentOS, RedHat Enterprise and Fedora. The information below will help you keep your cPanel server secure, and pass a PCI compliant scan.

PhoneFactor is the leading global provider for phone-based two-factor authentication and has developed a simple, effective and efficient two-factor security system which ensured protection against today’s biggest threats. The latest version of PhoneFactor features a multi-factor authentication system. They also provide API’s (SDK’s) in PHP and Perl, as well as Ruby and Java, which means it is very compatible with your Linux server.

Becoming PCI complaint can be a daunting task, and its certainly not something that can happen overnight. We figure the time line for this will generally be about 10 days at the fastest. We will be going over a road map of how you can accomplish this, and what you can expect along the way. Covering everything from getting your server PCI compliant, some of the software and open source Linux tools you can use to help with this. As well as getting scanned by a PCI approved scanning vendor.

Following Thanksgiving is Black Friday, which is followed by Small Business Saturday, and then comes Cyber Monday, the biggest day for online retailers. Just as you have pick pockets and shoplifters out in force starting on Black Friday, the hackers and spammers will be out in force on the Internet, preying on your ambition to find the best deals online. We are going to go over a few things you, as e-consumers, should be aware of; and if you are one of the millions of people who have an e-commerce web site, we have a few tips for you as well.

Whether you're looking to run your own web server or searching for an ideal web host for your next PCI compliant e-commerce site, it's extraordinarily beneficial to know about security. In our ongoing effort to help spread the word about security as it pertains to web hosting, we would like to present a list of 7 of the best web server security tools available. All of these tools are powerful and freely available, and they should all be utilized on a truly secure server.

There are a number of things you can do if you think your Linux box was hacked. A common myth is to simply and quickly reinstall the OS, however that is the exact opposite of what you want to do, at least initially. What you want to do ASAP is take the box offline. Before you do that, you have an option, you can get some data on what's running and what IPs are currently connected.

Of the 12 new changes to the standards, the best part of the new PCI DSS rules is a change to rule 2.2.1, which specifically allows for virtualization. Such as using a VPS running Linux with Xen.