All posts tagged “security

comment 0

Monitor and audit Active Directory user and group management

Traceability is key when collaborating in the Active Directory (AD). Multiple admins changing and updating permissions and policies makes it difficult being compliant with the company’s policies. It is important to monitor mutations in the directory. By default audit policies are disabled for Domain Controllers (DC) and must be enabled explicitly. Enabling auditing for the DCs is quite easy, querying the logs for a specific event is a bit more difficult.

In this guide you’ll learn how to enable auditing for a specific case and how to query the audit logs for a specific event.
Read More

comment 0

free SSL for everybody

Let’s Encrypt is the latest initiative by the Internet Security Research Group (ISRG).
Their goal is simple, every site on the internet has to be SSL secured.

They want to achieve that by serving an open certificate authority (CA) and also provide a tool to set up a secured site the easiest way possible.

And now the big deal about this, their service is free of charge!

If this is really a thing, it will be a disaster for the SSL economy. As you might know SSL certificates are everything else than cheap. So good luck to every company that relays on selling SSL certificates as their core competence.

comment 0

Say Goodbye to TrueCrypt

Apparently the developer of TrueCrypt threw in the towel this week.

The official site http://truecrypt.org redirects to http://truecrypt.sourceforge.net/ where you’ll find instructions to migrate you TrueCrypt disk to Microsofts built-in solution Bitlocker.

The reason for all this is obvious, TrueCrypt can’t compete against Microsofts Bitlocker as their software comes with every Windows 8 version (withWindows 7 you had to have an enterprise license in order to use Bitlocker).

comment 0

Open SSL Heartbleed Bug

For those who missed it. The OpenSSL project has recently announced a security vulnerability in OpenSSL affecting versions 1.0.1 and 1.0.2 (CVE-2014-0160).

Details of the bug are available here: The Heartbleed Bug

You can check you website here: Heartbleed test

Details and update instructions from the websites of your Linux vendor of choice:
* Amazon Linux AMI
* Red Hat
* Ubuntu

On Ubuntu the update is simply done by executing these commands:

sudo apt-get update
sudo apt-get upgrade

The following command shows (after an upgrade) all services that need to be restarted.

ps uwwp $(sudo find /proc -maxdepth 2 -name maps -exec grep -HE '/libssl\.so.* \(deleted\)' {} \; | cut -d/ -f3 | sort -u)