DOCSLIB.ORG

Ptest Method Documentation Release 1

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Ptest Method Documentation Release 1 Ptest Method Documentation Release 1 Villalongue Maxime Aug 06, 2018 The Essentials 1 The Essentials Series 3 1.1 Cybersecurity in an Enterprise......................................3 1.2 Linux Basics............................................... 13 2 Infrastructure Pentest Series 35 2.1 Intelligence Gathering.......................................... 35 2.2 Vulnerability Analysis.......................................... 44 2.3 Exploitation............................................... 142 2.4 Post Exploitation............................................. 184 2.5 Reporting................................................. 211 2.6 Configuration Review.......................................... 212 2.7 Wireless Pentesting............................................ 220 3 Hardening Series 223 3.1 Securing your Debian.......................................... 223 4 Metasploit Documentation 231 4.1 Fundamentals............................................... 231 4.2 Information Gathering.......................................... 286 4.3 Vulnerability Scanning.......................................... 305 4.4 Fuzzers.................................................. 321 4.5 Exploit Development........................................... 326 4.6 Client Sides attacks............................................ 352 4.7 MSF Post Exploitation.......................................... 361 4.8 Meterpreter Scripting........................................... 396 4.9 Maintaining Access........................................... 412 4.10 MSF Extended Usage.......................................... 419 4.11 Post Module Reference.......................................... 454 4.12 Auxiliary Module............................................ 474 5 Other Tools 553 5.1 Pupy................................................... 553 5.2 CrackMapExec.............................................. 565 6 Obligatory Disclaimer 575 7 Indices and tables 577 i ii Ptest Method Documentation, Release 1 This Repo will be my knowledge database about Pentesting skills. It has been inspired by https://bitvijays.github.io And some of the content will be the same as a starting point. Always keep in mind when you have a problem just launch a search over internet about it, 99 % of the time the comunity already sollved this issue. The Essentials 1 Ptest Method Documentation, Release 1 2 The Essentials CHAPTER 1 The Essentials Series The Essentials Series covers the essential concepts/ skills for somebody who wants to enter the field of CyberSecurity. • CyberSecurity in an Enterprise : IT Technical challenges faced by a company during their transformation from a start-up of two people growing to Micro, Small, Medium-sized, larger size company and their solutions. • Linux Basics : Essential linux commands and concepts required in the Infosec field. 1.1 Cybersecurity in an Enterprise This blog is about the Cybersecurity in an Enterprise. We would start with a simple concept of two people (Alice and Bob) starting a new company and building it to Micro (< 10 employees), Small (< 50 employees), Medium-sized (< 250 employees), larger company. We would walkthru scenarios where company is affected by security breaches, vulnerability assessments excercises. At each stage of the company, we would provide • How the company can be made secure? • What are the challenges faced by the administrators? • How we can make things easy/ automate for the administrators of the company. Hopefully this will provide a general life-cycle of what happens and how things/ security evolve at companies. 1.1.1 Nomenclature There are few terms which would come across: • Current Users : Represents the number of people working in that company. • Current Setup : Represents the current IT Infrastructure the company has. • Security Additions : How we can improve the security of the current infrastructure? • Operations Issues : Any challenges for the IT Team managing the IT Infrastructure? • Operations Additions : How we can improve the management of IT Infrastructure? 3 Ptest Method Documentation, Release 1 1.1.2 New Company Two friends Alice and Bob met up and decided to open a company called Fantastic Solutions. Alice loves Linux (Debian) and Bob loves Windows. So, let’s see what they require at this current point of time? Current Users 2 Users Current Setup • Internet Connection • Home Router with builtin Wi-Fi • Two laptops (One Windows, One Linux) Security Additions Home Router with builtin Wi-Fi • WEP (Wired Equivalent Privacy) • WPA (Wi-Fi Protected Access) • WPA2-Enterprise • Hidden SSID (Service Set IDentifier) • Home Router DNS Entry: No-Ads DNS Servers - free, global Domain Name System (DNS) resolution service, that you can use to block unwanted ads. Few examples are • Adguard DNS • OpenDNS 1.1.3 Micro Enterprise The company started well and hired 8 more people (Let’s say two who loves Linux, two who loves Mac and two who loves Windows) Current Users 10 People Current Setup • New Company Setup Included • File Server (Network Attached Storage) 4 Chapter 1. The Essentials Series Ptest Method Documentation, Release 1 Security Additions • Windows - Microsoft Baseline Security Analyzer provides a streamlined method to identify missing security updates and common security misconfigurations. • Linux/ Mac - Lynis is an open source security auditing tool. Used by system administrators, security profes- sionals and auditors to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners. • File Server (NAS) - Access control lists on folders defining which folder can be accessed by which user or password protected folders. • Firewall - Installing a Firewall just after the Router could permit to block unwanted traffic. Operations Issues • The MBSA and Lynis have to be executed on every machine individually. • Administration of every individual machine is tough. Any changes in the security settings will have to be done manually by an IT person. 1.1.4 Small Enterprise Current Users 45 People Current Setup • Micro Company Setup Included Windows Domain Controller Active Directory Domain Services provide secure, structured, hierarchical data storage for objects in a network such as users, computers, printers and services. Domain Name Server A DNS server hosts the information that enables client computers to resolve memorable, alphanumeric DNS names to the IP addresses that computers use to communicate with each other. Windows Server Update Services (WSUS) Server Windows Server Update Services (WSUS) enables information technology administrators to deploy the latest Mi- crosoft product updates. A WSUS server can be the update source for other WSUS servers within the organization. Refer Deploy Windows Server Update Services in Your Organization 1.1. Cybersecurity in an Enterprise 5 Ptest Method Documentation, Release 1 DHCP Server Dynamic Host Configuration Protocol (DHCP) servers on your network automatically provide client computers and other TCP/IP based network devices with valid IP addresses. Others • Company decided to take 8 Linux Servers (Debian, CentOS, Arch-Linux and Red-Hat). • Added two servers hosting three web-application running on IIS-WebServer, Apache Tomcat and Nginx. Operations Issues • How to manage multiple Linux machines and make sure they are hardened and compliant to security standards such as CIS (Center for Internet Security) or STIG (Security Technical Implementation Guide). Minimum Baseline Security Standard (MBSS) • STIG : A Security Technical Implementation Guide (STIG) is a cybersecurity methodology for standardizing security protocols within networks, servers, computers, and logical designs to enhance overall security. These guides, when implemented, enhance security for software, hardware, physical and logical architectures to further reduce vulnerabilities. • CIS : CIS Benchmarks help you safeguard systems, software, and networks against today’s evolving cyber threats. Developed by an international community of cybersecurity experts, the CIS Benchmarks are configura- tion guidelines for over 100 technologies and platforms. Security Additions Security Compliance Manager Security Compliance Manager : SCM enables you to quickly configure and manage computers and your private cloud using Group Policy and Microsoft System Center Configuration Manager. SCM 4.0 provides ready-to-deploy policies based on Microsoft Security Guide recommendations and industry best practices, allowing you to easily manage configuration drift, and address compliance requirements for Windows operating systems and Microsoft applications. However, effective 15th June 2017, Microsoft retired SCM Security Compliance Manager (SCM) retired; new tools and procedures and introduced Security Compliance Toolkit. Security Compliance Toolkit The Microsoft Security Configuration Toolkit enables enterprise security administrators to effectively manage their enterprise’s Group Policy Objects (GPOs). Using the toolkit, administrators can compare their current GPOs with Microsoft-recommended GPO baselines or other baselines, edit them, store them in GPO backup file format, and apply them via a Domain Controller or inject them directly into testbed hosts to test their effects. The Security Configuration Toolkit consists of two tools, Policy Analyzer and LGPO, and a set of configuration baselines for different releases of Windows. • Policy Analyzer : Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects
Load more

Recommended publications
  • Integrity Checking of Operating Systems with Respect to Kernel Level Malware”
