Great security and auditing resource for your network

The Center for Internet Security  has a great list of security configuration and audit guidelines.
A great resource comprised of 40+ consensus Security Configuration Benchmarks for Operating Systems, Middleware, Software Applications and Network Devices.
The Benchmarks are:

Recommended technical control rules/values for hardening operating systems, middleware and software applications, and network devices;
Unique, because the recommendations are defined via [...]

MySQL Backup User Privilege Grant

LOCK TABLES and SELECT are the minimal requirements to use ‘mysqldump’.
You can use the following grant statement to create a user with as little privileges as possible:

Red Hat, Fedora openssh security compromise

Many of you may have already read the news, but for those of you that have not here is a recap. But first, let me state that we have tested all of our customer’s servers, and none have been compromised.
An email was sent to the fedora-announce mailing list, it started with, “Last week [...]

Restoring Plesk, new drive, old disk still available on same system.

Here was the scenario I faced. RHEL4 machine will not boot (according to data center), receives various library not found errors on bootup (Later, I found these errors were from an intruder who tried to install a rootkit, and it didn’t go so well. Most of /bin was corrupt).
The data center recommends that the [...]

Securing your Linux server

We deal with security related issues nearly every day. Many of these issues could be prevented with a few minor changes to php.ini along with the installation of mod_security. It is simply amazing how many machines are hacked, and then used for the sole purpose of sending spam, denial of service (DoS) attacks or [...]