blog.kumina.nl
crypto « Kumina bv | weblog
https://blog.kumina.nl/tag/crypto
Operations as a service. Security: Defense in depth. Posts Tagged ‘crypto’. The Collectd encrypted packet format. Friday, March 21st, 2014. Yesterday, Logstash 1.4.0 was released. Containing many improvements, one of which was contributed by us. We’ve implemented signature verification and packet decryption in the collectd input plugin. This blogpost will give an overview of how encryption and signing is used in the collectd binary protocol. We’re currently working on deploying a logstash. Or, you can ad...
blog.kumina.nl
security « Kumina bv | weblog
https://blog.kumina.nl/tag/security
Operations as a service. Security: Defense in depth. Posts Tagged ‘security’. The Collectd encrypted packet format. Friday, March 21st, 2014. Yesterday, Logstash 1.4.0 was released. Containing many improvements, one of which was contributed by us. We’ve implemented signature verification and packet decryption in the collectd input plugin. This blogpost will give an overview of how encryption and signing is used in the collectd binary protocol. We’re currently working on deploying a logstash. Since we mai...
blog.kumina.nl
puppet « Kumina bv | weblog
https://blog.kumina.nl/tag/puppet
Operations as a service. Security: Defense in depth. Posts Tagged ‘puppet’. Laquo; Older Entries. Job Opening: Debian Linux System Administrator at Kumina. Friday, March 28th, 2014. Thank you for all the responses and the interest, we are currently evaluating the candidates and we’re hopeful to find our new coworker among them! We’re growing and are looking for Debian Linux System Administors that would like to grow with us and provide sysadmin services to our customers. Who We Are Looking For. Currently...
blog.timstoop.nl
Tim's Weblog
http://blog.timstoop.nl/posts/2013/05/08/checking-for-linuxcdorked-a.html
Random Thoughts and Rants. Checking for Linux/CDorked.A. We’ve been reading a lot about a Linux exploit targeting webservers and since we manage quite a lot of webservers, we’re keeping a close eye on it. We recently already deployed a check for rogue Apache modules. Since we mainly use Apache), but now we’ve also created a check from the code provided by ESET. On their security blog describing the Linux/CDorked.A exploit. As usual, the Icinga check can be found in our GitHub repository.
blog.timstoop.nl
Tim's Weblog
http://blog.timstoop.nl/posts/2013/04/03/checking-for-rogue-apache-modules.html
Random Thoughts and Rants. Checking for rogue Apache modules. We’ve read a lot recently about attacks in which an attacker loads a modified module into Apache to insert iframes in outgoing data. Pretty scary, especially since nobody really seems to know how the hacks are performed. Recently, Sucuri. Wrote a blog article about how to check for rogue Apache modules on Debian. We’ve decided to implement this into an Icinga/Nagios check. You can find the source for the plugin here.