8 articles Linux Security

What’s New in Linux Kernel 5.0?

Linux Kernel 5.0 has been released. Previously earmarked to be version 4.21, the new release comes with an array of improvements (as you’d expect). But don’t expect grand changes just because there’s a natty new version number. Linus Torvalds explains that: “The numbering change is not indicative of anything special. If you want to have an official…

HowTos – Linux Security – HowTo Block SSH Server Attacks Using “DenyHosts”.

DenyHosts is an open source log-based intrusion prevention security program for SSH servers developed in Python. It is intended to monitor and analyzes SSH server logs for invalid login attempts, dictionary based attacks and brute force attacks by blocking the originating IP addresses by adding an entry to /etc/hosts.deny file on the server and prevents the IP address from making any further such…

Why Unikernels Are Great for DevOps

Unikernels are application sized virtualization like a container but use a unique kernel and OS like with a virtual machine. They are an image that contains a library operating system that can be directly be run on a hypervisor. Unikernels are single-purpose virtual machines (VM). They only run one application—which is interesting when you think about it, because that’s…

All about RPM ( redhat Package Manager) HowTos

How can I list the contents of an uninstalled rpm To list the contents. find out what dependencies a rpm file has: $ rpm -qpR [.rpm-file] $ rpm -qR [package-name] The RPM package manager rpm comes with various utilities to interact with packages. The following command will list all the files inside an RPM package:…

Signature of a Cyberattack

A DNS amplification attack is a reflection-based distributed denial of service (DDos)attack. The attacker spoofs look-up requests to domain name system (DNS) servers to hide the source of the exploit and direct the response to the target. … Most commonly, these are DNS servers that support open recursive relay.  DNS amplification can also be described as a Distributed Denial…

HowTos : How to log all LVM commands

By default, the LVM configuration does not allow you to log the commands that are used in a shell or in a GUI (e.g system-config-lvm) environment. However, it’s possible to active logging using the configuration file /etc/lvm/lvm.conf. Activate logging for all LVM commands To active logging follow these steps. 1. Edit the lvm.conf file and find…

HowTos – send Audit Logs to a Remote Rsyslog Server in RHEL7X

Perform these steps to set up the syslog server: 1. Uncomment the following lines in the ‘MODULES‘ section of /etc/rsyslog.conf: # vi /etc/rsyslog.conf $ModLoad imtcp $InputTCPServerRun 514 If you are using UDP then uncomment following lines: # vi /etc/rsyslog.conf $ModLoad imudp $UDPServerRun 514 2. Configure the rsyslog server to recieve rsyslog events from client. To receive…

All about systemd

systemd System and Service Manager What is this? systemd is a suite of basic building blocks for a Linux system. It provides a system and service manager that runs as PID 1 and starts the rest of the system. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps…