0 day exploits

Zero day exploits, best explained here, will be coming out daily for the month of January, it seems, due to a security research firm in Russia. No matter what you think about their methods, this does highlight a fact that is sometimes forgotten, every running service presents the potential for an exploit. But without those services a computer is just an overpriced electric heater. So how do we protect ourselves against the unknown and unpatched? By being very careful about what our servers are running, only allowing access to the minimum number of resources required to get the job done, and having a plan for when your monitoring reports the service is down.

     Since linux distributions are varied in their installs I won’t go through each but most of the “friendly” distributions start, by default, a variety of services that may not be required but could potentially have exploits. While most of these don’t have a network component, combined with other exploits they could help open the server to attack. For example, Red Hat starts processes to monitor the software raid and logical volume manager even if you aren’t using them. It also starts processes for handling bluetooth devices, HP printers, and command line mouse support, even if you don’t have them. None of these should cause you any concern but if you don’t need them they don’t need to run at all.

     Most Apache HTTP server installs suffer from the same desire for usability, many modules are made available to the server by default. For example, you probably aren’t using LDAP authentication or WebDAV as part of your server but the modules for them are preloaded on most default installs. Identifying the modules that are required for your web site or application to run and then disabling the ones that are not will reduce your apache httpd footprint and therefore reduce your exposure.

     MySQL server doesn’t have the modular nature of our prior two examples but there are some steps that you can take to reduce your exposure. First off, after doing the install and setting the root password, remove the test user and database. These have no known exploits but aren’t needed. Second, ensure that your users are bound to a host instead of a wild card address, this makes sure that connections are only authorized from known hosts. Finally, if you are running mysql on the same host as your webserver and this is the only server that needs to access it, configure it to only listen on localhost ( There is no place like 127.0.0.1 ), this ensures that remote hosts cannot connect to your database even if your firewall fails.

     While I did focus on some of the more simple things that can be done to a LAMP server, this should give you an idea of what kind of changes can be made that won’t effect your service but will reduce your exposure footprint. Remember that before you make any changes you should do a backup and make copies of the files you are editing. We will see what this month brings as far as unpublished exploits and should also take this time to remember that not all exploits are published or patched, or even discovered yet.

Reblog this post [with Zemanta]
2010
01/13
CATEGORY
Linux
Monitoring
Security
TAGS











3,039 comments

  1. Actually, i know her virtually concerning matter, but: You need to don’t fail in order to donate with regard to Pakistan!!!! I recently discussed to somebody all the way down in that respect there as well as the situation is usually crazy! Excellent artwork i just allow the select few since efficient what whoc reasons normal troubles while using green house benefit! Thus you should provide a little something, any coin aids! I made the identical

  2. You never see a man walking down the street with a woman who has a little pot belly and a bald spot. – Beau Brummel

  3. I have bookmarked http://jsquaredconsulting.com/blog/2010/01/0-day-... so my dudes can visit to your post too. I simply copied 0 day exploits | J Squared Consulting as the entry title in my bookmark. ;-)

  4. This page is the info box I really need.

  5. I’d have to test with you here. Which is not something I normally do! I take pleasure in studying a publish that may make individuals think. Additionally, thanks for permitting me to comment!

  6. Dudes! This isnt to bad, i am browing your site now and wanted to say Thank you for taking your time to write this

  7. Hello there I love your submit http://www.aucklandmarine.getlisted.co.nz/nz-boat...

  8. *There are certainly a lot of details like that to take into consideration. That is a great point to bring up. I offer the thoughts above as general inspiration but clearly there are questions like the one you bring up where the most important thing will be working in honest good faith. I don?t know if best practices have emerged around things like that, but I am sure that your job is clearly identified as a fair game. Both boys and girls feel the impact of just a moment¡¯s pleasure, for the rest of their lives.

  9. Does one require any programming expertise to generate your personal blog? Any help will be really appreciated!

  10. I believe this internet site has got very good indited written content articles .

  11. That is the fitting blog for anybody who wants to seek out out about this topic. You realize a lot its nearly hard to argue with you (not that I really would need…HaHa). You definitely put a new spin on a topic thats been written about for years. Nice stuff, simply nice!

