• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

security

  1. Maelstorm

    PE Executable Debugger/Disassembler (i386/amd64)?

    I am looking for a debugger or disassembler for Windows PE format executables, something similar to objdump. I'm taking a class in computer forensics and the research project that my team is working on is reverse engineering malware. We have the malware (it's not hard to find). For obvious...
  2. asv0

    BIBA/MLS compartmentalization hell

    Good evening, I'm experiencing something which is making me doubting completely about my understanding of compartments through BIBA and MLS models. I've used colours and bold style in the attempt to make the following grade:compartments declarations more readable. I'm working in /home/shared #...
  3. PF Communication between fail2ban and pf fails

    EDIT: the problem is solved Hello, i had used Debian at the last several years and i'm very new to FreeBSD. I tryed to port my configuration for fail2ban from my Debian machines to FreeBSD (with the modification due the firewall has changed). In my testing phase i have found out that the...
  4. ronaldlees

    Open Source Review Security

    So, we've all accepted the "many eyes" theory of open source, and we assume that those eyes find many defects and fix them, hence increasing security. But, inside of many very important security sectors (especially in the U.S.) - that line of reasoning is said not to work. To paraphrase a few...
  5. fullauto2012

    Login Process

    I want to wrote a 2 factor authentication script that runs after PAM authentication that texts my phone a random 6 digit number and waits for 60 seconds for me to type in the result... I have it all basically writen in my head, but I cannot for the life of me find any literature as to where to...
  6. lebarondemerde

    Intel bug incoming.

    Intel Bug Incoming. EDIT: It seems sh!t will get pretty serious: Intel's CEO Just Sold a Lot of Stock UPDATE: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
  7. nixdmon

    Unable to change user umask

    Hi All, I've been trying to change umask of a local user. I've looked around for instructions, and tried adding umask in .login_conf in user's home directory. me:\ :umask=002: Also ran cap_mkdb .login_conf after modification. umask remains 022, unchanged. In addition, I've changed...
  8. timypcr

    OpenSSH Update for PCI Compliance

    According to our third-party PCI scanner (conducted by Trustwave) current OpenSSH version is no longer supported. The version of OpenSSH detected is no longer supported by the vendor. No further security patches or upgrades will be released by the vendor for this version, and the vendor will...
  9. Johnny2Bad

    Weird error in daily reports, could someone interpret this....

    I am running FreeBSD 11.1-RELEASE-p1 with a customized kernel (NAT compiled into it). I have setup ssmtp to send me the daily, weekly etc reports and over the past few days I have been receiving a strange error in the security run output. Checking setuid files and devices: Checking negative...
  10. FreeBSD audit by folder??

    Hello Everyone: The audit system in FreeBSD currently support auditing by user id only. Is it possible to support auditing by folder(I just wanna to audit specific folder,whoever access it)?? Thanks anyway!!
  11. kuroneko

    Solved Linux® Binary Compatibility. Security risk?

    So I noticed that the Linux Binary compatibility use the Kernel 2.x which is pretty old and it has a lot of known vulnerabilities. Is it still safe if we run it on FreeBSD or will it be not secure to have it?
  12. Kay

    Best way to allow ssh connection just for reverse port forwarding

    So here's my scenario. * I have a home server (HostB) which is completely within my control. * I have an off-site machine that can potentially be physically accessed by other people I don't trust (HostA). I want to do off-site backups (encrypted of course) via `duplicity` from HostB to...
  13. icecoke

    Some security concerns...

    Hi everyone, not sure if I'm in the right forum area, so maybe a mod wants to move this. Is it possible to 'track' actions that are done in a jail where an sshd server is running and offering root access (so of course no root access directly in the sshd, but after login su/sudo is possible)...
  14. HL1234

    "daily security run output" shows changes in mounted filesystems?

    Hello, I found in the eMail of "daily security run output" today: changes in mounted filesystems: --- /var/log/mount.today 2016-05-14 03:03:55.000000000 +0200 +++ /tmp/security.aYjsnqDE 2016-11-29 03:04:45.000000000 +0100 ..and downstairs kernel log messages: +++...
  15. Solved OpenVPN IPv6 PF set

    Hey folks, I'm in progress of migrating my centos openvpn dualstack server to freebsd. I got a problem with ipv6 connection and im not shure what is the problem. IPv4 is working fine through the tunnel. IPv6 icmp is possible, but nameservers are not reachable on :53 or anything else except via...
  16. What happens in a jail when updating the main host system?

    Hi, despite reading and re-reading the manual, I have an extremely hard time understanding how to keep my FreeBSD host and my FreeBSD jails secure. I am going to try to express my current understanding of FreeBSD as maybe the problem is that I don't understand it. There seems to be on one...
  17. Recommended multi-server FBSD hosting configuration

    I'm building out a hosting environment for my customers. I typically use Linux but FreeBSD offers some features of interest to my customers. I've used FreeBSD before (version 9), but my experience is limited. The hosting architecture I'd like to setup is (focusing on two servers): Server 1...
  18. Security in computer science only a mirage

    With exploits like this that directly affect the hardware and timing of a CPU, can we really believe that security in computer science is anything but a dream? Sure you can raise the bar but if someone wants to get in, they can. Even if they are running in virtual machines on your server, they...
  19. When adding user account, cannot add member to group wheel or anything else

    Hello Forum, I think I may have enabled too many security features that prevent me from adding any user account to groups wheel and others during the installation. I am not sure of how to get these back to not enabled post-installation. At least enabling the superuser account privilege for a...
  20. geek

    Security? FreeBSD systems as NSA targets

    Shadow Brokers reveals list of Servers Hacked by the NSA. FreeBSD is mentioned as one of the systems used in some of the hacked servers: This makes me curious about the security of FreeBSD and the methods and vulnerabilities NSA used to hack the servers. Do you think FreeBSD is suitable for...