    To Bianca, for being who you are. Abstract Kernel-mode rootkits have gained a considerable momentum within the blackhat com- munity. They represent a considerable threat to any computer system, as they pro- vide an intruder with the ability to hide the presence of his malicious activity. These rootkits make changes to the operating system’s kernel, thereby providing particularly stealthy hiding techniques. Considering the kernel rootkit threat and other threats, the collection of reliable information from a compromised system becomes a central problem within the domain of computer security. This thesis addresses this problem. It looks at the possibility of using virtualization as a means to facilitate kernel-mode rootkit detection through integrity checking. The thesis describes several areas within the Linux kernel, which are commonly subverted by kernel-mode rootkits. It introduces the reader to the concept of virtual- ization and describes several technologies employing virtualization. The kernel-mode rootkit threat is then addressed through a description of their hiding methodologies. Some of the existing methods for malware detection are also addressed and analysed. A number of general requirements, which need to be satisfied by a general model enabling kernel-mode rootkit detection, are identified. A model addressing these requirements is suggested, and a framework implementing the model is set-up. The detection capabilities of the framework are tested on a couple of rootkits. iii Preface This report presents the results of my master thesis “Integrity checking of operating systems with respect to kernel level malware”. It is written as part of the Master de- gree (Sivilingeniør) in Computer Science at the Norwegian University of Science and Technology (NTNU), during Spring 2005.
    [Show full text]
  • Cisco Telepresence Codec SX20 API Reference Guide
    Cisco TelePresence SX20 Codec API Reference Guide Software version TC6.1 April 2013 Application Programmer Interface (API) Reference Guide Cisco TelePresence SX20 Codec D14949.03 SX20 Codec API Reference Guide TC6.1, April 2013. 1 Copyright © 2013 Cisco Systems, Inc. All rights reserved. Cisco TelePresence SX20 Codec API Reference Guide What’s in this guide? Table of Contents Introduction Using HTTP ....................................................................... 20 Getting status and configurations ................................. 20 TA - ToC - Hidden About this guide .................................................................. 4 The top menu bar and the entries in the Table of Sending commands and configurations ........................ 20 text anchor User documentation ........................................................ 4 Contents are all hyperlinks, just click on them to Using HTTP POST ......................................................... 20 go to the topic. About the API Feedback from codec over HTTP ......................................21 Registering for feedback ................................................21 API fundamentals ................................................................ 9 Translating from terminal mode to XML ......................... 22 We recommend you visit our web site regularly for Connecting to the API ..................................................... 9 updated versions of the user documentation. Go to: Password ........................................................................
    [Show full text]
  • Dockerdocker
    X86 Exagear Emulation • Android Gaming • Meta Package Installation Year Two Issue #14 Feb 2015 ODROIDMagazine DockerDocker OS Spotlight: Deploying ready-to-use Ubuntu Studio containers for running complex system environments • Interfacing ODROID-C1 with 16 Channel Relay Play with the Weather Board • ODROID-C1 Minimal Install • Device Configuration for Android Development • Remote Desktop using Guacamole What we stand for. We strive to symbolize the edge of technology, future, youth, humanity, and engineering. Our philosophy is based on Developers. And our efforts to keep close relationships with developers around the world. For that, you can always count on having the quality and sophistication that is the hallmark of our products. Simple, modern and distinctive. So you can have the best to accomplish everything you can dream of. We are now shipping the ODROID U3 devices to EU countries! Come and visit our online store to shop! Address: Max-Pollin-Straße 1 85104 Pförring Germany Telephone & Fax phone : +49 (0) 8403 / 920-920 email : [email protected] Our ODROID products can be found at http://bit.ly/1tXPXwe EDITORIAL ow that ODROID Magazine is in its second year, we’ve ex- panded into several social networks in order to make it Neasier for you to ask questions, suggest topics, send article submissions, and be notified whenever the latest issue has been posted. Check out our Google+ page at http://bit.ly/1D7ds9u, our Reddit forum at http://bit. ly/1DyClsP, and our Hardkernel subforum at http://bit.ly/1E66Tm6. If you’ve been following the recent Docker trends, you’ll be excited to find out about some of the pre-built Docker images available for the ODROID, detailed in the second part of our Docker series that began last month.
    [Show full text]
  • Introduction to Linux – Part 1
    Introduction to Linux – Part 1 Brett Milash and Wim Cardoen Center for High Performance Computing May 22, 2018 ssh Login or Interactive Node kingspeak.chpc.utah.edu Batch queue system … kp001 kp002 …. kpxxx FastX ● https://www.chpc.utah.edu/documentation/software/fastx2.php ● Remote graphical sessions in much more efficient and effective way than simple X forwarding ● Persistence - can be disconnected from without closing the session, allowing users to resume their sessions from other devices. ● Licensed by CHPC ● Desktop clients exist for windows, mac, and linux ● Web based client option ● Server installed on all CHPC interactive nodes and the frisco nodes. Windows – alternatives to FastX ● Need ssh client - PuTTY ● http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html - XShell ● http://www.netsarang.com/download/down_xsh.html ● For X applications also need X-forwarding tool - Xming (use Mesa version as needed for some apps) ● http://www.straightrunning.com/XmingNotes/ - Make sure X forwarding enabled in your ssh client Linux or Mac Desktop ● Just need to open up a terminal or console ● When running applications with graphical interfaces, use ssh –Y or ssh –X Getting Started - Login ● Download and install FastX if you like (required on windows unless you already have PuTTY or Xshell installed) ● If you have a CHPC account: - ssh [email protected] ● If not get a username and password: - ssh [email protected] Shell Basics q A Shell is a program that is the interface between you and the operating system
    [Show full text]
  • Dig, a DNS Query Tool for Windows and Replacement for Nslookup 2008-04-15 15:29
    dig, a DNS query tool for Windows and replacement for nslookup 2008-04-15 15:29 Disclaimer dig (dig for Windows ) (dig is a powerful tool to investigate [digging into] the DNS system) Source of the binary is from ftp.isc.org Manual Page of dig, in the cryptic Unix style, for reference only. (1) Download: Windows 2000 or Windows XP or Windows Vista ( dig version 9.3.2) Create a folder c:\dig Download this dig-files.zip and save it to c:\dig Use winzip or equivalent to extract the files in dig-files.zip to c:\dig Note: If msvcr70.dll already exists in %systemroot%\system32\ , then you can delete c:\dig\msvcr70.dll Note: Included in dig-files.zip is a command line whois, version 4.7.11: The canonical site of the whois source code is http://ftp.debian.org/debian/pool/main/w/whois/ The whois.exe file inside dig-files.zip is compiled using cygwin c++ compiler. (2) Do a file integrity check (why ? Because some virus checkers destroy dll files) Click Start.. Run ... type CMD (a black screen pops up) cd c:\dig sha1 * You should see some SHA1 hashes (in here, SHA1 hash is used as an integrity check, similar to checksums). Compare your hashes with the following table. SHA1 v1.0 [GPLed] by Stephan T. Lavavej, http://stl.caltech.edu 6CA70A2B 11026203 EABD7D65 4ADEFE3D 6C933EDA cygwin1.dll 57487BAE AA0EB284 8557B7CA 54ED9183 EAFC73FA dig.exe 97DBD755 D67A5829 C138A470 8BE7A4F2 6ED0894C host.exe D22E4B89 56E1831F F0F9D076 20EC19BF 171F0C29 libbind9.dll 81588F0B E7D3C6B3 20EDC314 532D9F2D 0A105594 libdns.dll E0BD7187 BBC01003 ABFE7472 E64B68CD 1BDB6BAB libeay32.dll F445362E 728A9027 96EC6871 A79C6307 054974E4 libisc.dll B3255C0E 4808A703 F95C217A 91FFCD69 40E680C9 libisccfg.dll DFBDE4F9 E25FD49A 0846E97F D813D687 6DC94067 liblwres.dll 61B8F573 DB448AE6 351AE347 5C2E7C48 2D81533C msvcr70.dll BDA14B28 7987E168 F359F0C9 DD96866D 04AB189B resolv.conf 1112343A 319C3EEE E44BF261 AE196C96 289C70E2 sha1.exe 21D20035 2A5B64E2 69FEA407 4D78053F 3C7A2738 whois.exe If your hashes are the same as the above table, then your files pass the integrity check.
    [Show full text]
  • Linux Security: What You Need to Know
    Linux Security: What you need to know Dr. James Stanger Chief Technology Evangelist CompTIA Your presenter . James Stanger, PhD Chief Technology Evangelist - CompTIA Security+, Network+, MCSE, LPI Linux, Symantec STA Responsible for CompTIA’s cerGficaGons and conGnuing educaGon • Security analyGcs • Risk management • PenetraGon tesGng, risk assessment, and intrusion detecon • Linux and open source Twier: @jamesstanger • Network administraGon • VirtualizaGon CompTIA hub: • Web technologies hps://Gnyurl.com/y94u3v7j • CerGficaGon development • Award-winning author and instructor Poll quesGon(s) 1. What animal is the Linux mascot? 2. What is the Linux mascot’s name? 3. How did this mascot get chosen, anyway? Why Linux is important to security? Linux is table stakes for security • You’ll be securing Linux-based systems – Web servers and databases – Cloud and virtualizaon • Nearly 1 in 3 Azure virtual machines are Linux • Majority of cloud services use Linux • You will use a Linux system to perform audits – End points (e.g., IoT, mobile devices, ICS) – Many tools available – Flexibility, scalability, and cost • Used as foundaonal components for major business and security soluGons by companies worldwide Most open source security – Fortune 500 tools are built naGvely in Linux – SMB Plaorms you’ll be asked to secure • Content management systems – Wordpress – SharePoint (has other uses) • Web servers • Databases • Network infrastructure – Firewalls, routers and VPN servers – Edge devices (e.g., micro datacenters) – Mobile – DNS especially • End
    [Show full text]
  • TEE Internal Core API Specification V1.1.2.50
    GlobalPlatform Technology TEE Internal Core API Specification Version 1.1.2.50 (Target v1.2) Public Review June 2018 Document Reference: GPD_SPE_010 Copyright 2011-2018 GlobalPlatform, Inc. All Rights Reserved. Recipients of this document are invited to submit, with their comments, notification of any relevant patents or other intellectual property rights (collectively, “IPR”) of which they may be aware which might be necessarily infringed by the implementation of the specification or other work product set forth in this document, and to provide supporting documentation. The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. This documentation is currently in draft form and is being reviewed and enhanced by the Committees and Working Groups of GlobalPlatform. Use of this information is governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited. TEE Internal Core API Specification – Public Review v1.1.2.50 (Target v1.2) THIS SPECIFICATION OR OTHER WORK PRODUCT IS BEING OFFERED WITHOUT ANY WARRANTY WHATSOEVER, AND IN PARTICULAR, ANY WARRANTY OF NON-INFRINGEMENT IS EXPRESSLY DISCLAIMED. ANY IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT SHALL BE MADE ENTIRELY AT THE IMPLEMENTER’S OWN RISK, AND NEITHER THE COMPANY, NOR ANY OF ITS MEMBERS OR SUBMITTERS, SHALL HAVE ANY LIABILITY WHATSOEVER TO ANY IMPLEMENTER OR THIRD PARTY FOR ANY DAMAGES OF ANY NATURE WHATSOEVER DIRECTLY OR INDIRECTLY ARISING FROM THE IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT. Copyright 2011-2018 GlobalPlatform, Inc. All Rights Reserved. The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform.
