Linux hardening: a 15-step checklist for a secure Linux server

Gus Khawaja Most people assume Linux is secure, and that’s a false assumption. Imagine your laptop is stolen without first being hardened. A thief would probably assume your username is “root” and your password is “toor” since that’s the default password on Kali and most people continue to use it. Do you? I hope not.The negative career implications of choosing not to harden your Kali Linux host are severe, so I’ll share the necessary steps to make your Linux host secure, including how I use penetration testing and Kali Linux to get the job done. It’s important to note that, while they are many distributions (AKA distros) of Linux and each one differs from the command line perspective, the logic is the same. Use the following tips to harden your own Linux box.To read this article in full or to leave a comment, please click here(Insider Story)

Don’t miss this opportunity

*|MC:SUBJECT|* Black Friday & Cyber Monday Black Friday Thru Cyber Monday Special Discount Starts November 24 at 5PM PST Thru November 28 9PM PST 30% OFF On Below Products !  CCDE In-Depth  New CCDE Workbook buy now » Live/Instructor-Led  Online CCDE Training  buy now » Self Paced CCDE Training  Lifetime Access buy now »

The post Don’t miss this opportunity appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Installing Ansible 2.2 on Fedora 25

As part of my ongoing investigation of the usability of various Linux distributions and desktop environments, I’ve been working with Fedora 25. As part of the investigation I need to see how to perform certain tasks, one of which is working with Ansible. As a result, I needed to install Ansible 2.2 on Fedora 25, and it turns out it wasn’t as simple as pip install ansible.

I generally prefer to run Ansible in a Python virtualenv, but I don’t believe that it will make any difference to this procedure. However, I’m happy to be corrected if someone knows otherwise.

To create a Python virtualenv, you’ll first need virtualenv installed. I prefer to install virtualenv globally for all users using this command:

sudo -H pip install virtualenv

Once virtualenv is installed, then create a virtualenv for Ansible:

virtualenv ~/Envs ansible

Then activate the virtualenv:

source ~/Envs/ansible/bin/activate

At this point, you can try a pip install ansible, but it will fail. First, you need to install some additional development libraries that are required in order to install Ansible:

sudo dnf install libffi-devel redhat-rpm-config python-devel openssl-devel

Once those packages are installed, then you’re finally ready to install Ansible into Continue reading

Contrail Integration with Bare Metal Devices via EVPN-VxLAN

In this blog how we will discuss how to integrate Bare metal devices with Juniper Contrail (SDN Controller) by using EVPN-VXLAN.

My earlier blogs on Contrail can be viewed on links  Blog-1Blog-2 ,

Reference Topology  

evpn-vxlan

Problem statement “Gust VM spawned inside SDN environment needs to communicate with Bare Metal Device (same sub net or different sub net here we will discuss former use case only).

Solution “EVPN based control plane will be established between MX Router and Contrail Controller to exchange ARP entries between them,  VxLAN based forwarding plane will be configured for communication between Guest VMs and Bare Metal Devices”

Solution components:-

  1. Contrail GUI
    • RED network 2.2.2.0/ is configured and VMs are spawned using open stack “Horizon” Web GUI (not covered in this article)
    • Configure VxLAN as 1st encapsulation method under “Encapsulation Priority Order” go to Configure then  Infrastructure  then Global Config and click edit button.
    • Select VxLAN Identifier Mode as “user configured”
    • Configure VxLAN ID & Route target community  for the desired network

31% off Amazon Tap – Alexa-Enabled Portable Bluetooth Speaker, Now Through November 28th – Deal Alert

Amazon Tap is a portable Bluetooth and Wi-Fi enabled speaker that gives you rich, full-range sound. Just tap the microphone button and ask for music, hear news, search for information, order a pizza, and more with the Alexa Voice Service.  You can save $40 now through November 28th.  See the Amazon Tap now on Amazon.To read this article in full or to leave a comment, please click here

