From Linux to Windows: The Series
A new security initiative from corporate has forced a change in how I do things, at least on my company laptop.
I’ve been running some form of Unix on my work desktop and laptop for something like 8 years now. CentOS Linux (a free Red Hat Enterprise clone) has been the latest distro, and probably [...]
nmap is your friend
One of my favorite tools for tracking down abusive LDAP clients is nmap .
Here’s the “standard” command line “SYN Stealth Scan” with O/S detection (invoked as root):
nmap -sS -O -PI -PT 10.0.44.56
And here’s your typical output:
Starting Nmap 4.20 ( http://insecure.org ) at 2010-02-17 13:49 EST
Interesting ports on 10.0.44.56:
Not shown: 1690 closed ports
PORT [...]
Securing the system
“Malicious cyberactivity is occurring on an unprecedented scale with extraordinary sophistication.”
That’s a quote from Dennis Blair, the U.S. Directory of National Intelligence, at a Senate hearing today.
Unfortunately, nearly all efforts to defend our networks focus on the networks rather than the software that runs on them, the software that we all interact with directly.
Layer 7 [...]
Tripwire updates
Tripwire is an IDS (Intrusion Detection System) that used to come standard with Red Hat Enterprise Linux and other server operating systems. There is, and was, an open source version and a closed source “enterprise” version. In recent Red Hat releases the open source AIDE IDS is included with in the distribution.
AIDE (Advanced Intrusion Detection [...]
Securing OHS
There’s a technical paper over on SecureDBA covering the subject of securing the myriad of OHS (Oracle HTTP Server) versions out there.
Securing and Managing the Oracle HTTP Server by Kevin Sheehan and Brian Mulreany of Unisys is a free resource in pdf format. Get it, read it, and apply the advice contained therein. Includes extensive [...]
VMware 2 and RHEL 5.4
A while back I ran into some difficulty with recompiling VMware for the latest kernel then available for RHEL/CentOS 5.3, being 2.6.18-164.
After getting around it by using a patched version of the vmnet.tar source file, things worked normally enough until I upgraded to CentOS 5.4, whereupon the VMware admin server became flaky.
After some research, I [...]
Checking SSL cert expiration
Here’s a bash one-liner to check the expiration date of a site’s SSL certificate:
[webmaster@example~]$ openssl s_client -connect sso.example.com:443 2> /dev/null < /dev/null | openssl x509 -noout -enddate
Your answer should be something like:
notAfter=Jul 16 23:59:59 2011 GMT
This is another way to do it:
1. Download cert using
echo “” | openssl s_client -connect myserver:443 > example.pem
2. Parse cert [...]