    [Show full text]
  • Drukkar P66 Android-X86 4.4 RC P67 Hotshots P68 Rcssmin P68 Gipfel P69 Lynx P69 Flpsed P70 Lynis P68 Nightmaretris P70 Zatacka P71
    FOSSPICKS Drukkar p66 Android-x86 4.4 RC p67 HotShots p68 rCSSmin p68 Gipfel p69 Lynx p69 Flpsed p70 Lynis p68 NightmareTris p70 Zatacka p71 Sparkling gems and new releases from the world of FOSSpicks Free and Open Source Software Mike Saunders has spent a decade mining the internet for open source treasures. Here’s the result of his latest haul… Lightweight blog platform Drukkar 2.0 http://drukkar.sourceforge.net ituation: you want to set up entries as simple XML files, and is your own blog. Options: a designed with minimum bandwidth Smillion and one competing overheads, so the “content should blog platforms, each one trying to account for most of your web be more feature-rich, flashy and traffic” as the developer puts it. Web 4.0 than the last. End result: you get tired of trying to work out Nice and simple what’s right for you, give up, and go To install Drukkar, extract its .zip to the pub instead. file directly into a location on your Sounds familiar? Most of us web server (note that it won’t create don’t need whizz-bang WordPress a subdirectory during extraction). installations with all the trimmings Then edit config.xml and set for our day-to-day musings, and the base_url and base_location Drukkar does a splendid job with settings to match your installation minimal requirements. It doesn’t path. Finally, make sure that the need a database or special Apache entries, files and cache directories Drukkar’s default theme, “flat”, is clean and simple. To change the modules or anything like that – its are writable by your web server text on the right, edit inc/sidebar.php.
    [Show full text]
  • Mariadb Presentation
    THE VALUE OF OPEN SOURCE MICHAEL ”MONTY” WIDENIUS Entrepreneur, MariaDB Hacker, MariaDB CTO MariaDB Corporation AB 2019-09-25 Seoul 11 Reasons Open Source is Better than Closed Source ● Using open standards (no lock in into proprietary standards) ● Resource friendly; OSS software tend to work on old hardware ● Lower cost; Usually 1/10 of closed source software ● No cost for testing the full software ● Better documentation and more troubleshooting resources ● Better support, in many cases directly from the developers ● Better security, auditability (no trap doors and more eye balls) ● Better quality; Developed together with users ● Better customizability; You can also participate in development ● No vendor lock in; More than one vendor can give support ● When using open source, you take charge of your own future Note that using open source does not mean that you have to become a software producer! OPEN SOURCE, THE GOOD AND THE BAD ● Open source is a better way to develop software ● More developers ● More spread ● Better code (in many cases) ● Works good for projects that can freely used by a lot of companies in their production or products. ● It's very hard to create a profitable company developing an open source project. ● Not enough money to pay developers. ● Hard to get money and investors for most projects (except for infrastructure projects like libraries or daemon services). OPEN SOURCE IS NATURAL OR WHY OPEN SOURCE WORKS ● You use open source because it's less expensive (and re-usable) ● You solve your own problems and get free help and development efforts from others while doing it.
    [Show full text]
  • GIS Features in Mariadb and Mysql What Has Happened in Recent Years?
