Viruses are a real problem for computers that run the Windows operating system. But, as far as anyone has been able to tell, there’s no such thing as a virus that can harm a Linux-based operating system. So, the only real reason to run an antivirus solution on a Linux machine is to prevent infecting […]
The post Securing Linux System With Maldet appeared first on The Linux Juggernaut.
Read MoreIf you have an untrusted application that needs to be run in your Linux system, you can use a sandbox to run the application in a limited environment. In this way you can use the untrusted application without worrying about the security of your system. Sandboxing with Firejail uses namespaces, SECCOMP, and kernel capabilities to […]
The post Application Sandboxing with Firejail in Linux appeared first on The Linux Juggernaut.
Read MoreCyber-attacks are becoming increasingly ubiquitous and difficult to deal with and Hackers relentlessly try to exploit common weak passwords. As a result, organizations have to safeguard themselves by using strong password criteria to secure their systems. In this article, we’ll take a look at the mechanics of enforcing strong password criteria on a Linux system. […]
The post Enforcing Strong Password Criteria Using PWQUALITY appeared first on The Linux Juggernaut.
Read MoreNow that we’ve looked at the basics of setting up a good sudo configuration in this article, we’re confronted with a bit of a paradox. That is, even though sudo is a security tool, certain things that you can do with it can make your system even more insecure than it was. Let’s see how […]
The post Advanced tips and tricks for using sudo appeared first on The Linux Juggernaut.
Read MoreYesterday a zero-day vulnerability was discovered in a popular WordPress plugin, File Manager. The vulnerability allows arbitrary file upload and remote code execution. File Manager plugin is a useful plugin that allows users to browse site files in an easy way. The plugin has over 700,000 active installations that make…
The post 700,000 WordPress Sites Affected By Zero-day Vulnerability in File Manager Plugin appeared first on Linux Tutorials, FOSS Reviews, Security News.
Read MoreIf you think it’s possible that someone is linking to images hosted on your site add the following to you nginx config file # Stop deep linking or hot linking location /images/ { valid_referers none blocked www.linuxconsultant.org linuxconsultant.org; if ($invalid_referer) { return 403; } } Or if you want to be a wiseguy and replace the hotlinked image with something else # Stop deep linking or hot linking location /images/ { valid_referers none blocked www.linuxconsultant.org linuxconsultant.org; if ($invalid_referer) { return […]
Read More“Yes, I’m paranoid — but am I paranoid enough?” ― David Foster Wallace, Infinite Jest Hardening Public Servers Install system accounting On Debian based systems run ‘apt-get install acct’ then you can use commands lastcomm and sa to see who ran various comands. Also a log file will be writen to /var/log/account/pacct Remove compilers from production severs use the command ‘apt-get –purge remove gcc’ Setup remote logging See http://www.thegeekstuff.com/2012/01/rsyslog-remote-logging/ to find out how Install fail2ban Linux.com has a good intro to fail2ban http://www.linux.com/learn/tutorials/469597-weekend-project-keep-out-repeat-offenders-with-fail2ban-on-linux
Read MoreI have not blogged since a long time mainly because I was a bit busy authoring a book Squid Proxy Server 3.1: Beginner’s Guide for Packt Publications. The book is an introductory guide to Squid (especially the new features in Squid-3 series) covering both the basic aspects as well as the in dept details for …
Read More