Pages with tag Security
Block remote root login via ssh on Ubuntu/etc to keep your server safe A moment ago I was checking the system logs on my Ubuntu server and found that in auth.log reports that someone was repeatedly trying to SSH login as root. The "root" entry in /etc/passwd is setup so that no password will ever be matched, so perhaps this potential cracker would never get into my server anyway. But the requests are using bandwidth - and what if they were able to figure out a password that would work? Why not just block remote SSH login access to logging in as root in the first place? It's a bad idea to login directly as root - instead the recommended best practice is to login as a regular user then use sudo to perform things requiring super user access.
Brickerbot, vigilante software aiming to kill malicious botnets by killing IoT devices The last few months has seen escalating botnet activity on the Internet. The botnet operators are targeting non-existent security in certain Internet of Things devices. Some devices, like wireless security cameras or baby monitors, are not only connected to the Internet, but have gaping security holes. Using those holes, botnet operators have ammassed vast flotillas of Internet devices that can be commanded to attack targets on the Internet. Last fall several attacks, larger than any previously seen, attacked several large sites and even brought down critical Internet infrastructure on a few instances. The Brickerbot appears to be a Botnet purposed with destroying those malicious botnets. One hopes the cure is better than the illness.
Build your own security camera system with Raspberry Pi and cheap webcams You can build a powerful and flexible motion sensing security camera system using open source software on a Raspberry Pi and similar single board computers. The key is the MotionEyeOS that neatly bundles everything you need into a Raspberry Pi image. Simply burn it to an SD card, attach cameras, boot the Raspberry Pi, and start configuring. It easily supports monitoring multiple cameras, which can be USB webcams, WiFi cameras, the Raspberry Pi camera, or other MotionEyeOS instances. I have an original-version Raspberry Pi (low CPU power) driving two cameras and it handles things just fine.
Fixing 'Enter passphrase for /dev/fd/63' in a Gitlab CI job If you're a Gitlab user you're probably hoping to use Gitlab CI to automate builds and deployments. You probably want to deploy something using rsync, using an SSH key for security. Unfortunately (in my opinion) the official Gitlab documentation is confusing. While the Gitlab team does provide example .gitlab-ci.yml files that are supposed to work, the actual specifics of what to do are sketchy, and I found myself puzzling over a curious error message: "Enter passphrase for /dev/fd/63" ... WTF?
Installing OpenVPN on a Raspberry Pi Zero W, inexpensive security for your peace of mind Nowadays our personal privacy is being threatened by new government policies. Fortunately the open source world gives us tools with which to secure our lives. This tutorial goes over installing OpenVPN on your home network, giving you a secure method to access resources on your home network from anywhere else. Suppose you have a NAS with many terabytes of data at home, but you're traveling thousands of miles away and need to access that data. A VPN service on your home network provides a porthole through which to do so, provided you have VPN software on the computer you're carrying.
Wikileaks reveals CIA iPhone penetration team: hacking the iPhone A new batch of 8,761 files was released on Tuesday by WikiLeaks that alleges that the U.S. Central Intelligence Agency (CIA) has a dedicated iOS exploit team —and lacks the ability to keep the attack vectors under lock and key. They either bought or developed in-house a large pile of iPhone hacking tools. They were collected by the CIA's Center for Cyber Intelligence (CCI), a group of over 5000 members, and have been used to directly target over 10,000 people. However, the tools have escaped the CIA and are now circulating among former U.S. government hackers and contractors in an unauthorized manner. It is one of those people who released the information to Wikileaks.