    GIS features in MariaDB and MySQL What has happened in recent years? Hartmut Holzgraefe Principal Support Engineer at MariaDB Inc. [email protected] August 20, 2016 Hartmut Holzgraefe (MariaDB Inc.) GIS features in MariaDB and MySQL August 20, 2016 1 / 35 Overview 1 GIS Introduction 2 MySQL GIS History 3 Other Open Source GIS Databases 4 Performance 5 The End ... Hartmut Holzgraefe (MariaDB Inc.) GIS features in MariaDB and MySQL August 20, 2016 2 / 35 GIS Introduction 1 GIS Introduction Examples 2 MySQL GIS History 3 Other Open Source GIS Databases 4 Performance 5 The End ... Hartmut Holzgraefe (MariaDB Inc.) GIS features in MariaDB and MySQL August 20, 2016 3 / 35 GIS Data Types Geospatial Information System (GIS) data types describe geometries in a (usually) two-dimensional space. There are several different geometric subtypes: Simple types: POINT, LINESTRING, POLYGON, GEOMETRY Collection types: MULTIPOINT, MULTILINESTRING, MULTIPOLYGON, GEOMETRYCOLLECTION Hartmut Holzgraefe (MariaDB Inc.) GIS features in MariaDB and MySQL August 20, 2016 4 / 35 Spatial Properties Spatial properties of a geometry can be: Coordinates Length Area Is Closed Bounding Rectangle ... Hartmut Holzgraefe (MariaDB Inc.) GIS features in MariaDB and MySQL August 20, 2016 5 / 35 Spatial Relationships The most important spatial relationships between two geometries: Hartmut Holzgraefe (MariaDB Inc.) GIS features in MariaDB and MySQL August 20, 2016 6 / 35 Examples 1 GIS Introduction Examples 2 MySQL GIS History 3 Other Open Source GIS Databases 4 Performance 5 The
    [Show full text]
  • Hey Lynis, Audit This by Russ Mcree – ISSA Senior Member, Puget Sound (Seattle), USA Chapter
    toolsmith Hey Lynis, Audit This By Russ McRee – ISSA Senior Member, Puget Sound (Seattle), USA Chapter Prerequisites/dependencies solution will include the existing Lynis Unix/Linux operating systems client that we’ll cover here, a management and reporting interface, as well as related plugins. Michael says they’re making great progress and each appy Holidays to all readers, the ISSA community, day brings them closer to an official first version. Specific to and infosec tool users everywhere. As part of De- the plugins, while a work in progress, they create specialized cember’s editorial theme for the ISSA Journal, Di- hooks via the client. As an example, imagine heuristics scan- Hsaster Recovery/Disaster Planning, I thought I’d try to con- ning with correlation at the central node to detect security in- nect tooling and tactics to said theme. I’m going to try and do trusions. Compliance checking for the likes of Basel II, GLBA, this more often so you don’t end up with a web application HIPAA, PCI DSS, and SOX is another likely plugin candidate. hacking tool as part of the forensics and analysis issue. I can The short-term road map consists of finishing the web inter- hear Thom (editor) and Joel (editorial advisory board chair) face, followed by the presenting and supporting documents. now: “Congratulations Russ, it only took you seven years to This will include documentation, checklists, control over- catch up with everyone else, you stubborn git.” views, and materials for system administrators, security pro- Better late than never I always say, so back to it.
    [Show full text]
  • Mariadb Subscription Services Agreement
    MARIADB CORPORATION MariaDB Subscription Services MariaDB Subscription customers have access to technical support services including Problem Resolution Support, Engineering Support, Consultative Support, Remote Login Support, and Telephone Support for the MariaDB platform (MariaDB server, MariaDB TX for transactions, MariaDB AX for analytics, MariaDB MaxScale, and related products like storage engines) via the Customer Support Portal. Each designated technical contact will receive a Customer Support Portal login (based on the associated email address) that can be used to report new support issues, monitor ongoing issues, or review historical issues. Information regarding making changes to technical contacts can be found in the "Welcome Letter" provided after signup, and is also available in the “Contact Us” section of the Customer Support Portal. If you have issues initially logging into the Customer Support Portal, you will be prompted to email [email protected] for further assistance. If Remote DBA services are purchased, an on-boarding call is scheduled to gather the necessary information for the MariaDB Remote DBA team to remotely access supported products. Information about the architecture, operating systems, database server versions, backup schedules, etc will also be documented during this call. Once the required information has been collected, monitoring software will be installed and setup to alert MariaDB Corporation. Certain alerts such as server availability, replication health, and others will be configured to open issues automatically in the Customer Support Portal. All services are delivered in English. MariaDB Corporation will use reasonable efforts to provide technical support in languages other than English using MariaDB Corporation’s available personnel via voice calls and in-person meetings, but may not have such resources available at all or at the time of the support request.
    [Show full text]