End of Lulz (maybe?)

 Tech  No Responses »
Jun 262011
 

So as announced earlier LulzSecurity is quitting their movement.

I’m sure we’ll see some copycat groups pop up in the next few years, but one thing will resonate with everyone from the LulzSec hacks: We should all pay more attention to security.

Now I realize that as companies get larger and larger, they let information security fall by the wayside. Everything from Security Awareness training to systems hardening and review *should* be implemented for every company who services any users.

Instead, we get corporations with unpatched Windows XP machines sitting unfirewalled on the internet. Secretaries that will gladly tell you information you shouldn’t know, with just a few kind words. Systems that are 10 years old that have had no patches for at least that long because everyone forgot they existed.

I won’t lie. I haven’t been dedicated to the security game in a long time. I make a concerted effort to prevent remote exploitation of my machines, and I keep them up to date with security patches and scans. I also don’t face known vulnerable systems to the internet, because I’m not dumb. Most of what I do with my personal systems is just best practice to me.

And I’m not even close to secure. Those of you who don’t follow any of these sorts of practices are just inviting hackers in.

LulzSec showed everyone that there is a big problem with the way many large corporations/government affiliates handle security. If we take anything from their brief 50 day run at the internet, we should take this: security should come first.

I realize I’m posting when I’m less than coherent. And I’m also 99% sure that my site will be hacked as soon as I hit “Post”.

Just please remember, “Security First”. Protect your poor data, because it can’t protect itself.

 Posted by Derek at 12:29 am  Tagged with: ,

Lynis security scanner = Neat.

 Linux, Tech  No Responses »
Apr 132009
 

Just checked out lynis from rootkit.nl. Lynis is:

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.

This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It can be run without prior installation, so inclusion on read only storage is no problem (USB stick, cd/dvd).

Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOX (Sarbanes-Oxley) compliance audits.

It’s pretty cool, actually. I wont include all of the scanning output here, but I will show the results of a scan from a (somewhat) default CentOS 5 install. Take a look if all of this magic security stuff interests you.


================================================================================

-[ Lynis 1.2.6 Results ]-

Tests performed: 134
Warnings:
----------------------------
- [20:46:34] Warning: No password set on GRUB bootloader [test:BOOT-5121] [impact:M]
- [20:46:50] Warning: Couldn't find 2 responsive nameservers [test:NETW-2705] [impact:L]
- [20:46:55] Warning: No MySQL root password set [test:DBS-1816] [impact:H]
- [20:46:55] Warning: PHP option expose_php is possibly turned on, which can reveal useful information for attackers. [test:PHP-2372] [impact:M]
- [20:47:00] Warning: No running NTP daemon or available client found [test:TIME-3104] [impact:M]

Suggestions:
----------------------------
- [20:46:34] Suggestion: Run grub-md5-crypt and create a hashed password. After that, add a line below the line saying timeout=: password --md5 [test:BOOT-5121]
- [20:46:49] Suggestion: Install package 'yum-utils' for better consistency checking of the package database [test:PKGS-7384]
- [20:46:50] Suggestion: Check your resolv.conf file and connectivity to your nameservers [test:NETW-2705]
- [20:46:55] Suggestion: Use mysqladmin to set a MySQL root password (mysqladmin -u root -p password MYPASSWORD) [test:DBS-1816]
- [20:46:55] Suggestion: Change the expose_php line to: expose_php = Off [test:PHP-2372]
- [20:46:55] Suggestion: Change the enable_dl line to: enable_dl = Off, to disable downloads via PHP [test:PHP-2374]
- [20:46:55] Suggestion: Change the allow_url_fopen line to: allow_url_fopen = no, to disable downloads via PHP [test:PHP-2376]
- [20:46:57] Suggestion: Enable logging to an external logging host for archiving purposes and additional protection [test:LOGG-2154]
- [20:47:00] Suggestion: Check if any NTP daemon is running or a NTP client gets executed daily, to prevent big time differences and avoid problems with services like kerberos, authentication or logging differences. [test:TIME-3104]
- [20:47:02] Suggestion: Confirm that freshclam is properly configured and keeps updating the ClamAV database [test:MALW-3286]
- [20:47:02] Suggestion: Harden the system by installing one or malware scanners to perform periodic file system scans [test:HRDN-7230]
================================================================================
Files:
- Test and debug information : /var/log/lynis.log
- Report data : /var/log/lynis-report.dat
================================================================================
Hardening index : [49] [######### ]
================================================================================
Lynis 1.2.6
Copyright 2007-2009 - Michael Boelen, http://www.rootkit.nl/
================================================================================

 Posted by Derek at 8:58 pm  Tagged with: , ,
© 2011 ConvolutedTheory Suffusion theme by Sayontan Sinha
  • About
  • NetXfer on Linux HOWTO
  • Security Related
  • Gaming
  • General
  • Tech
  • Uncategorized
  • 2011
  • 2010
  • 2009
  • 2008