1. timypcr

    openssl-1.0.2_15,1 is vulnerable

    I have two FreeBSD 10.3 servers an audit shows the following pkg audit openssl-1.0.2_15,1 is vulnerable: OpenSSL -- multiple vulnerabilities CVE: CVE-2016-6308 CVE: CVE-2016-6307 CVE: CVE-2016-6306 CVE: CVE-2016-2181 CVE: CVE-2016-2179 CVE: CVE-2016-2178 CVE: CVE-2016-2177 CVE: CVE-2016-2180...
  2. mariourk

    I receive files in my email, that are blocked in both Postfix and Amavisd-new

    I'm a bit puzzled about this one. Maybe one of you can shed some light on this problem. I block certain extensions on my mailserver, for obvious security reasons. However, today I got an email with a docm-file attached to it. And of course it was spam and it contained ransomware. And obviously...
  3. Maelstorm

    libarchive security vulnerabiity, FreeBSD affected?

    According to this article dated June 22 2016, So is FreeBSD affected by this? I ask because the article says that the library originated on FreeBSD and was ported to...
  4. S

    Is there a security attention key in FreeBSD?

    I'm wondering if there's a secure attention key that aims to prevent a fake login from stealing account passwords in FreeBSD, similar to the Ctrl+Alt+Del sequence in Windows. Also, how much improvement can such a sequence actually bring in terms of security?
  5. vermaden

    Truth About Linux 4.6 Security from GRSecurity Member

    HERE: Let me paste it below, dunno how long it will hang on the net. The Truth about Linux 4.6 by spender » Sat May 14, 2016 1:06 pm As anticipated in public comments, the Linux Foundation is already beginning a campaign to rewrite...
  6. S


    First of all I'm sorry that this thread will appear to be off topic but I searched SECURITY category and is not present, so I wrote this here, in this category where, I think, are more services affected on a server. Well, in this morning I read the internal mail and found out that my server has...
  7. S

    System Compromised!

    Hi, A user systemd was created with root privileged on FreeBSD, once we started digging more into this we found the .bash_history file under his home directory which he created in /lib/.systemd, his history explained that he downloaded some log tamper script in order to hide his appearance but...
  8. J

    Jails for a web server

    I am currently setting up a server that will host static websites, WordPress installations, forums and an eCommerce shop. I'll use Nginx, PHP and MySQL. Some of the hosted websites will be completely independent: One is a personal blog, one is a community forum, another is a website for a...
  9. sku1d

    Solved Question about disk encryption: Why the master key always gets stored on the encrypted disk?

    I have read a lot about gbde, geli and dm-crypt under linux, but a question remains: Why would iI store my master key on the disk? Seriously! Anybody could rip the metadata off the disk in no time and brute force the password in a cluster without even having additional encrypted sample data...
  10. zerophase

    I'm just a bit curious about website security.

    I'm asking this here since it's my understanding that the FreeBSD community knows some of the most about security. Me and a friend have been having a discussion if we should keep the code handling passwords and user account management (updating passwords, etc) on the server side vs letting...
  11. sidetone

    portsentry possibly causing false-positives in rkhunter

    I installed security/rkhunter with security/nmap support, and it kept showing TCP ports 1524, 6667, and 31337 as possible ports where a rootkit could have interacted. Running sockstat showed security/portsentry interacting with those ports on a freshly installed system. No known rootkits were...
  12. J

    Best way to automatically keep system, packages, and daemons up to date

    Hi, I'd like to know if you have a good way of keeping a system completely up to date in a completely automated way. If my understanding is correct, I can add 42 8 * * * freebsd-update cron in root's crontab to have the base system (I guess that means the kernel and the programs in /bin)...
  13. V

    Delayed nightly security emails after upgrade to FreeBSD 10

    Hello, I've got two servers which were recently upgraded from 9.2 to FreeBSD 10.1 (One was upgrade, second one was clean install due to hardware failure). Before upgrade, I was getting daily emails between 3 and 4am daily, but after upgrade, these emails started to arrive much later (8-9-10am)...
  14. V

    Adobe confirms major Flash vulnerability, and the only way to protect yourself is to uninstall Flash

    Adobe confirms major Flash vulnerability, and the only way to protect yourself is to uninstall Flash.
  15. C

    Starting in Web server hosting and administration

    Hello all, Not entirely sure where to put this thread. I've got a VPS at DigitalOcean with FreeBSD 10.2 on it that I use for my wife's business site and my own personal site. However, someone has asked me to develop a site for them and host it. I used to be a web designer, and I still code...