| Security – Sudo vulnerability allows privilege scalation |
A 10 year old sudo related flaw has been discovered that can make unprivileged users obtain root permissions. Linux admins should patch this critical vulnerability as soon as possible.
Read more:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
$ sudoedit -s /
sudoedit: /: not a regular file
$ sudo apt update
$ sudo apt install sudo
$ sudoedit -s |
| Security – Error installing Kali: “Installation step failed” |
When I was installing a Kali virtual machine, I came across an error in the “Software selection” step
After confirming the software, the installation shows an “Installation step failed” message.
After browsing through some sites and forums, apparently the problem could be related to not configuring enough space and a suggestion is configuring more than 30-40 GB. But no luck, … Read more
| Checkpoint – Custom application signature ACST |
This time I show you the Checkpoint “Application Control Signature Tool”. This tool allows you to create your own Apps and URL filtering signatures.
For example, I’m using it to block Torrent clients based on the User-Agent, but it is very versatile and you can use it in many ways.
|
| Security – List available cipher suite using nmap |
If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).
But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more
|
| Security – View HTTP headers using tcpdump |
If you need to trace the HTTP request and response headers by capturing the related packets, you can use tcpdump in this way:
tcpdump -i ens192 -A -s 10240 'tcp port 80' | grep -v IP | egrep --line-buffered "..(GET |\.HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " |sed -r 's/..(GET |HTTP\/|POST |HEAD )/\n\n\1/g'
For example, filtering tcp port 80 and 192.168.10.100 IP address:… Read more
| Exchange – New vulnerability that allows privilege escalation |
A new vulnerability that affects Exchange on-premise servers has been discovered recently (https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/). By making use of the high privileges Exchange servers have by default, the attacker would be able to escalate from any user with a mailbox to Domain Admin access.
According to Dirk-jan Mollema (see upper link), the vulnerability has been tested against …
| Home Server (3) – First steps configuring HP Microserver Gen8 |
Third post of the Home Server series in which I explain how I built my own server.
Visit the first post for details about the objectives of the project.
Maybe you have decided to have your own server and already you are owner of any model as HP Microserver Gen8. Surely there are many more to be done, but these… Read more
|
| Checkpoint – Database Revision Control |
“Database Revision Control” is a really useful feature when you are going to make important and/or many changes in the firewall policy, objects…
To make an analogy, DRC are like snapshots (as in the case of VMWare of a virtual machine) of the policies, objects, etc … everything that contains the database of the management server of Checkpoint is backed … Read more
|
| Security – Create self signed SAN certificate with OpenSSL |
This post explains how to generate self signed certificates with SAN – Subject Alternative Names using openssl. It is a common but not very funny task, only a minute is needed when using this method.
The example below generates a certificate with two SubAltNames: mydomain.com and www.mydomain.com
Create configuration file for openssh (In a Linux … Read more
| Linux – Exim: Authenticated and TLS mail through smarthost |
Exim is a very flexible and common MTA (mail transfer agent) in Unix systems.
This posts shows the way to configure Exim as client to send authenticated and encrypted (TLS) emails through a smarthost.
Lets suppose the smarthost email server is listening on port 587 for secure outgoing SMTP…
To configure exim In … Read more