  12. Basically If I were have a very good weblog, We want the identical design. I wanted to get started our blog sites, but topics are pricy. Just where do you purchase your business opportunity? Take a look at my own sister’s web site: http://mjlnetwork.com

  13. This is the first time you posted something like that, and it scares me

  14. Youre so cool! I dont suppose Ive learn anything like this before. So nice to find someone with some unique ideas on this subject. realy thank you for starting this up. this web site is something that’s needed on the web, somebody with just a little originality. useful job for bringing one thing new to the web!

  15. Wow, fantastic weblog format! How long have you been blogging for? you made running a blog look easy. The overall look of your web site is fantastic, let alone the content!

  16. Aw, this was a really nice post. In thought I would like to put in writing like this moreover – taking time and precise effort to make a very good article… however what can I say… I procrastinate alot and certainly not seem to get something done.

  17. Hello, I think that I saw you visited my website so I came to “return the favor�.I am trying to find things to improve my web site!I suppose its ok to use some of your ideas!!

  18. It truly is truly a nice and beneficial piece of info. I’m satisfied that you shared this useful information with us. Please stay us up to date like this. Thanks for sharing.

  19. It’s highly useful for me. Massive thumbs up for this weblog post!

  20. Used Regaine Extra Strength Solution for over 6 months now and I am seeing little effect, how long should I persevere or should I just give up?

  21. Magnificent beat ! I wish to apprentice while you amend your site, how could i subscribe for a blog website? The account aided me a applicable deal. I have been tiny bit familiar of this your broadcast provided vibrant clear concept

  22. I wish to express my gratitude for your kind-heartedness for those people that require help with in this matter. Your real commitment to passing the solution all around appears to be exceedingly helpful and has surely empowered others like me to realize their targets. Your informative useful information means this much to me and further more to my mates. With thanks; from each one of us.

  23. Thank you so considerably for giving my family an update on this issue on your web-site. Please realise that if a brand new post appears or if perhaps any adjustments occur towards the current post, I would be interested in reading a good deal much more and focusing on how to make good use of those strategies you reveal. Thanks for your efforts and consideration of other individuals by producing this internet site available.

  24. Advantageously, typically the submit is actually the quite very best about this laudable theme. To be certain with all your a conclusion and will thirstily await the following revisions. Truly stating cheers won’t only end up being suitable, to your great readability within your creating. I might at once seize a person’s rss to sleep in abreast of virtually any upgrades. Fine job and considerably success within your organization business!

  25. There are certainly loads of particulars like that to take into consideration. That is a nice point to carry up. I provide the ideas above as common inspiration however clearly there are questions just like the one you deliver up the place crucial factor can be working in sincere good faith. I don?t know if best practices have emerged round things like that, however I am positive that your job is clearly recognized as a fair game. Both girls and boys feel the impression of just a moment’s pleasure, for the rest of their lives.

  26. I really like your blog. Thrust into the top issues in this subject. It seems to me that you have many wise words to say and not afraid to speak aloud their sentences. Keep up the invite to your blog pozycjonowanie stron

  27. You should take part in a contest for among the finest blogs on the web. I’ll suggest this web site!

  28. First-class Material, still I would have to declare that given the abundance of views this has had it should be desirability meditating about trying to better the spelling and the english! Produced a wonderfully good read though, terrific substance.

  29. This web page is really a stroll-by way of for all of the info you wanted about this and didn’t know who to ask. Glimpse here, and also you’ll definitely discover it.