Britain’s wartime codebreaking base could host a national cyber security college

Plans are afoot to build the U.K.'s first National College of Cyber Security at Bletchley Park, the birthplace of the country's wartime codebreaking efforts.It was at Bletchley Park that Colossus, the world's first electronic computer, was built during World War II to crack the Lorenz code used by the German high command. Bletchley is also where Alan Turing developed some of his mathematical theories of computing while working on breaking the enigma code.After the war the site fell into disrepair, but parts of it have been restored and now house the U.K.'s National Museum of Computing.To read this article in full or to leave a comment, please click here

Britain’s wartime codebreaking base could host a national cyber security college

Plans are afoot to build the U.K.'s first National College of Cyber Security at Bletchley Park, the birthplace of the country's wartime codebreaking efforts.It was at Bletchley Park that Colossus, the world's first electronic computer, was built during World War II to crack the Lorenz code used by the German high command. Bletchley is also where Alan Turing developed some of his mathematical theories of computing while working on breaking the enigma code.After the war the site fell into disrepair, but parts of it have been restored and now house the U.K.'s National Museum of Computing.To read this article in full or to leave a comment, please click here

20% off the Amazon Echo Dot, Now Through November 28th – Deal Alert

Echo Dot is a hands-free, voice-controlled device that uses Alexa to play & control music (either on its own, or through a connected speaker/receiver), control smart home devices, provide information, read the news, set alarms, and more. If you’re looking to buy them as gifts, or for different homes or rooms, you can save $10 on each one purchased through November 28th.  The new Amazon Echo Dot comes in black, and now also white.  See the new Amazon Echo Dot now on Amazon.To read this article in full or to leave a comment, please click here

10 smartphone trends to watch in 2017

Smartphone buyers have a lot to look forward to in 2017. Devices will be thinner, faster, and perhaps a bit more intelligent than you'd like. Virtual reality will spread to budget smartphones, and they will also have better graphics, higher resolution screens, and more storage. More than ever, you'll be using your smartphone to pay for products and log into websites. Deep learning could help smartphones get a fix on user behavior and improve the mobile experience. We could see a renaissance in smartphone designs, and wireless audio could replace headphone jacks in more handsets. USB-C will replace older connector and charging cables. Here are 10 smartphone trends to watch out for in 2017:To read this article in full or to leave a comment, please click here

Amazon Discounts Kindle E-Readers Up To 38% Through 11/28 – Deal Alert

Amazon has quietly released another good set of deals on its popular Kindle series of e-readers, and this time the discount runs through 11/28 only. Kindle's price sinks $30, Kindle Paperwhite is discounted $20, the Kindle Voyage drops $30, and the worry-free Kindle for Kids Bundle is reduced $30 as well.  To read this article in full or to leave a comment, please click here

FPGAs Give Microsoft a “Von Neumann Tax” Break

At the annual Supercomputing Conference (SC16) last week, the emphasis was on deep learning and its future role as part of supercomputing applications and systems. Before that focus, however, the rise of novel architectures and reconfigurable accelerators (as alternatives to building a custom ASIC) was swift.

Feeding on that trend, a panel exploring how non-Von Neumann architectures looked at the different ways the high performance computing set might consider non-stored program machines and what the many burgeoning options might mean for energy efficiency and performance.

Among the presenters was Gagan Gupta, a computer architect with Microsoft Research, who detailed the

FPGAs Give Microsoft a “Von Neumann Tax” Break was written by Nicole Hemsoth at The Next Platform.

5 burning questions about AMD’s Zen chip

AMD's Zen chip is just around the corner; it'll first come to gaming systems any day now. There's a lot of excitement about Zen, which AMD believes is its most important chip this decade.The high-performance Zen could put AMD back on the map as a legitimate competitor to rival Intel. AMD's chips in recent years haven't been as sophisticated as Intel's offerings, but Zen could bring AMD up to par. The AMD faithful are salivating over Zen, and even some Intel chip enthusiasts can't wait to give it a try.AMD CEO Lisa Su has said Zen would be available in a few gaming systems by the end of the year, but it doesn't look like that's going to happen. A more likely scenario is that systems will start coming early next year. Zen chips for servers will follow in the first half of next year, with Zen for laptops and other desktops coming later.To read this article in full or to leave a comment, please click here

OpenStack Summit 2016: Key takeaways & Rocket Turtles

A few weeks ago, several of Cumulus Networks’ passionate employees headed to Barcelona to connect with other cloud-enthusiasts at the 2016 OpenStack Summit in Barcelona. We were there to visit our customers, partners, talk about our solutions, and connect with other industry experts. Here are the highlights.

