security

I recently got around to setting up "Logwatch" on a few of my servers, and I found it interesting to see how many times a day our servers get attempted SSH authentication. The usernames seem to be quite random, though the IP addresses used are 90% of the time from China. This got me thinking...

From the looks of it the external audit has not started yet, as another update has been released. IMHO they are giving the code a thorough look. I hope that whatever they are doing is right so that we won't have to face situations like these again in the future.

Rack911 posted a vulnerability to oss-security earlier this evening. [temp removed] We (my company) did some of the low-level debugging work on this vulnerability and developed an exploit which reliably triggered it.  It is a race condition related to RCU of kernel data structures in the IPv4...

Hello there, As we all already know there are many 0 day exploit lately. I'm wondering is there any good cheap website security auditor around the net? It's for my own billing/support system + VPS management (like Linode) panel. Looking for any suggestion from you guys. edit : right now i only...

From here: http://www.lowendbox.com/blog/a-days-recap-solusvm-exploit-released-ramnode-downtime-and-robert-clarke/#comment-121284 Everyone should be on high alert. EDIT 1: This was posted on LEB

Not much details available about this just yet, other than news saying you should patch. http://blog.soluslabs.com/2013/06/16/important-security-alert-new-update/

I think you peeps might love this :)

This I know plagues a lot of default CPanel setups and can fill your syslog up fast and waste system resources, so this is one way to end it.   Note: There are many ways to do this, but it comes down to how your DNS is setup, but this works in most cases.       Tired of your DNS servers being...

SolidShellSecurity, LLC ? Your IT Security & Management Company Hey and thanks for checking out our ad! SolidShellSecurity, LLC works with businesses, communities and other online websites to provide them with stable and quality uptime to serve their needs. Are you TIRED of downtime? Are you...

Anyone here using SSHuttle? Consider it the poor mans VPN, in fact, I've never had a 'proper' VPN. Used to just tunnel traffic via SSH through a VPS, but that got messy and there had to be a better way... SSHuttle! https://github.com/apenwarr/sshuttle Installing on your Linux desktop at home is...

This just came in the mail:

Hello, This is a simple way on how I secure my VPS. On fresh install, login as root. First create a user you will use to login later, because we will disable root login after a while. adduser jon From your client machine, you will want to copy your key to this user on your server. So that...