Tag: linux

Jun 29

MIG: Mozilla InvestiGator by mozilla

Mozilla’s platform for real-time digital forensics and incident response of modern infrastructures

MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security. Watch on YouTube

MIG is composed of agents installed on all systems of an infrastructure that are be queried in real-time to investigate the file-systems, network state, memory or configuration of endpoints.

It’s an army of Sherlock Holmes, ready to interrogate your infrastructure within seconds.

Capability Linux MacOS Windows
file inspection check check check
network inspection check check (partial)
memory inspection check check check
vuln management check (planned) (planned)
system auditing (planned) (planned) (planned)

Imagine that it’s 7am on a saturday morning, and someone just released a critical vulnerability for your favorite PHP application. The vuln is already exploited and security groups are releasing indicators of compromise. Your weekend isn’t starting great, and the thought of manually inspecting thousands of systems isn’t making it any better.

MIG can help. The signature of the vulnerable PHP app (an md5 of a file, a regex on file, or just a filename) can be searches for across all your systems using the file module. Similarly, indicators of compromise such as specific log entries, backdoor files with {md5,sha{1,256,512,3-{256,512}}} hashes, IP addresses from botnets or signature in processes memories can be investigated using MIG. Suddenly, your weekend is looking a lot better. And with just a few command lines, thousands of systems will be remotely investigated to verify that you’re not at risk.

Source: MIG: Mozilla InvestiGator by mozilla

Jun 18

Firejail: sandbox processes on Linux

Firejail provides a sandbox environment for programs adding to the security of a Linux system.

Source: Firejail: sandbox processes on Linux

May 19

Firejail – Une sandbox pour Linux

Source: Firejail – Une sandbox pour Linux

Feb 02

Linux “Ghost” Remote Code Execution Vulnerability | US-CERT

Linux "Ghost" Remote Code Execution Vulnerability | US-CERT.

Oct 27

Une faille nommée « shellshock » – LinuxFr.org

Une faille nommée « shellshock » – LinuxFr.org.

Oct 27

CVE-2014-3566 — Vulnérabilité POODLE – LinuxFr.org

CVE-2014-3566 — Vulnérabilité POODLE – LinuxFr.org.

Jul 02

Ubuntu: change you mac adr at startup

memo-linux.com » comment changer de manière aléatoire une adresse MAC à chaque démarrage sous Ubuntu..

Feb 28

New software: cryptosat

This package allows for the user to generate, manipulate, and solve SAT instances encoding cryptographic algorithms of the ARX family (Addition, Rotation, eXclusive or) that make use of bitwise Boolean functions and S-Boxes. Currently supported algorithms include the compression function of the obsolete hash algorithm MD4, the stream cipher ZUC used in 4G LTE, and the key schedule of block ciphers WIDEA and MESH. The package can be easily extended in order to support other algorithms.
System requirements: Linux, g++, little-endian platform.

Download: cryptosat_0.2.1.tar

Jul 04

Top 10 Security Assessment Tools – LINUX For You

Top 10 Security Assessment Tools – LINUX For You.

Jul 04

Website Vulnerabilities and Nikto – LINUX For You

Website Vulnerabilities and Nikto – LINUX For You.