Sandra Henry-Stocker
Author Archives: Sandra Henry-Stocker
- Home → Author's archive:
Sandra Henry-Stocker
0
Linux security: Cmd provides visibility, control over user activity
There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here
0
Linux security: Cmd provides visibility, control over user activity
There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here
0
Linux security: Cmd provides visibility, control over user activity
There's a new Linux security tool you should be aware of — Cmd (pronounced "see em dee") dramatically modifies the kind of control that can be exercised over Linux users. It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems.Provided by a company of the same name, Cmd focuses on cloud usage. Given the increasing number of applications being migrated into cloud environments that rely on Linux, gaps in the available tools make it difficult to adequately enforce required security. However, Cmd can also be used to manage and protect on-premises systems.To read this article in full, please click here
0
How to identify shell builtins, aliases and executable files on Linux systems
Shell builtins are commands that are loaded into memory when a shell — such as bash, sh, or zsh — is invoked. The reason for this is that keeping these commands in memory helps ensure that these commands will be run very efficiently whenever someone uses them. They run faster because they don't have to first be loaded into memory. They're "built in."Determining whether commands that you use are builtins, aliases, or executable files on your system that are loaded as needed requires the use of several interesting commands. These include type, which, and compgen. So, let's take a look at how these commands work and what they can tell us.To read this article in full, please click here
0
How to identify shell builtins, aliases and executable files on Linux systems
Shell builtins are commands that are loaded into memory when a shell — such as bash, sh, or zsh — is invoked. The reason for this is that keeping these commands in memory helps ensure that these commands will be run very efficiently whenever someone uses them. They run faster because they don't have to first be loaded into memory. They're "built in."Determining whether commands that you use are builtins, aliases, or executable files on your system that are loaded as needed requires the use of several interesting commands. These include type, which, and compgen. So, let's take a look at how these commands work and what they can tell us.To read this article in full, please click here
0
Sitting in the Linux Cockpit
If you haven't tried the relatively new Linux Cockpit, you might be surprised by all it can do. It's a user-friendly web-based console that provides some very easy ways to administer Linux systems — through the web. You can monitor system resources, add or remove accounts, monitor system usage, shut down the system and perform quite a few other tasks — all through a very accessible web connection. It's also very easy to set up and use.While many Linux sysadmins spend most of their time on the command line, access to a remote system using a tool like PuTTY doesn't always provide the most useful command output. Linux Cockpit provides graphs and easy-to-use forms for viewing performance measures and making changes to your systems.To read this article in full, please click here
0
Sitting in the Linux cockpit
If you haven't tried the relatively new Linux Cockpit, you might be surprised by all it can do. It's a user-friendly web-based console that provides some very easy ways to administer Linux systems — through the web. You can monitor system resources, add or remove accounts, monitor system usage, shut down the system and perform quite a few other tasks — all through a very accessible web connection. It's also very easy to set up and use.While many Linux sysadmins spend most of their time on the command line, access to a remote system using a tool like PuTTY doesn't always provide the most useful command output. Linux Cockpit provides graphs and easy-to-use forms for viewing performance measures and making changes to your systems.To read this article in full, please click here
0
Red Hat announces container flaw CVE-2019-5736
Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here
0
Red Hat announces container flaw CVE-2019-5736
Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here
0
Red Hat announces container flaw CVE-2019-5736
Red Hat announced a vulnerability this morning – one that can be exploited if a user runs malicious or modified containers. The flaw in runC (a lightweight portable container runtime) and Docker that this vulnerability exposes allows an attacker to escape a container and access the underlying file system. That might sound bad, but there's more.The good news is that this vulnerability cannot be exploited if SELinux is enabled and that this is the default on Red Hat systems. To check whether your Red Hat system is enforcing SELinux, use one of the following commands:$ /usr/sbin/getenforce Enforcing <== $ sestatus SELinux status: enabled <== SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31 [ Read also: Linux hardening: A 15-step checklist for a secure Linux server ] This vulnerability also requires local access to the system. Affected Red Hat systems include:To read this article in full, please click here
0
How much memory is installed and being used on your Linux systems?
