Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux

How to Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux Always keep backups. So backup now to an offsite location. Note the Linux kernel version running the following command: # uname -r Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux Type the following yum command: # sudo yum update You must reboot your Linux server using shutdown/reboot […]

Read More

Meltdown And Spectre Security Flaws

Articles and Information regarding the Meltdown And Spectre Security Flaws Links: https://meltdownattack.com/ https://hothardware.com/news/researchers-disclose-meltdown-and-spectre-cpu-vulnerabilities https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ Patches: VMware https://lists.vmware.com/pipermail/security-announce/2018/000397.html https://esxi-patches.v-front.de/ESXi-5.5.0.html#2017-09-14 How To’s Fix the Spectre on a CentOS/RHEL/Fedora/Oracle/Scientific Linux Fix the Meltdown on a CentOS/RHEL/Fedora/Oracle/Scientific Linux

Read More

Install rkhunter on CentOS 6.6

Rootkit Hunter (rkhunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. Rootkits are self-hiding toolkits secretly installed by a malicious intruder to allow that user to gain access to the server. Rootkit Hunter offers protection by comparing SHA-1 hashes of important files with known good ones in a online database […]

Read More

kernel: Firewall: *SYNFLOOD Blocked*

CSF Firewall is blocking these attacks in /var/log/messages Feb 25 02:13:33 servidor kernel: Firewall: *SYNFLOOD Blocked* IN=eth1 OUT= MAC=00:25:90:de:d3:d5:00:19:e8:f4:7a:3f:08:00 SRC=120.43.114.117 DST=64.150.187.59 LEN=52 TOS=0x00 PREC=0x00 TTL=47 ID=21531 DF PROTO=TCP SPT=4760 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Check with # netstat -alntp | grep SYN | wc -l You have set the following in your csf configuration but […]

Read More

Ghost Vulnerability

A very serious security problem has been found and patched in the GNU C Library called Glibc. It was announced on 27th January 2015. Here are the affected Linux distros: RHEL (Red Hat Enterprise Linux) version 5.x, 6.x and 7.x CentOS Linux version 5.x, 6.x & 7.x Ubuntu Linux version 10.04, 12.04 LTS Debian Linux […]

Read More

Install and Configure Monit on CentOS 6.6

Monit is not available from the system base repositories, you need to add and enable third party epel repository to install monit package under your RHEL/CentOS systems. # wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm # sudo rpm -Uvh epel-release-6*.rpm Install Monit # yum install monit Monit has it’s web interface that runs on port 2812 using web server. To […]

Read More

Joomla protection

How to start protecting your Joomla Site Always keep Joomla core up-to date Always make sure you run the latest patched versions of extensions Make sure you choose strong passwords for all logins Check your own website for vulnerabilities Always check the webserver’s log files for potential hack attempts Secure your server if you host your Joomla website on […]

Read More

Brute Force Attack cPanel

Check the logs: # nano /var/log messages PAM-hulk[13813]: Brute force detection active: 580 LOGIN DENIED Check cphulkd.log at /usr/local/cpanel/logs # nano /usr/local/cpanel/logs/login_log 72.177.xxx.xx – root [11/04/2014:05:48:13 -0000] "POST /login/?login_only=1 HTTP/1.1" DEFERRED LOGIN whostmgrd: brute force attempt (user root) has locked out IP 72.177.xxx.xx

Read More