Submitted by eth00 on Thu, 06/05/2014 - 12:19
The OpenSSL team released an update that affects all versions of OpenSSL to some degree with the primary issue on affecting version 1.0.1+. There are 5 vulnerabilities fixed by the latest patch ranging from MITM attacks to buffer overflows. The MITM bug allows a specially crafted packet to potentially force a weak keyring and allow for decryption of the SSL content. This bug can be exploited with any version of openssl on the client and version 1.0.1+ on the server. Updates have been released for all versions of OpenSSL, including below 1.0.1 to mitigate this issue.
Submitted by eth00 on Thu, 05/30/2013 - 18:54
While doing a fresh install of barnyard2 from a guide I found online I encountered the following error while starting it:
[Select()]: Failed to execute query [SELECT vseq FROM `schema`] , will retry
[Select()]: Failed to execute query [SELECT vseq FROM `schema`] , will retry
[Select()]: Failed to execute query [SELECT vseq FROM `schema`] , will retry
Submitted by eth00 on Thu, 05/30/2013 - 10:22
While compiling the latest version of Suricata on CentOS 6.4 the following error was encountered:
Submitted by eth00 on Wed, 05/29/2013 - 16:15
While configuring Archipel the following error was encountered:
ArchipelAgent]# archipel-initinstall
Traceback (most recent call last):
File "/usr/bin/archipel-initinstall", line 4, in
import pkg_resources
File "/usr/lib/python2.6/site-packages/pkg_resources.py", line 2659, in
parse_requirements(__requires__), Environment()
File "/usr/lib/python2.6/site-packages/pkg_resources.py", line 546, in resolve
raise DistributionNotFound(req)
pkg_resources.DistributionNotFound: sqlalchemy>=0.6.6
Submitted by eth00 on Wed, 05/29/2013 - 16:14
While configuring Archipel the following error was encountered:
Submitted by eth00 on Wed, 05/29/2013 - 13:23
While trying to do an initial install of Archipel the following error was encountered on a CentOS 6 64bit machine:
ArchipelAgent]# ./buildAgent -d
MESSAGE: Performing the developer installation
Traceback (most recent call last):
File "setup.py", line 18, in
from setuptools import setup, find_packages
ImportError: No module named setuptools
ERROR: Unable to install EGG package archipel-agent-hypervisor-network in developer mode
This issue is that python-setuptools was not installed. Installing it should fix the error:
Submitted by eth00 on Tue, 05/21/2013 - 09:39
While setting up a new ossec cluster I encountered the following error when trying to restart ossec on the client server using /var/ossec/bin/agent_control 001 :
ossec-execd(1103): ERROR: Unable to open file '/var/ossec/etc/shared/ar.conf'.
ossec-execd(1311): ERROR: Invalid command name 'restart-ossec0' provided.
The issue is a problem with ownership on the ar.conf file. By default ossec installs it with root:root permissions but it needs to be root:ossec.
#chown root:ossec /var/ossec/etc/shared/ar.conf
Submitted by eth00 on Mon, 01/14/2013 - 18:42
Security researchers at DefenseCode uncovered a 0day exploit within the linksys firmware. They have only tested it on the WRT54GL but believe other models will be vulnerable. At the moment only security researchers appear to have the exploit code. Per defensecode's vulnerability disclosure policy they are going to release the full details of the attack on January 25th.
Submitted by eth00 on Mon, 01/14/2013 - 10:35
Submitted by eth00 on Thu, 01/10/2013 - 10:59
A new exploit in java has been made public, details can be found here: http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-d...
It appears the exploit has been around for at least some time as two different exploit kits already include it. At the moment the only fix is to disable java. If you need java I would suggest running it on a specific browser used only for that, ideally within a virtual machine.
Submitted by eth00 on Wed, 01/09/2013 - 10:28
If you are using internet explorer beware of the current 0-day exploit that is being actively exploited. There is also a metasploit tool that allows users to exploit the vulnerability.
Submitted by eth00 on Mon, 08/06/2012 - 00:15
It appears that dropbox has had at least part of the Dropbox user database stolen. Many users with unique email addresses created only for dropbox have reported spam. Krebs has a good post on it over here along with a few relavent links to the dropbox forum and twitter.
http://krebsonsecurity.com/2012/07/spammers-target-dropbox-users/
Submitted by eth00 on Mon, 07/30/2012 - 07:20
Encryption is vital to any website that takes information that should not be viewable by others. Ecommerce sites are one of the more obvious places for SSL but login pages should be and many contact forms would ideally be encrypted.
A decent check of your website to make sure that SSL is properly configured can be found here: https://www.ssllabs.com/ssltest/
Enjoy!
Submitted by eth00 on Fri, 07/20/2012 - 10:54
The following error was encountered while trying to get libvirtd running:
libvirt version: 0.9.10, package: 21.el6_3.1 (CentOS BuildSystem , 2012-07-03-16:15:49, c6b8.bsys.dev.centos.org)
error : virNetServerMDNSStart:460 : internal error Failed to create mDNS client: Daemon not running
Note that I had to check /var/log/libvirt/libvirt.log as a service libvirtd start looked fine, a restarted was failing on stopping it.
The issue comes from avahi not running. Go ahead and install it and get messagebus running via:
Submitted by eth00 on Wed, 07/11/2012 - 07:30
If you are running Parallels Plesk control panel (both linux and windows) check out this article: http://krebsonsecurity.com/2012/07/plesk-0day-for-sale-as-thousands-of-s...
Plesk reports that patching can help it but some are reporting that even patched servers may be vulnerable to this exploit. The most common attack seems to be uploading an iframe that can be then used to distribute malware to people surfing the site.
Submitted by eth00 on Tue, 07/10/2012 - 07:30
Well its about that time...time for a new page! I have done a complete revamp of the backend and have everything up to the latest and greatest versions. The last few years have gone by in the blink of an eye, now after changing jobs I have a bit more time and plan to use some of that time to rejuvenate the site.
Enjoy your visit! =-)
-John
"eth00"
Submitted by eth00 on Sun, 07/08/2012 - 19:05
This error I got when trying to install icinga-web on a cents 5 server.
[Wed May 25 20:54:02 2011] [fatal] Uncaught AppKitPHPError: PHP Error mkdir() [function.mkdir]: File exists (/usr/local/icinga-web/app/cache/config/compile.xml_development__033d402eaeb08f42e4e3d5f8474e444805e2c7c6.php:1327) (/usr/local/icinga-web/app/modules/AppKit/lib/logging/AppKitExceptionHandler.class.php:20)
Submitted by eth00 on Sun, 07/08/2012 - 19:04
The following is an error encountered after setting up ossec as an agent:
ossec-agentd: INFO: Trying to connect to server (10.0.0.2:1514).
ossec-agentd(4101): WARN: Waiting for server reply (not started). Tried: '10.0.0.2'.
Make sure that the ossec server is running, has no firewall, and the IP for it is correct.
Submitted by eth00 on Sun, 07/08/2012 - 19:02
The following is an error I got after starting ossec as an agent that is supposed to connect back to a central server:
#/var/ossec/bin/ossec-control start
Starting OSSEC HIDS v2.5.1 (by Trend Micro Inc.)...
Started ossec-execd...
ossec-agentd(1402): ERROR: Authentication key file '/var/ossec/etc/client.keys' not found.
ossec-agentd(1750): ERROR: No remote connection configured. Exiting.
ossec-agentd(4109): ERROR: Unable to start without auth keys. Exiting.
Submitted by eth00 on Sun, 07/08/2012 - 19:00
If you get the following while trying to source compile Unreal 3.2:
Pages