Whilst doing some routine maintenance, I noticed that I never published the rkhunter rpm I built, the software is officially supported at rootkit.nl but for ease I wanted a yum available rpm

Brilliant !

from: new york to: london - Google Maps
24: Swim across the Atlantic Ocean

There are somethings that you just never get round to, my nagios box was still running whitebox linux, and I’ve finally gotten round “upgrading” it to CentOS… yeah ok, upgrade is arguable, but you get my point.

First off a warning: Don’t do this ! All the documentation, for CentOS, RHEL, Fedora, any redhat linux all say, clean installs are the best way, and upgrades are not advised…. therefore I offer no support or warranty that this will work, in fact, I you advise you to read this post, but step away from your consoles !

• Sony May Cut PlayStation 3 Prices
  Here’s hoping !
  (tags: sony playstation ps3)

Following a request I’ve rebuilt a later tripwire rpm (2.4.1.1); I think at this point it would be prudent to point out that the rpms found here are not maintained, and I do not offer any kind of support - you use them at your own risk - but you’re welcome to make requests !

tripwire-2.4.1.1-1.i386.rpm

My Yum repo has also been updated, config file here

If you look after a remote linux box, the chances are you use SSH, in order to connect to it you may even have to leave PORT 22 open to the whole Internet !

There are some basic security steps that you can do to protect SSH, such as block the root user from logging in, and force users to use STRONG authentication.

Just Found this,

heise Security - News - Fooling Cisco’s NAC network access control

Security experts at the Black Hat conference in Amsterdam have demonstrated how Cisco’s NAC network access control can be fooled. In a live demonstration using a modified Trust Agent, Michael Thumann and Dror-John Röcher from ERNW were able to gain full access to an NAC protected network using a computer which did not comply with network policies.

Although it was obvious that hackers would target the the Trust Agent, it’s interesting to read a sucess story.

Following yesterdays security announcement for wordpress, a freely available exploit has been published on milw0rm. What this means is… if you haven’t upgraded DO IT NOW, as the amount of attacks will go up very quickly.

If you look through the exploit you can see that it takes advantage of existing user accounts, so a further security option can be to disable the “anyone can register” option… within wordpress admin, click options -> general and “untick” the box. (If it is on and you don’t need it)