  30. Awesome website you have here by the way

  31. I rattling lucky to find this internet site on bing, just what I was looking for : D likewise bookmarked .

  32. Great article! njvgojkgf

  33. Wonderful stuff.. really full of usefull information. I’ll grab the RSS feed and will stay tuned for more. Oh, and I threw you a StumbleUpon vote ;)

  34. how long to generate sperm food for sperm count increase can i ejaculate without an erection sperm increaser enhance sperm sperm improve improve sperm motility and morphology how to make your body produce more sperm how to make more seminal fluid volume of sperm how can i improve sperm count more sperm production increase seminal volume improve ejaculation strength how to increase sperm count ejaculate volume pills produce more sperm naturally how to increase your amount of sperm sperm quality and alcohol low sperm count but pregnant

  35. Thanks for your concern and also attempts! This stuff on your own internet site will be great. Furthermore My partner and i significantly understand the ideas. For me they’re important things. Anyhow thanks. Fantastic read.

  36. Simply desire to say your article is as amazing. The clarity in your post is just excellent and i can assume you’re an expert on this subject. Fine with your permission allow me to grab your feed to keep up to date with forthcoming post. Thanks a million and please continue the gratifying work.

  37. Many thanks for your personal concern as well as initiatives! These things in your web site is actually great. In addition We dramatically treasure your own creative ideas. Personally they are important matters. Nonetheless regards. Wonderful read.

  38. I am often to blogging and i really admire your content. The article has really peaks my interest. I am going to bookmark your web site and preserve checking for new information.

  39. Thanks for your anxiety not to mention work! This stuff within your blog might be excellent. On top of that I just considerably appreciate a choices. For me these are definitely valuable things. Anyhow appreciate it. Great browse.

  40. Thanks for discussing your ideas here. The other element is that any time a problem comes up with a computer system motherboard, people today should not go ahead and take risk regarding repairing it themselves for if it is not done correctly it can lead to permanent damage to all the laptop. It is almost always safe just to approach a dealer of any laptop with the repair of the motherboard. They’ve technicians who definitely have an know-how in dealing with mobile computer motherboard challenges and can make right diagnosis and perform repairs.

  41. I discovered your weblog web site on google and verify a few of your early posts. Proceed to keep up the excellent operate. I just further up your RSS feed to my MSN Information Reader. Looking for forward to reading extra from you afterward!…

  42. true amateur lesbian free amateur x

  43. Thanks a lot for your anxiety together with initiatives! This stuff for your web-site is certainly amazing. Moreover That i dramatically enjoy an individual’s choices. In my position most are crucial details. Nevertheless thanks a lot. Beneficial browse.

  44. Thanks a milion for your personal anxiety and even attempts! These things onto your websites is without a doubt superb. Additionally As i significantly treasure ones own suggestions. In my opinion many are vital factors. Anyways bless you. Very good browse.

  45. I have noticed that car insurance providers know the automobiles which are at risk of accidents along with risks. Additionally, these people know what style of cars are susceptible to higher risk plus the higher risk they may have the higher the actual premium price. Understanding the easy basics with car insurance will assist you to choose the right kind of insurance policy that can take care of your needs in case you become involved in any accident. Thanks for sharing the actual ideas with your blog.

  46. We genuinely enjoy that which you publish right here. Incredibly informative as well as reasonable. A particular trouble however. I’m operating Ie along with Debian as well as segments of the active theme items really are a small wonky. We realise it’s not really a common setup. Still it’s a little something in order to maintain in the mind. We wish it may assist as well as keep the finest high quality composing.

  47. We extremely prefer that which you place in this article. Particularly informative as well as reasonable. A particular situation however. I’m operating Safari along with Debian as well as segments of the active style items really are a small wonky. We realise it’s not really a popular setup. Nevertheless it’s a specific thing in order to have in view. We trust it might assist as well as always keep in the main high quality composing.

  48. Hello everybody, how do you do

    My big cheese’s Pigeon Johnny

    LA symph’s the troupe

    I remember what you’re thinking

    Who is this dumb-bell

    My select’s Pigeon Johnny

    I prepare the ladies drool

    Not as a matter of fact but it sounds relaxed yet

  49. Thanks for giving your ideas. The one thing is that learners have a selection between national student loan along with a private education loan where it’s easier to select student loan debt consolidation than in the federal education loan.

  50. I think this website holds some real great information for everyone : D.

1 2 3 ... 46

  1. No trackbacks yet.