Whenever finding a new vulnerability in a software product, it's advisable that a researcher first notifies the company responsible for the product and gives them time to fix the identified vulnerabilities. I've found multiple vulnerabilities in Pfsense firewall and reported them to the Pfsense security team. They were ...

Introduction In this article we'll present the open source host-based intrusion detection system, which is needed if we would like to detect host-based attacks on our computer. First of all, we should emphasize that OSSEC is supported on most platforms including Linux, MAC, Windows, Solaris, HP-UX, ESX, etc and ...

Introduction Bridged networking can be used when we want our guest virtual machine to get the IP address from our router and be able to see the host and all other machines in our LAN network. This is also a requirement if we want to have a server on the ...

Introduction There are different kind of backend networks that we can use with QEMU. In order to specify the backend network, we need to use the -netdev command-line option. This is directly connected to the -net command-line option. The -netdev has multiple syntaxes presented below that directly correspond to the ...

Now that we've created the image for our guest, we must continue with installing the operating system on it. In Virtualbox/VMWare, we usually select the CD-ROM to boot from the iso installation image and start the virtual machine, after which the installation is automatically started by booting from ...

In this article we'll present how we can use Qemu instead of Virtualbox/VMWare. Those products are all great, but sometimes we would just like to use something a little more lightweight, which is when Qemu comes into play. Qemu can be used in one of the following ways ...

Grsecurity and Xorg If we enable the "Disable privileged I/O" feature in the hardened kernel and reboot, we can't start X server. That's because Xorg uses privileged I/O operations. We might receive an error like this: # startx xf86EnableIOPorts: failed to set IOPL for I/O (Operation ...

Checksec The checksec.sh file is a Bash script used to verify which PaX security features are enabled. The latest version can be downloaded with the wget command: # wget http://www.trapkit.de/tools/checksec.sh # chmod +x checksec.s # ./checksec.sh --version checksec v1.5, Tobias Klein, www.trapkit ...

Configuring PaX with Grsecurity We've already briefly discussed PaX, but now it's time to describe it in detail. PaX provides the following security enhancements: Non-executable memory: Sections that do not contain actual program code are marked as non-executable to prevent jumping to arbitrary location in memory and executing ...

Introduction In this tutorial, we'll talk about how to harden a Linux system to make it more secure. We'll specifically use Gentoo Linux, but the concepts should be fairly similar in other distributions as well. Since the Gentoo Linux is a source distribution (not binary, as most other ...