 

OpenStack Summit Rocket Turtles

 

 

If you were lucky enough to attend the event, you may have met one of our infectious leaders (CTO and Co-founder) JR Rivers. He was manning our booth along with the EMEA team and a few marketing and product members. The team was there to connect with partners, talk about our technology, and of course, pass out our new rocket turtle.

 

 

 

We’d like to give a special shoutout to JR who unwrapped more than 800 #RocketTurtles! They were an instant hit, and have been spotted in various parts of Barcelona.

 

OpenStack Summit Rocket Turtle in Barcelona

 

OpenStack Summit Giveaway Winner

 

 

 

By visiting our booth or our partners’, Mellanox, Red Hat, Dell and Midokura, attendees were able to enter a chance to win a Lego Mindstorm EV3. Congrats to our winner, Jules Chevalier!

 

 

 

 

One of the highlights of the event for us was connecting with other industry folks in Continue reading

Advanced Persistent Threats

titleAdvanced Persistent Threats

Coming to a network near you, or maybe your network!

 

There are things that go bump in the night and that is all they do. But once in a while things not only go bump in the night, they can hurt you. Sometimes they make no bump at all! They hurt you before you even realize that you’re hurt. No, we are not talking about monsters under the bed or real home intruders; we are talking about Advanced Persistent Threats. This is a major trend that has been occurring at a terrifying pace across the globe. It targets not the typical servers in the DMZ or the Data Center, but the devices at the edge. More importantly, it targets the human at the interface. In short, the target is you.

Now I say ‘you’ to highlight the fact that it is you, the user who is the weakest link in the security chain. And like all chains, the security chain is only as good as its weakest link. I also want to emphasize that it is not you alone, but myself or anyone or any device for that matter that accesses the network and uses its Continue reading

What To Expect from Docker at AWS re:Invent 2016

It’s the age of IT transformation. Spurred on by developers, adoption of Docker containers has empowered application teams to transform the way they build, ship and run applications, allowing for faster and more frequent delivery. Initially seen as a tool mainly for developers, Docker is now at the center of key enterprise initiatives, and has attracted the attention of IT operations teams. Enterprise IT ops teams use Docker to maintain control over their environment and boost security as they embrace cloud strategies like hybrid cloud and multi-cloud.

AWS re:Invent
 

Docker at AWS re:Invent 2016

This adoption of Docker within the cloud is why we are excited to be at AWS re:Invent 2016. If you’re going to be at the show, we hope you stop by booth #622. Docker employees will be showing live demos, and will be on hand to answer questions. We’ll of course be passing out free Docker swag as well.

This year we’ll be showing two types of demos at the booth:

1.     Docker Datacenter (DDC)  demo – In this demo attendees will learn about Docker Datacenter, our commercial solution that delivers an enterprise container management platform. The platform is supported by Docker Continue reading

Worth Reading: Installing a back door on locked PCs

You probably know by now that plugging a random USB into your PC is the digital equivalent of swallowing a pill handed to you by a stranger on the New York subway. But serial hacker Samy Kamkar‘s latest invention may make you think of your computer’s USB ports themselves as unpatchable vulnerabilities—ones that open your network to any hacker who can get momentary access to them, even when your computer is locked. Today Kamkar released the schematics and code for a proof-of-concept device he calls PoisonTap: a tiny USB dongle that, whether plugged into a locked or unlocked PC, installs a set of web-based backdoors that in many cases allow an attacker to gain access to the victim’s online accounts, corporate intranet sites, or even their router. —Wired

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Installing a back door on locked PCs appeared first on 'net work.

1 2,508 2,509 2,510 2,511 2,512 3,848