Sunday, February 15, 2015

In light of recent Linux exploits, Linux security audit is a must!

Read full details here: In light of recent Linux exploits, Linux security audit is a must!


How many Linux vulnerabilities and exploits were exposed since last 6 months? Many! With recent Shellshock, Heartbleed, Poodle, Ghost and maybe many more to come. Suddenly, I didn’t feel that much secure anymore with my Linux as it’s the core packages that are affected.. What’s next? My openVPN is not secured anymore? My SSH session keys are vulnerable? I decided to do a Linux security audit of my Linux system. After setting up an external firewall, I suddenly realized, it’s just too big for me to do it manually. That’s when I found Lynis. Lynis is an open source security auditing tool. It was reasonably well documented and did many things quickly that could’ve took me ages.

Linux security audit - blackMORE Ops - 5

For this whole test, I used Lynis free version.


How Linux security audit works?

Lynis will perform hundreds of individual tests to determine the security state of the system. Many of these tests are also part of common security guidelines and standards. Examples include searching for installed software and determine possible configuration flaws. Lynis goes further and does also test individual software components, checks related configuration files and measures performance. After these tests, a scan report will be displayed with all discovered findings.
Typical use cases for Lynis:
  1. Security auditing
  2. Vulnerability scanning
  3. System hardening

Installation

You can install Lynis from repository (i.e. using yum or apt-get) but I found that it’s not the most up-to-date version of Lynis. You’re better off downloading it to a local directory and running it from there.

Lynis with Installation – package

Although no installation is needed, a common method to use Lynis is installing it via a package. This could be with the repositories provided by the operating system, or a manually created package. Please note that some repositories go for stability and don’t update software after the release, with exception of security updates. This might result in using a very old version of Lynis and is usually not preferred. So before using a package, confirm that updates are provided.
Red Hat based: $ sudo yum install lynis
Debian based: $ sudo apt-get install lynis



Read the rest of it here: In light of recent Linux exploits, Linux security audit is a must!

Saturday, February 14, 2015

Linux file system hierarchy

Read full details here: Linux file system hierarchy

What is a file in Linux? What is file system in Linux? Where are all the configuration files? Where do I keep my downloaded applications? Is there really a filesystem standard structure in Linux? Well, the above image explains Linux file system hierarchy in a very simple and non-complex way. It’s very useful when you’re looking for a configuration file or a binary file. I’ve added some explanation and examples below, but that’s TLDR.



What is a file in Linux?

A simple description of the UNIX system, also applicable to Linux, is this:
On a UNIX system, everything is a file; if something is not a file, it is a process.
This statement is true because there are special files that are more than just files (named pipes and sockets, for instance), but to keep things simple, saying that everything is a file is an acceptable generalization. A Linux system, just like UNIX, makes no difference between a file and a directory, since a directory is just a file containing names of other files. Programs, services, texts, images, and so forth, are all files. Input and output devices, and generally all devices, are considered to be files, according to the system.
In order to manage all those files in an orderly fashion, man likes to think of them in an ordered tree-like structure on the hard disk, as we know from MS-DOS (Disk Operating System) for instance. The large branches contain more branches, and the branches at the end contain the tree’s leaves or normal files. For now we will use this image of the tree, but we will find out later why this is not a fully accurate image.







Read the rest of it here: Linux file system hierarchy

Thursday, February 12, 2015

Kali Linux 1.1.0 kernel 3.18 - Install proprietary NVIDIA driver - NVIDIA Accelerated Linux Graphics Driver

Read full details here: Kali Linux 1.1.0 kernel 3.18 - Install proprietary NVIDIA driver - NVIDIA Accelerated Linux Graphics Driver

Install NVIDIA driver on Kali Linux 1.1.0

This guide explains how to install proprietary "NVIDIA Accelerated Linux Graphics Driver" or NVIDIA driver on Kali Linux 1.1.0 kernel 3.18 system. By default Kali Linux installs open source NVIDIA driver nouveau which works great if you just want a display. Open source drivers can be confirmed by using lsmod | grep nouveau command. But like I said in my previous guides, it doesn't give you 3D acceleration features or GPU acceleration based applications (such as CUDA and GPU pass through). That means you MUST install proprietary NVIDIA driver.



The proprietary "NVIDIA Accelerated Linux Graphics Driver" provides optimized hardware acceleration of OpenGL applications via a direct-rendering X server. It is a binary-only Xorg driver requiring a Linux kernel module for its use. The first step is to fully update your Kali Linux system and make sure you have the kernel headers installed.


This guide replaces the old guides
  1. How to Install NVIDIA Kernel Module CUDA and Pyrit in Kali Linux
  2. Install proprietary NVIDIA driver on Kali Linux – NVIDIA Accelerated Linux Graphics Driver
  3. Kali Linux 1.0.7 kernel 3.14 – Install proprietary NVIDIA driver
I had to divide it into two parts:
  1. Kali Linux 1.1.0 kernel 3.18 - Install proprietary NVIDIA driver - NVIDIA Accelerated Linux Graphics Driver
  2. Kali Linux 1.1.0 kernel 3.18 - Install NVIDIA driver kernel Module CUDA and Pyrit on Kali Linux – CUDA, Pyrit and Cpyrit-cuda (pending)
You use the first guide to install NVIDIA Driver on Kali Linux 1.1.0 kernel 3.18. For normal users, you should just stop here and enjoy your nice smooth NVIDIA graphics. Install some game or enjoy a movie.
I've included as much details I can, including troubleshooting steps and checks but I would like to hear your part of the story, so leave a comment with your findings and issues.




Read the rest of it here: Kali Linux 1.1.0 kernel 3.18 - Install proprietary NVIDIA driver - NVIDIA Accelerated Linux Graphics Driver