LinuxQuestions.org - Blog Entries

chroot PHP for use with nginx

Posted 10-31-2010 at 10:40 AM by Web31337 (In The Middle Of Nowhere [edK's blog])

Tags chroot, gentoo, nginx, php, security

I never had to deal with chrooted environment before, and there isn't lots of info out there on the net. Best result I've found so far is http://www.cyberciti.biz/tips/howto-...oted-jail.html
Actually, it covers almost entire topic, but I'm going to explain how to bind it with nginx in gentoo linux environment.
Say, you have a site example.org with some app you don't really trust in /app dir. Your own-written site scripts are executed in non-chrooted PHP environment...

Web31337

Member

Posted in opensource, security

Views 6868 Comments 0 Web31337 is offline

bzip2 1.0.5 critical vulnerability

Posted 09-22-2010 at 09:32 AM by Web31337 (In The Middle Of Nowhere [edK's blog])
Updated 09-22-2010 at 09:36 AM by Web31337

Tags security

For how many years we thought it was safe while it was not!

Update now to 1.0.6!

CVE-2010-0405

More info: http://google.com/search?q=CVE-2010-0405
and here:
http://xorl.wordpress.com/2010/09/21...eger-overflow/

Web31337

Member

Posted in security

Views 1960 Comments 0 Web31337 is offline

3 easy ways to create ridiculous passwords

Posted 08-17-2010 at 08:12 PM by sag47
Updated 08-17-2010 at 10:40 PM by sag47

Tags security

A password can be easy to create if you use the right devices to remember it.

Method number 1: use a sentence
For example your password could be a sentence:

Code:

Ilovemydogfoofie

Dictionary attacks only work if your password is a single word. For that previous password a dictionary attack wouldn't work so a cracker would either have to resort to rainbow tables or brute force.

Method number 2: start and end all passwords with the same sequence....

sag47

Senior Member

Posted in Uncategorized

Views 2099 Comments 0 sag47 is offline

Security and Privacy on the Internet

Posted 08-12-2010 at 03:31 AM by craigevil (craigevil's random words of wisdom)
Updated 04-24-2021 at 09:07 PM by craigevil (Most of the advice is outdated.)

Tags anonymity, firefox, pgp, privacy, security

This post like all of my posts are several years out of date.
Use the Tor Browser, or a VPN preferably a paid one.
You can also use a browser like Librewolf that is a bit more hardened than Firefox or Chrome.

If you are really worried about privacy there are a few things you can do including:
Use the Adblock Plus extension for Firefox and use the
Easy Privacy list as well as the Antisocial list.
This list blocks the ever increasing social networking content...

craigevil

Senior Member

Posted in Uncategorized

Views 137001 Comments 38 craigevil is offline

upgrading home network router

Posted 07-25-2010 at 05:35 AM by Web31337 (In The Middle Of Nowhere [edK's blog])
Updated 07-25-2010 at 05:36 AM by Web31337

Tags gentoo, grsecurity, router, security

Yesterday I made a small relocation of server boxes at home and decided to test if I can replace my current Pentium-I MMX 200MHz router with newer computer, which is Celeron 2400 MHz, 1GB of RAM.
Well, I sat there all night till I finally managed to make a minimal required kernel for current hardware platform. Entire system boots in around 30 secs and ready to work. I didn't add automatic start of my internet connection, I usually do it manually.
Now I'm able to see that my ISP actually...

Web31337

Member

Posted in security, hardware

Views 2642 Comments 1 Web31337 is offline

Page 5 of 7

« First