Linux Security: Verify Package Security and Validity
Ensure App Service Authentication is Set on Azure App Service
Overview Azure App Service Authentication is a featured that can prevent anonymous HTTP requests from requests from reaching the API app, or authenticate those that have tokens before they reach the API app. If an anonymous request is received from a browser, App Service will redirect to a logon page. To handle the logon process,... Continue Reading →
Configure SELinux – Part 3
Ensure SELinux policy is configured Overview: Configure SELinux to meet or exceed the default targeted policy, which constrains daemons and system software only. Why: Security configuration requirements vary from site to site. Some sites may mandate a policy that is stricter than the default policy, which is perfectly acceptable. This item is intended to ensure... Continue Reading →
Azure Networking – Ensure that SSH Access is Restricted from the Internet
Overview: Disable SSH access on network security groups from the Internet. Why: The potential security problem with using SSH over the Internet is that attackers can use various brute force techniques to gain access to Azure Virtual Machines. Once the attackers gain access, they can use a virtual machine as a launch point for compromising... Continue Reading →
Configure SELinux – Part 2
Ensure the SELinux state is enforcing Overview: Set SELinux to enable when the system is booted. Why: SELinux must be enabled at boot time in to ensure that the controls it provides are in effect at all times. Audit: Run the following commands and ensure output matches: # grep SELINUX=enforcing /etc/selinux/config SELINUX=enforcing # sestatus SELinux... Continue Reading →
Azure Networking – Ensure RDP Access is Restricted from the Internet
Overview Disable RDP access on network security groups from the Internet. Why: The potential security problem with using RDP over the Internet is that attackers can use various brute force techniques to gain access to Azure Virtual Machines. Once the attackers gain access, they can use a virtual machine as a launch point for compromising... Continue Reading →
Configure SELinux – Part 1
SELinux provides a Mandatory Access Control (MAC) system that greatly augments the default Discretionary Access Control (DAC) model. Under SELinux, every process and every object (files, sockets, pipes) on the system is assigned a security context, a label that includes detailed type information about the object. The kernel allows processes to access objects only if... Continue Reading →
How To Add a User and Grant Root Privileges on Ubuntu
Step 1: Add the Username austin@wazuh:~$ sudo adduser ansible Adding user `ansible' ... Adding new group `ansible' (1002) ... Adding new user `ansible' (1002) with group `ansible' ... Creating home directory `/home/ansible' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: No password supplied Enter new UNIX password: Retype new... Continue Reading →
Wazuh: No ElasticSearch Template
Failed to connect to localhost port 9200 austin@wazuh2:~$ sudo curl https://raw.githubusercontent.com/wazuh/wazuh/v3.10.2/extensions/elasticsearch/7.x/wazuh-template.json | curl -X PUT "http://localhost:9200/_template/wazuh" -H 'Content-Type: application/json' -d @- % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 46821 100 46821 0 0 357k 0 --:--:-- --:--:-- --:--:-- 357k curl: (7) Failed to... Continue Reading →
