Now that we've created the image for our guest, we must continue with installing the operating system on it. In Virtualbox/VMWare, we usually select the CD-ROM to boot from the iso installation image and start the virtual machine, after which the installation is automatically started by booting from ...

In this article we'll present how we can use Qemu instead of Virtualbox/VMWare. Those products are all great, but sometimes we would just like to use something a little more lightweight, which is when Qemu comes into play. Qemu can be used in one of the following ways ...

Grsecurity and Xorg If we enable the "Disable privileged I/O" feature in the hardened kernel and reboot, we can't start X server. That's because Xorg uses privileged I/O operations. We might receive an error like this: # startx xf86EnableIOPorts: failed to set IOPL for I/O (Operation ...

Checksec The checksec.sh file is a Bash script used to verify which PaX security features are enabled. The latest version can be downloaded with the wget command: # wget http://www.trapkit.de/tools/checksec.sh # chmod +x checksec.s # ./checksec.sh --version checksec v1.5, Tobias Klein, www.trapkit ...

Configuring PaX with Grsecurity We've already briefly discussed PaX, but now it's time to describe it in detail. PaX provides the following security enhancements: Non-executable memory: Sections that do not contain actual program code are marked as non-executable to prevent jumping to arbitrary location in memory and executing ...

Introduction In this tutorial, we'll talk about how to harden a Linux system to make it more secure. We'll specifically use Gentoo Linux, but the concepts should be fairly similar in other distributions as well. Since the Gentoo Linux is a source distribution (not binary, as most other ...

Introduction Pin is a DBI framework for IA-32 and x86-64 architectures, which can be used for dynamic analysis of the binary program at run time. When using Pin framework to build tools, you're actually creating pintools; you can think of Pin as an abstraction layer that abstract away the ...

Introduction When I was listening to the question and answer session at LinuxCon, there was some interesting discussion going on: some of the latest news information is Linus Torvals's joke about putting a backdoor into the Linux operating system. The reason I started writing this tutorial is because I ...

Introduction Windows Server Update Services (WSUS) can be used to manage the deployment of the latest Microsoft Windows operating system updates. When using WSUS, we can fully manage the distribution of updates within the network, we can download software updates from Microsoft, and we can deploy them to computers in ...