Linux and Security Blog ,Yeah another one!

java-exploit 0

Exploiting the OpenNMS/Jenkins RMI Java Deserialization Vulnerability

Even though this vulnerability was detected back in 2015 I am only starting to notice it popping up on engagements more frequently. CVE-2015-8103 – Jenkins CLI – RMI Java Deserialization allows remote attackers to execute arbitrary code via a crafted serialized Java object. Apparently, according to Foxglove security Jenkins and OpenNMS are not the only ones that are affected by this issue, Websphere, Weblogic and JBoss are also affected. Whilst...

firewall2 3

CentOS 7 Server Hardening Guide

So… you’ve just setup a shiny new server and you want to take measures to keep the bad guys out? Well, here I will give you a few tips on how to do just that. This guide was written with CentOS 7.1 in mind but other up-to-date variants such as Fedora and RHEL should be pretty similar if not the same. Hardening SSH (Secure Shell) Most of you will be using...

FullSizeRender 8

Installing the latest version of GQRX on MacOS El Capitan

I wrote a post last year on how to install GQRX on Mac OS and it went down very well in the #SDR community. So I thought I would write another tutorial explaining how to install it on the latest version of Apple’s flagship operating system “El Capitan”.   Many of you were dissapointed how their was’nt an easier method and many of you messaged me to come up with...

Keybase Logo 0

Installing Keybase.io CLI on Mac OS X El Capitan

Founded by Max Krohn and Chris Coyne, who previously founded OK Cupid, Sparknotes and TheSpark, it’s presently only available in a private alpha. It markets itself as “a public directory of publicly auditable public keys. Built upon the tried and trusted platform of GNU Privacy Guard, Keybase allows users to easily encrypt, decrypt and share messages within a tried-and-tested encryption standard. Furthermore, all public keys are tied to user accounts...

iu 1

Fedora 22: Fresh Install Script (Ongoing Development)

I have had this script for a while, it’s just something I created for personal use because I always had different versions of Fedora in virtual instances. I wanted to put it out there so you can either make it better, say its crap or give me feedback on what you’d like to add. It’s a simple bash script and is free to modify and do what you want with....

spotify-linux 27

Fedora 22 – Quick & Easy Install of Spotify

A number of you have emailed me saying that you cannot get Spotify running on your Fedora Workstation 22 installation, so I decided to create a quick post and video on how I get it running on my favorite operating system.   Here’s the video, I have also written up all of the commands used and any other information to help you install Spotify. This was installed on a fresh...

logo-tagline 0

VulnHub: Zorz (Level 1) by TopHatSec

I have been using VulnHub to play around with the various vulnerable machine challenges and really enjoy doing so. The latest one I have tried is ‘Zorz’, This time though I thought it would be good to do a write up and post it here on my blog. If any of you that are reading this think I could have done things different/quicker/better then please shout up as I am...

Screen Shot 2015-02-25 at 20.17.47 40

RTLSDR – Up and running in Mac OSX Yosemite with GQRX & GNURadio

A while back I bought an RTL2832u device from ebay for a very small amount and was blown away by how this piece of kit performed. Under linux and windows it worked beautifully, I then purchased a new MacBook Pro and didn’t really know what to use as I have had no experience under Mac OSX. GQRX So a little research came up with GQRX and I can tell you...

Screenshot from 2014-10-06 19:31:49 2

Fedora 20: Spice Up Your Desktop With The Compass Icon Theme

Fancy a change on your desktop? How about a new fancy icon theme for GNOME? The Compass-Icon-Theme by Nitrux is a clean, attractive icon theme and is well worth a look.   Here they are in action on my Fedora 20 desktop/       The icons are free to download and I think they’re a good addition to any desktop. They’re downloadable via their website via a tarball which...

encryption_security_lock-100052900-orig 0

Fedora 20: #Shellshock Patch Now Available For CVE-2014-6271 and CVE-2014-7169

A patched version of BASH has now been released to fix the issues in CVE-2014-6271 and CVE-2014-7169 Please click the button for installation instructions   [button-red url=”http://www.smittix.co.uk/fedora-20-users-upgrade-your-bash-version-manually-re-cve-2014-6271/” target=”_self” position=”left”]Click For Instructions[/button-red]