There are numerous ways to get information on the memory installed on Linux systems and view how much of that memory is being used. Some commands provide an overwhelming amount of detail, while others provide succinct, though not necessarily easy-to-digest, answers. In this post, we'll look at some of the more useful tools for checking on memory and its usage.Before we get into the details, however, let's review a few details. Physical memory and virtual memory are not the same. The latter includes disk space that configured to be used as swap. Swap may include partitions set aside for this usage or files that are created to add to the available swap space when creating a new partition may not be practical. Some Linux commands provide information on both.To read this article in full, please click here
0
The Linux command-line cheat sheet
When coming up to speed as a Linux user, it helps to have a cheat sheet that can help introduce you to some of the more useful commands.In the tables below, you’ll find sets of commands with simple explanations and usage examples that might help you or Linux users you support become more productive on the command line.[ Also see Invaluable tips and tricks for troubleshooting Linux. ] Getting familiar with your account These commands will help new Linux users become familiar with their Linux accounts.To read this article in full, please click here
0
How to monitor activity on your Linux server
Linux systems provide a number of commands that make it easy to report on system activity. In this post, we're going to look at several commands that are especially helpful.The watch command The watch command is one that makes it easy to repeatedly examine a variety of data on your system — user activities, running processes, logins, memory usage, etc. All the command really does is run the command that you specify repeatedly, each time overwriting the previously displayed output, but this lends itself to a very convenient way of monitoring what's happening on your system. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] To start with a very basic and not particularly useful command, you could run watch -n 5 date and see a display with the current date and time that updates every 5 seconds. As you likely have guessed, the -n 5 option specifies the number of seconds to wait between each run of the command. The default is 2 seconds. The command will run and update a display like this until you stop it with a ^c.To read this article in full, please Continue reading
0
How to monitor activity on your Linux server
Linux systems provide a number of commands that make it easy to report on system activity. In this post, we're going to look at several commands that are especially helpful.The watch command The watch command is one that makes it easy to repeatedly examine a variety of data on your system — user activities, running processes, logins, memory usage, etc. All the command really does is run the command that you specify repeatedly, each time overwriting the previously displayed output, but this lends itself to a very convenient way of monitoring what's happening on your system. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] To start with a very basic and not particularly useful command, you could run watch -n 5 date and see a display with the current date and time that updates every 5 seconds. As you likely have guessed, the -n 5 option specifies the number of seconds to wait between each run of the command. The default is 2 seconds. The command will run and update a display like this until you stop it with a ^c.To read this article in full, please Continue reading
0
How to monitor activity on your Linux server
Linux systems provide a number of commands that make it easy to report on system activity. In this post, we're going to look at several commands that are especially helpful.The watch command The watch command is one that makes it easy to repeatedly examine a variety of data on your system — user activities, running processes, logins, memory usage, etc. All the command really does is run the command that you specify repeatedly, each time overwriting the previously displayed output, but this lends itself to a very convenient way of monitoring what's happening on your system. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] To start with a very basic and not particularly useful command, you could run watch -n 5 date and see a display with the current date and time that updates every 5 seconds. As you likely have guessed, the -n 5 option specifies the number of seconds to wait between each run of the command. The default is 2 seconds. The command will run and update a display like this until you stop it with a ^c.To read this article in full, please Continue reading
0
Linux systems: Scraping up information about apt updates
When you use the apt command to install new packages or run routine upgrades on your Debian-based Linux system, you might wonder where information about your activities are being recorded. For one, your history file probably retains information on the commands that you use, though history files like ~/.bash_history will only keep the most recent commands that you've run — depending on your $HISTSIZE setting — and generally will not include dates and times. There is, however, another place to find information about apt commands and that place is /var/log/apt.The /var/log/apt directory contains a number of log files — the history.log file, plus a series of older versions of the file named history.log.1.gz, history.log.2.gz, history.log.3,gz and so on. Each of these logs will contain information on apt commands that have been run within a particular timeframe.To read this article in full, please click here
0
Zipping files on Linux: the many variations and how to use them
Some of us have been zipping files on Unix and Linux systems for many decades — to save some disk space and package files together for archiving. Even so, there are some interesting variations on zipping that not all of us have tried. So, in this post, we’re going to look at standard zipping and unzipping as well as some other interesting zipping options. [ Two-Minute Linux Tips: Learn how to master a host of Linux commands in these 2-minute video tutorials ] The basic zip command First, let’s look at the basic zip command. It uses what is essentially the same compression algorithm as gzip, but there are a couple important differences. For one thing, the gzip command is used only for compressing a single file where zip can both compress files and join them together into an archive. For another, the gzip command zips “in place”. In other words, it leaves a compressed file — not the original file alongside the compressed copy. Here's an example of gzip at work:To read this article in full, please click here
0
First step to becoming a hacker: Linux!
If you're contemplating a career in cybersecurity and haven't come up to speed on Linux, now's the time to get ramped up and here's one easy way to do it. This new book from no starch press was written with people like you in mind. Authored by OccupyTheWeb, the force behind Hackers-Arise, Linux Basics for Hackers provides everything from basic Linux command line skills through to scripting, manipulating logging, network scanning, using and abusing system services, and remaining stealthy in the process.Why Linux? Because Linux is open source, tool developers (and you) have a level of access that is unsurpassed. Linux is transparent and this means that you can learn to manipulate it in ways that are not possible with most OSes. In addition (and undoubtedly for the reason just mentioned), most cybersecurity tools are written to run on Linux.To read this article in full, please click here
0
First step to becoming a hacker: Linux!
If you're contemplating a career in cybersecurity and haven't come up to speed on Linux, now's the time to get ramped up and here's one easy way to do it. This new book from no starch press was written with people like you in mind. Authored by OccupyTheWeb, the force behind Hackers-Arise, Linux Basics for Hackers provides everything from basic Linux command line skills through to scripting, manipulating logging, network scanning, using and abusing system services, and remaining stealthy in the process.Why Linux? Because Linux is open source, tool developers (and you) have a level of access that is unsurpassed. Linux is transparent and this means that you can learn to manipulate it in ways that are not possible with most OSes. In addition (and undoubtedly for the reason just mentioned), most cybersecurity tools are written to run on Linux.To read this article in full, please click here
0
First step to becoming a cybersecurity pro: Linux
If you're contemplating a career in cybersecurity and haven't come up to speed on Linux, now's the time to get ramped up and here's one easy way to do it. This new book from No Starch Press was written with people like you in mind. Authored by OccupyTheWeb, Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali provides everything from basic Linux command-line skills through to scripting, manipulating logging, network scanning, using and abusing system services, and remaining stealthy in the process.Why Linux is important to security Because Linux is open source, tool developers (and you) have a level of access that is unsurpassed. Linux is transparent, and that means you can learn to manipulate it in ways that are not possible with most OSes. In addition (and undoubtedly for the reason just mentioned), most cybersecurity tools are written to run on Linux.To read this article in full, please click here