August, 2020
Mozilla thunderbird releases version download
All version here : https://archive.mozilla.org/pub/thunderbird/releases/
Distro_debian
Last edited by Steve Beattie 2 years ago
In Stock Debian
AppArmor should be available out of the box in the latest Debian distros. Please see http://wiki.debian.org/AppArmor
To enable the AppArmor in the Debian kernel, add “security=apparmor” to the kernel parameters, like this:
sed -i -e 's/GRUB_CMDLINE_LINUX_DEFAULT="/&security=apparmor /' /etc/default/grub
This sed command results in the following /etc/default/grub line on my system:
GRUB_CMDLINE_LINUX_DEFAULT=“security=apparmor quiet”
Then run
update-grub
Experimental AppArmor on Debian Jessie amd64
Kernel
Obtaining
mkdir -p ~/apparmor/ && cd ~/apparmor/
wget https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.10.2.tar.xz
tar -xJf linux-3.10.2.tar.xz
cd linux-3.10.2/
Building
cd ~/apparmor/linux-3.10.2/
See if we can reuse the existing kernel configuration (CONFIG_IKCONFIG=y, CONFIG_IKCONFIG_PROC=y):
cp /proc/config.gz ./ && gzip -d config.gz
Tweak the kernel, enable AppArmor:
apt-get install libncurses-dev
make menuconfig
“Security options” ---> “AppArmor support”, “Enable AppArmor 2.4 compatability”
Installing
aptitude install dpkg-dev bc
cd ~/apparmor/linux-3.10.2/
make deb-pkg
dpkg -i ../linux-firmware-image_{version}.deb
dpkg -i ../linux-headers-{version}.deb
dpkg -i ../linux-image-{version}.deb
If the kernel is installed on another host, then symlinks for DKMS should be fixed.
rm /lib/modules/{version}/build; ln -s /usr/src/linux-headers-{version} /lib/modules/{version}/build
rm /lib/modules/{version}/source; ln -s /usr/src/linux-headers-{version} /lib/modules/{version}/source
About dpkg -i ../linux-libc-{version}.deb: /usr/include/x86_64-linux-gnu/asm seems to be missing from latest linux-libc-{version}.deb. If you installed linux-libc-{version}.deb, you can downgrade to Debian version with aptitude install linux-libc-dev=3.0.0-3.
Finally:
update-grub
Checking
Reboot under new kernel:
/sbin/shutdown -r now
or
reboot
Now see if AppArmor is loaded and enabled (should print “Y”):
cat /sys/module/apparmor/parameters/enabled
Tools
aptitude install apparmor apparmor-profiles
/etc/init.d/apparmor restart
Checking
cat /var/log/audit/audit.log | grep apparmor_parser
should display something like
type=AVC msg=audit(1316949034.097:108): apparmor=“STATUS” operation=“profile_load” name=“/bin/ping” pid=5207 comm=“apparmor_parser”
Tuning logs
Audit data by default is dropped into /var/log/messages via rsyslogd. That way, the data is severely capped by the kernel in order not to overload the messages log. To make audit data usable with AppArmor we should install auditd and tune it to keep large amounts of data:
apt-get install auditd
sed -i -re 's/max_log_file = [0-9]+/max_log_file = 200/' /etc/audit/auditd.conf
/etc/init.d/auditd restart
Sécuriser OpenSSH
21 Aug 2020
Sshd est le processus du serveur OpenSSH.
Il écoute les connexions entrantes à l’aide du protocole SSH et agit comme serveur pour le protocole.
Il gère l’authentification des utilisateurs, le chiffrement, les connexions de terminaux, les transferts de fichiers et le tunneling.
Home SSH Hardening Guides Contact
About
This free tool audits the configuration of an SSH server or client and highlights the areas needing improvement.
Too many admins overlook SSH configuration when setting up new systems. Unfortunately, the defaults for many operating systems are optimized for compatibility, not security.
To see a sample report, click here.
Install and Update All Your Programs at Once
No toolbars. No clicking next. Just pick your apps and go.
A Ninite Installer
Always Up-to-date
You don't have to watch for updates. Our bots do that. Here's what's new:
more news
ReversePix
Rechercher par image
Image téléchargée
Afficher les matchs
Télécharger un autre
En utilisant ce site, vous acceptez nos Conditions d'utilisation.
Recherche d'image inversée
ReversePix vous permet de rechercher par image sur Google. Pour effectuer une recherche, téléchargez simplement une image en cliquant sur le bouton de téléchargement ci-dessus.
L'outil de recherche d'images Google peut vous aider à trouver des images similaires, les sites Web contenant votre image, différentes tailles d'image, les sources de l'image et bien plus d'informations en provenance du Web.
Comment faire une recherche d'image inversée Google
Vous pouvez facilement rechercher par image sur Google en utilisant cet outil de recherche par image inversée. Voici comment:
Étape 1: Cliquez simplement sur le bouton "Télécharger" ci-dessus.
Étape 2: Maintenant, sélectionnez l'image que vous souhaitez faire une recherche d'image inversée.
Étape 3: Attendez quelques secondes pour recueillir des informations sur votre image.
Étape 4: Cliquez simplement sur "Afficher les matchs". C'est tout. Si vous souhaitez effectuer une autre recherche d'image inversée, cliquez simplement sur le bouton "Télécharger un autre".Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server
TL;DR: by analysing the security of a camera, I found a pre-auth RCE as root against 1250 camera models. Shodan lists 185 000 vulnerable cameras. The "Cloud" protocol establishes clear-text UDP tunnels (in order to bypass NAT and firewalls) between an attacker and cameras by using only the serial number of the targeted camera. Then, the attacker can automaticaly bruteforce the credentials of cameras.
Product Description
The Wireless IP Camera (P2P) WIFICAM is a Chinese web camera which allows to stream remotely.
Github Profilinator
readme Generator for github .md
My info
I'm St3ve, aka Erreur32 , i'am geek and love new technologie since 2000 🚀
Working on
-
🔭 I’m currently working on Bash3lper
-
❓ Ask me about anything related to BASH and security technologies
-
⚡ Fun fact: I don't like Human!
-
Why life is not like a code?
Github Stats
Generated using Github Profilinator