Fail2ban without proactive mode
wmarquardt asked: Is there any way to configure Fail2ban to just log suspicious activities without change my firewall rules? My answer: fail2ban includes a dummy banaction which does (almost) nothing. …
Ensuring SSH Idle Connection TimeOut
PerennialN00b asked: In response to ClientAliveInterval and ClientAliveCountMax restrictions server side, a client can choose to send null packets by setting ServerAliveInterval and ServerAliveCountMax values appropriately. How can I still …
Systemd PrivateTmp=true security implications
simlev asked: I monitor the available disk space on Ubuntu servers using Nagios Core, NRPE and check_disk. With previous Ubuntu versions, I used to get an output similar to this: …
Unable to configure xinetd to log vsftpd activity on centos 7
Hosty asked: I am attempting to configure xinetd to log authentication information from vsftpd. I am following this guide: https://wiki.archlinux.org/index.php/Very_Secure_FTP_Daemon#Using_xinetd vsftpd is running and I can successfully initiate a FTP …
LibSSH authentication bypass
I-P-X asked: With the recent security announcement by libssh (CVE-2018-10933) I wonder how to find out if any of my running services use the vulnerable library? I will eventually yum …
Setting MACs setting in /etc/ssh/sshd_config on Amazon Linux
Lightbeard asked: We are going through the process of hardening Amazon Linux 1 based on CIS. Control 5.2.12 states under “Expected Values” : The following List String value(s) X indicate …
CentOS 7 timing out while yum update
Jose Vasquez asked: I have been going with this error for the past couple of days. When I do a “yum update” or basically any “yum” command, it is timing …
Why does Microsoft Dynamics CRM Online require access to https://www.crmdyntint.com?
andrew.punnett asked: The list of “Internet accessible URLs required for connectivity to Microsoft Dynamics CRM Online” is comprised almost entirely of Microsoft owned domains. However, I cannot understand why access …
How to turn off read-only mode in OpenSSH's sftp-server subsystem
averysphere asked: Our PCI-compliant CentOS 7 system got flagged by Trustwave as FAILED recently due to an OpenSSH vulnerability tagged as CVE-2017-15906, and was told that “OpenSSH sftp-server allows creating …
Apache access.log: unauthorized user able to request files on my localhost dev machine
tommbr asked: I have Apache2.4 installed on my dev PC (windows 10) Viewing my Apache24\logs\access.log file, I noticed suspect entries such as: www.—–.com – – [01/Jan/2018:10:45:19 -0200] “GET /SOME-PERSONAL-DEV-PROJECT/admin/ HTTP/1.1” …