m d3velopment a technical and security blog

17Jul/140

Norton ConnectSafe

Norton ConnectSafe is a free public DNS service offered by Symantec Corporation that claims to offer a faster and more reliable web browsing experience while blocking undesirable websites.

Users can use Norton ConnectSafe by setting their DNS server addresses to those of the Norton ConnectSafe servers. Client software for Windows, Mac OS X, and Android is available to automatically configure devices to use Norton ConnectSafe.

DNS queries routed through Norton ConnectSafe are checked using the Norton Safe Web database to ensure that they do not point to malicious or inappropriate websites. Symantec thus seeks to block malware and phishing attempts, as well as pornographic and inappropriate websites if the user desires.

Policy A — Security

This policy blocks all sites hosting malware, phishing sites, and scam sites. To choose Policy A, use the following IP addresses as preferred and alternate DNS server addresses:

199.85.126.10
199.85.127.10

Policy B — Security + Pornography

In addition to blocking unsafe sites, this policy also blocks access to sites that contain sexually explicit material.

Filed under: Security Continue reading
5May/140

Windows 8 ‘godMode’

Although its name suggests perhaps even grander capabilities, Windows enthusiasts are excited over the discovery of a hidden "godMode" feature that lets users access all of the operating system's control panels from within a single folder.

To enter "godMode," one need only create a new folder and then rename the folder to the following:

godMode.{ED7BA470-8E54-465E-825C-99712043E01C}

Users are able to have a single place to do everything from changing the look of the mouse pointer to making a new hard-drive partition.

The trick is also said to works with Windows Vista, Windows 7 and Windows 8.

Filed under: Windows No Comments
13Apr/140

Critical OpenSSL security exploit (aka Heartbleed)

Important: Critical OpenSSL security exploit

A serious vulnerability has been discovered in OpenSSL (the most popular SSL module used on Linux based servers). This exploit allows a third party to steal information that would otherwise be secured and encrypted with the SSL/TLS protocol.

If you have a virtual server (VPS) or dedicated server you urgently need to apply the latest OpenSSL patches. Instructions below -

cPanel/WHM:

  1. Login to WebHostManager
  2. Go to cPanel in the left hand menu
  3. Click Upgrade to Latest Version
  4. Follow upgrade instructions
  5. Go to Software in the left hand menu
  6. Click Update System Software
  7. Follow upgrade instructions

SW-Soft Plesk

  1. Login to the Plesk Control Panel
  2. Go to to Settings
  3. Run the Plesk Updater

For the CentOS operating system:

  1. SSH in as root
  2. Run the command ‘yum update’ from the command line
  3. Yum will update the at-risk packages

For Ubuntu or Debian operating system:

  1. SSH in as root
  2. Run the command ‘apt-get update && apt-get upgrade’

If you need assistance patching your systems consider contacting a technical services company such as Aorta Consulting.

Filed under: Linux, Security No Comments
8Apr/140

Sysdig – Linux System Troubleshooting Tool

Sysdig is an open source Linux system troubleshooting tool which allows you to capture system state and activity from a running Linux instance, then save, filter and analyze it. It includes strace, tcpdump, lsof and a number of other utilities all compiled into one Swiss-army style tool.

Sysdig is designed to simplify system level troubleshooting, in-particular distributed, virtualized and cloud-based environments. Sysdig captures system calls and other system level events using a linux kernel facility called tracepoints, which means much less overhead than strace. It then “packetizes” this information, so that you can save it into trace files and filter it, a bit like you would do with tcpdump. This makes it very flexible to explore what processes are doing.

For installation instructions please click here.

Filed under: Linux No Comments
29Mar/140

Install Dell OpenManage Server Administrator on VMware ESXi 5.x

Dell OpenManage Server Administrator or OMSA  allows you to see detailed information regarding your Dell hardware. It also allows you to perform operations such as specifying hot spares, configure RAID arrays and setup hardware monitoring and alerts.

Download the OMSA Offline Bundle from the Dell Website

Visit http://support.dell.com, enter your servers 'service tag' then browse to 'Drivers and Downloads'. Under 'Operating System' select the version of VMware ESXi you are using, e.g. VMware ESXi 5.5 then under the "Systems Management" download the "Dell OpenManageServer Administrator vSphere Installation Bundle (VIB) for ESXi X.X.X" where X.X.X is your version.

Enable SSH on your VMware Server

In order to upload the OMSA Offline Bundle and install it you will need to enable SSH access to your VMware server as follows:

Use the vSphere Client to enable local and remote access to the ESXi Shell:

  1. Log into a vCenter Server system using the vSphere Client.
  2. Select the host in the inventory panel.
  3. Click the Configuration tab and click Security Profile.
  4. In the Services section, click Properties.
  5. Select ESXi Shell from this list:
    ESXi Shell
    SSH
    Direct Console UI
  6. Click Options and select Start and stop manually.Note: When you select Start and stop manually, the service does not start when you reboot the host. If you want the service to start when you reboot the host, select Start and stop with host.