By default when you plug in an external USB storage device into a computer running Linux it will automatically mount, allowing the user to access the contents.
This behaviour can be less than ideal from a security perspective, as it can allow an attacker to copy confidential files, or allow a user to run a malicious script stored on the USB device for example.
With some simple configuration changes we can disable USB storage in Linux for unprivileged users.
The XFS file system generally does a pretty good job at keeping itself clean and tidy, however it can still get fragmented over time. Here we’re going to show you how to check the level of fragmentation in place on your XFS file system and how you can defragment it if required, further increasing disk performance.
Certificates aim to validate that the holder of the certificate has a certain level of knowledge and/or skills in a particular field, typically validated by a vendor or organization in the form of a paid test. This test will generally require you part with some of your hard earned cash and spend your time to study and learn new things in order to prove that you meet the specified requirements to become certified.
So the question that we are looking to answer here is are IT certificates worth spending your time and money on? Let’s find out.
Have you ever wanted to view a list of all files or subdirectories within a directory in Linux and order them by when they were last changed or modified? Then you have come to the right place! Here we are going to provide and explain some useful commands that when piped together will give us this result, allowing us to recursively list files and directories by date.
This is one of my favourite commands to use when trying to build a timeline of events, for instance if a server or website has been compromised and you want to see when files have been modified with malicious content. By seeing other files that were modified around the same time you can get a better idea of what took place and when, allowing you to correlate these events with your logs.
There are many different services such as Kerberos that depend on the time of a Linux system being accurate in order to function correctly. It is therefore important to ensure that system time is synchronized with an external source so that it can be kept accurately up to date, this is done with the network time protocol (NTP).
Here we are going to cover how to configure chronyd or ntpd in Linux to connect to an NTP server and keep time in sync. Read more »
By default SELinux policy defines the ports that a particular service is allowed bind to and make use of with port labeling. This increases system security by preventing random services or malicious code from being able to bind to a well known defined port that may otherwise be used by a legitimate service.
In order to change a service to use a non standard port we must change SELinux policy and specify the SELinux port types that are allowed to use specific ports.
Most web pages don’t serve only simple static content, they typically process and display all sorts of different dynamically generated contents. This is usually done via scripting, whereby the web server will process and execute a script and the result will be displayed to the user.
While CGI (Common Gateway Interface) is fairly old it does allow the web server to execute various types of scripts. Scripts such as PHP, Perl or Python can be used for example, allowing us to combine the power of scripting into our web pages.
I attended the Ruxcon 2015 computer security conference this year in Melbourne Australia for my 6th consecutive year and thought I’d post an overview of the event. I’ll cover the awesome presentations that I saw as well as the capture the flag hacking game where I spent most of my time.
By default Apache will serve content out to anyone that requests it which essentially makes it public. We can add some additional simple configuration to create a private directory that can only be accessed based on source IP address, or with a username and password combination, or even based on user group membership.
This quick guide will show you how to perform very simple SQL queries against a MariaDB/MySQL database as per the RHCE exam objective and is not designed to be an in depth SQL tutorial.
Here we will cover using basic SQL queries such as show, create, select, insert, update, delete, describe, and drop which will allow us to define a basic database schema.