Home > Security

Posts in Security

phpBB Hack

August 7, 2005 Posted in Security

My phpBB forum was hacked recently, it seemed to be a targeted attack. Read More

Known Vulnerabilities in Ruby-1.8.2_3

June 25, 2005 Posted in Security

Portaudit reported a known vulnerability in ruby-1.8.2_3 package(lang/ruby18), but the ports hasn’t released a fixed version yet. Read More

sysctl.conf Sample

June 22, 2005 Posted in Security

Here is a sysctl.conf sample which changed many kernel variables, such as kern.ipc.somaxconn, net.inet.tcp.blackhole and net.inet.udp.blackhol, it also used net.inet.tcp.drop_synfin, net.inet.ip.rtexpire and net.inet.ip.rtminexpire. Read More

Reduce Server Visibility

June 21, 2005 Posted in Security

Learnt a tip from the book “Mastering FreeBSD and OpenBSD Security”. Servers connected to the Internet receive lots of network probes (automate scans). When the probes are to connect to a TCP and UDP port where no process is listening, the default kernel will compose a TCP reset packet, or an ICMP port unreachable message, and send it as a response. Read More

AllowUsers

June 19, 2005 Posted in Security

Currently every website matches one shell account on my servers, I always feel it’s insecure to have more than a dozen accounts, but never taken a minute to think about how to change it. Read More

Portaudit Follow-up

June 18, 2005 Posted in Security

Portaudit does not only make security checking much easier, but also make it automate. The security daily run fetches the latest portaudit database (#portaudit -F) and checks all installed packages (%portaudit -a). Now, I can know the latest package information about known vulnerabilities by reading emails. Read More

portaudit

June 12, 2005 Posted in Security

After the email server problem, I started to pay close attention to the ports update, the lesson told me it’s ultra important to keep all packages up to date. Actually all information about how to handle ports is in the handbook, read it carefully if you haven’t, only several small pages. Read More

Great FreeBSD Security Page

June 3, 2005 Posted in Security

Just found a great security alert website for FreeBSD on the ports help page, this will make things much easier. Bookmark it.

http://www.vuxml.org/freebsd/

Email Problem Follow-up

May 28, 2005 Posted in Security

It has been one week since I stopped postfix and disabled the mail command (#chmod 444 /usr/bin/mail), everything seems fine. I restarted postfix and notified my ISP, they told me they would keep watching this server. Since this server doesn’t host any critical or major websites, I can take the risk – if anything bad happens again, I will make an OS reload. Read More

Awstats Exploit

May 18, 2005 Posted in Security

I found the source of my email server problem, it’s because I was using an old version of Awstats, which has a known exploit – allows remote command execution. After further search on the Internet, I found that it seemed to be a hot topic on the Internet several months ago, especially among bloggers, it’s a shame that I haven’t even heard of it. Read More

Spam Email

May 15, 2005 Posted in Security

Someone sent out lots of spams from my server yesterday, my ISP responded so fast that they disconnected my server immediately after they received the complaint. Read More

Newer Entries »

Subscribe via RSS/EMail


Archives

Links