Performing General Security Tests

by

You    can    assess    critical,    and    often    overlooked,    security    issues    on    your    Linux    systems, such    as    the    following: Misconfigurations    or    unauthorized    entries    in    the    shadow    password    files,    which could    provide    covert    system    access Password    complexity    requirements Users    equivalent    to    root Suspicious    automated    tasks    configured    in    cron,    the    script    scheduler    program Signature    checks    on    system    binary    files … Read more

Checking Physical Security

by

Some    Linux    vulnerabilities    involve    the    bad    guy    actually    being    at    the    system    console    — something    that’s    entirely    possible    given    the    insider    threats    that    every    organization faces. Physical    security    hacks If    an    attacker    is    at    the    system    console,    anything    goes,    including    rebooting    the    system (even    if    no    one    is    logged    in)    by    pressing    Ctrl+Alt+Delete.    After    the   … Read more

Finding Buffer Overflow Vulnerabilities

by

RPC    and    other    vulnerable    daemons    are    common    targets    for    buffer-overflow    attacks. Buffer    overflow    attacks    are    often    how    the    hacker    can    get    in    to    modify    system    files, read    database    files,    and    more. Attacks In    a    buffer    overflow    attack,    the    attacker    either    manually    sends    strings    of    information    to the    victim    Linux    machine    or    writes    a    script    to   … Read more

Securing the .rhosts and hosts.equiv Files

by

Linux    —    and    all    the    flavors    of    UNIX    —    are    file-based    operating    systems.    Practically everything    that’s    done    on    the    system    involves    the    manipulation    of    files.    This    is    why    so many    attacks    against    Linux    are    at    the    file    level. Hacks    using    the    hosts.equiv    and    .rhosts    files If    hackers    can    capture    a    user    ID    and    password    by   … Read more

Cyber Security

by

Cyber security measures are associated with managing risks, patching vulnerabilities and improving system resilience. Key research subjects include techniques associated with detecting different network behavior anomalies and malware, and IT questions related to IT security. Since these research subjects mainly concentrate on the physical, syntactic and semantic layers, present research infrastructures are focused on studying … Read more

Commercial software: Not cheap, but has maintenance

by

The other option for running VM software yourself is to use commercial software. Most people automatically think of commercial software as a ‘safe’ option, and it usually constitutes the bulk of installed applications. But commercial software has drawbacks, so consider these points: Commercial software costs real money. You have to buy it, and that requires … Read more

Open Source software: Free, but not cheap

by

Open Source software is usually developed in an open, collaborative manner. The software is typically free, and users are able to use, change, improve, or share it. However, three considerations about Open Source software don’t bode well for use with VM: Questionable code. Open Source code is developed by the public, and you can’t be … Read more

Run Software Yourself

by

Software-based solutions enable you to install software for vulnerability management on your internal network and run them yourself. Software can automate many processes for VM. However, having the control over VM software carries the usual price tag of having to manage it (and secure it). You have to successfully operate and maintain everything – in … Read more

Identifying the vulnerability shortlist

by

The VM solution you select needs to provide the capability to scan for and fix vulnerabilities in a broad range of categories, including: Back Doors and Trojan Horses (bypass authentication systems).  Brute force attacks (defies cryptography by systematically trying different keys). CGI (exploits the Common Gateway Interface). Databases. DNS and Bind (exploits Domain Name … Read more

Detecting and Removing Vulnerabilities

by

Vulnerability management has evolved from simply running a scanner on an application, computer, or network to detect common weaknesses. Scanning is an essential element of vulnerability management, but VM includes other technologies and workflow that contribute to a bigger picture required for controlling and removing vulnerabilities. The primary objectives of VM are to:  Identify … Read more