How to fix 70 seconds Linux root shell hack (Abusing LUKS to hack the system)

You need to check if your partitions are encrypted using LUKS. To do this, run following command:

dmsetup status | awk ‘BEGIN {FS=”:”} ; /crypt\s*$/ {print “Encrypted: ” $1}’


This command will show you the names of encrypted partitions. If you don't see any partition in the list, you're safe. If you're affected, you can lookup for a patch from your Linux Distribution vendor. If there's no patch, you need to add the following lines to your boot configuration:


sed -i ‘s/GRUB_CMDLINE_LINUX_DEFAULT=”/GRUB_CMDLINE_LINUX_DEFAULT=”panic=5 /’ /etc/default/grub grub-install


For more detailed information, you may visit:









Comments

Post a Comment

Popular posts from this blog

Configure & Install WMIC for Observium

WMI Poller Configuring Windows Firewall and User Access for WMI This guide assumes you know what Group Policy is. Allowing WMI Connections in Windows Firewall Enabling Firewall Settings via GPO 1.   Open Group Policy Management 2.   Create and/or edit the Group Policy Object you wish put these settings into   3.   Expand Computer Config > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules 4.   Create a New Rule under Inbound Rules 5.   Choose the Predefined option, and select Windows Management Instrumentation (WMI) from the drop-down list, click Next 6.   Select the "WMI-In" option and click Next 7.   Allow the connection > Finish Enabling Firewall Settings for Individual Server 1.   Open up Windows Firewall with Advanced Security, either through Control Panel or Server Manager, Run -> wf.
Read more

Zabbix Proxies on CentOS 7

Image
Overview A Zabbix proxy can collect performance and availability data on behalf of the Zabbix server. This way, a proxy can take on itself some of the load of collecting data and offload the Zabbix server. Also, using a proxy is the easiest way of implementing centralized and distributed monitoring, when all agents and proxies report to one Zabbix server and all data is collected centrally. A Zabbix proxy can be used to: Monitor remote locations Monitor locations having unreliable communications Offload the Zabbix server when monitoring thousands of devices Simplify the maintenance of distributed monitoring Setting up Proxy Server We will be using a separate Linux server with CentOS 7 as the base operating system with MariaDB database server installed on it that will be used as a local database for Proxy server. So in this article we assume that you already had set up your Zabbix Server. [root@localhost ~]# rpm --import http://repo.zabbix.com/RPM-GPG
Read more

Join CentOS 7 into Active Directory using realm and sssd

Image
Introduction to SSSD and Realmd   Staring from Red Hat 7 and CentOS 7, SSSD or 'System Security Services Daemon' and realm have been introduced. SSSD's main function is to access a remote identity and authentication resource through a common framework that provides caching and offline support to the system. SSSD provides PAM ans NSS integration and a database to store local users, as well as core and extended user data retrieved from a center server. The main reason to transition from winbind to sssd is that sssd can be used for both direct and indirect integration and allows to switch from one integration approach to another without significant migration costs. The most convenient way to configure SSSD or winbind in order to directly integrate a Linux system with AD is use the realm service. Because it allows callers to configure network authentication and domain membership in a standard way. The realm service automatically discovers information about accessib
Read more