security

I have two FreeBSD 10.3 servers an audit shows the following pkg audit openssl-1.0.2_15,1 is vulnerable: OpenSSL -- multiple vulnerabilities CVE: CVE-2016-6308 CVE: CVE-2016-6307 CVE: CVE-2016-6306 CVE: CVE-2016-2181 CVE: CVE-2016-2179 CVE: CVE-2016-2178 CVE: CVE-2016-2177 CVE: CVE-2016-2180...

I'm a bit puzzled about this one. Maybe one of you can shed some light on this problem. I block certain extensions on my mailserver, for obvious security reasons. However, today I got an email with a docm-file attached to it. And of course it was spam and it contained ransomware. And obviously...

According to this article dated June 22 2016, http://www.infoworld.com/article/3087347/security/severe-flaws-in-widely-used-open-source-library-put-many-projects-at-risk.html. So is FreeBSD affected by this? I ask because the article says that the library originated on FreeBSD and was ported to...

I'm wondering if there's a secure attention key that aims to prevent a fake login from stealing account passwords in FreeBSD, similar to the Ctrl+Alt+Del sequence in Windows. Also, how much improvement can such a sequence actually bring in terms of security?

HERE: https://forums.grsecurity.net/viewtopic.php?f=7&t=4476 Let me paste it below, dunno how long it will hang on the net. The Truth about Linux 4.6 by spender » Sat May 14, 2016 1:06 pm As anticipated in public comments, the Linux Foundation is already beginning a campaign to rewrite...

First of all I'm sorry that this thread will appear to be off topic but I searched SECURITY category and is not present, so I wrote this here, in this category where, I think, are more services affected on a server. Well, in this morning I read the internal mail and found out that my server has...

Hi, A user systemd was created with root privileged on FreeBSD, once we started digging more into this we found the .bash_history file under his home directory which he created in /lib/.systemd, his history explained that he downloaded some log tamper script in order to hide his appearance but...

I am currently setting up a server that will host static websites, WordPress installations, forums and an eCommerce shop. I'll use Nginx, PHP and MySQL. Some of the hosted websites will be completely independent: One is a personal blog, one is a community forum, another is a website for a...

I have read a lot about gbde, geli and dm-crypt under linux, but a question remains: Why would iI store my master key on the disk? Seriously! Anybody could rip the metadata off the disk in no time and brute force the password in a cluster without even having additional encrypted sample data...

I'm asking this here since it's my understanding that the FreeBSD community knows some of the most about security. Me and a friend have been having a discussion if we should keep the code handling passwords and user account management (updating passwords, etc) on the server side vs letting...

I installed security/rkhunter with security/nmap support, and it kept showing TCP ports 1524, 6667, and 31337 as possible ports where a rootkit could have interacted. Running sockstat showed security/portsentry interacting with those ports on a freshly installed system. No known rootkits were...

Hi, I'd like to know if you have a good way of keeping a system completely up to date in a completely automated way. If my understanding is correct, I can add 42 8 * * * freebsd-update cron in root's crontab to have the base system (I guess that means the kernel and the programs in /bin)...

Hello, I've got two servers which were recently upgraded from 9.2 to FreeBSD 10.1 (One was upgrade, second one was clean install due to hardware failure). Before upgrade, I was getting daily emails between 3 and 4am daily, but after upgrade, these emails started to arrive much later (8-9-10am)...

Adobe confirms major Flash vulnerability, and the only way to protect yourself is to uninstall Flash. https://bgr.com/2015/10/15/adobe-flash-player-security-vulnerability-warning/

Hello all, Not entirely sure where to put this thread. I've got a VPS at DigitalOcean with FreeBSD 10.2 on it that I use for my wife's business site and my own personal site. However, someone has asked me to develop a site for them and host it. I used to be a web designer, and I still code...