Linux

https://www.cyberciti.biz/faq/how-to-prevent-unprivileged-users-from-viewing-dmesg-command-output-on-linux/ One can use dmesg command see or control the kernel ring buffer.  The kernel syslog contains debugging information that is often useful during exploitation of other vulnerabilities, such as kernel heap addresses.  There is an option that prevents unprivileged users from reading the syslog. sudo sysctl -w kernel.dmesg_restrict=1 →

https://developers.redhat.com/blog/2017/06/07/new-level-of-automation-with-ansible/?sc_cid=7016000000127ECAAY Ansible is a simple agent-less automation tool that has changed the world for the better. It has many use cases and wide adoption. This article is going to demonstrate Ansible. The intention of this article is not to teach you the basics of Ansible, but to motivate you to learn it. Shell has been the comfort zone of →

http://www.zdnet.com/article/why-you-must-patch-the-new-linux-sudo-security-hole/ Ironically, only the most secure Linux server setups are vulnerable to this newly discovered hole. If you want your Linux server to be really secure, you defend it with SELinux. Many sysadmins don’t bother because SELinux can be difficult to set up. This makes the newly discovered Linux security hole — with the sudo command that only hits →

https://www.linux.com/news/event/open-source-summit-na/2017/5/thin-client-market-embraces-raspberry-pi Is the Raspberry Pi ready to take over the low-end thin client market? This week, NComputing unveiled the RX-HDX, its second Raspberry Pi based thin client. In addition, ViewSonic announced a software upgrade for the Pi-based SC-T25 thin client that it announced last year. The future of thin clients — low-cost, remotely managed virtual client →

https://www.cyberciti.biz/faq/howto-use-curl-command-to-do-post-data-requests-linux-unix/ How do I use the cURL command on Linux or Unix to post data i.e. upload something on Linux or Unix?  →

http://www.zdnet.com/article/its-not-just-windows-anymore-samba-has-a-major-smb-bug/ The other week, Microsoft got its security teeth kicked in when an old SMB security hole was exploited by the WannaCry ransomware attack. This week, it’s the turn of Samba, the popular open-source SMB server. Like the WannaCry security hole, the good news is the Samba file-sharing bug has already been fixed. The bad news is you →

https://opensource.com/article/17/5/introduction-ext4-filesystem?sc_cid=7016000000127ECAAY The EXT4 filesystem primarily improves performance, reliability, and capacity. To improve reliability, metadata and journal checksums were added. To meet various mission-critical requirements, the filesystem timestamps were improved with the addition of intervals down to nanoseconds. The addition of two high-order bits in the timestamp field defers the Year 2038 problem until 2446—for EXT4 filesystems, at least. →

http://www.pcworld.com/article/3197628/linux/fight-ransomware-by-running-windows-in-linux-as-a-virtual-machine.html Running Windows as a virtual machine in Linux may seems like unnecessary work until something like the Wannacry ransomware scare comes along.  Despite its headaches, desktop Linux rarely is the target of malware. (When it is, it can generally present a smaller attack surface.)  And if you need to run applications in Windows, run →

https://developers.redhat.com/blog/2017/05/16/it-takes-more-than-a-circuit-breaker-to-create-a-resilient-application/?sc_cid=7016000000127ECAAY Topics such as application resiliency, self-healing, antifragility are area of interest for many. This article is trying to distinguish, define, and visualize these concepts, and create solutions with these characteristics. So what does a typical resiliency pitch look like: use timeouts, isolate in bulkheads, and of course apply the circuit breaker pattern. I agree with all →

https://opensource.com/business/16/6/managing-passwords-security-linux?sc_cid=7016000000127ECAAY Managing password and security related issues in Linux is important, but there are some simple steps you can take to make your system more secure.  We’ve seen that there can be a large number of attempts to log on to a publicly accessible system. So, what can we do? There are a few things →