2018年7月27日 星期五

OpenBSD: SMT Disabled by Default in -current

SMT (Simultanious Multi Threading) implementations typically share
TLBs and L1 caches between threads.  This can make cache timing
attacks a lot easier and we strongly suspect that this will make
several spectre-class bugs exploitable.  Especially on Intel's SMT
implementation which is better known as Hypter-threading. 

REF: https://undeadly.org/cgi?action=article;sid=20180620110722

2018年7月25日 星期三

TrendLabs: Open ADB Ports Being Exploited to Spread Possible Satori Variant in Android Devices

 Figure 1. Activity in the TCP Port 5555 from July 1 to July 15. Note the spike on July 9 and 10 and a second spike on July 15
Figure 1. Activity in the TCP Port 5555 from July 1 to July 15. Note the spike on July 9 and 10 and a second spike on July 15
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/open-adb-ports-being-exploited-to-spread-possible-satori-variant-in-android-devices/

[USN-3718-1] Linux kernel regression

---------- Forwarded message ----------
From: Steve Beattie
Date: 2018-07-21 8:27 GMT+08:00
Summary:

A regression that caused boot failures was fixed in the Linux kernel.

Original advisory details:

 Jann Horn discovered that the Linux kernel's implementation of random
 seed data reported that it was in a ready state before it had gathered
 sufficient entropy. An attacker could use this to expose sensitive
 information. (CVE-2018-1108)

 Wen Xu discovered that the ext4 file system implementation in the Linux
 kernel did not properly initialize the crc32c checksum driver. A local
 attacker could use this to cause a denial of service (system crash).
 (CVE-2018-1094)

 It was discovered that the cdrom driver in the Linux kernel contained an
 incorrect bounds check. A local attacker could use this to expose sensitive
 information (kernel memory). (CVE-2018-10940)

 Wen Xu discovered that the ext4 file system implementation in the Linux
 kernel did not properly validate xattr sizes. A local attacker could use
 this to cause a denial of service (system crash). (CVE-2018-1095)

 Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
 64 bit Linux kernels did not properly initialize memory returned to user
 space in some situations. A local attacker could use this to expose
 sensitive information (kernel memory). (CVE-2018-11508)

 It was discovered that an information leak vulnerability existed in the
 floppy driver in the Linux kernel. A local attacker could use this to
 expose sensitive information (kernel memory). (CVE-2018-7755)

References:
  https://usn.ubuntu.com/usn/usn-3718-1
  https://launchpad.net/bugs/1779827, https://usn.ubuntu.com/usn/usn-3695-1

2018年7月23日 星期一

bsdmag: Virtualization on ARMv8-A

The Latest Issue: bhyvearm64: Virtualization on ARMv8-A

Dear Readers,
Summer is here! A season which appeals to affection and sentiments, and of course, vacation time isn’t complete without a touch of laziness. As Ella sang: ‘Summertime, and the livin' is easy’, it’s indeed a good time. I hope you will work on unfinished projects, explore the latest technologies, and encounter numerous exciting tasks. Here, we concertedly continue to publish great lectures for you and take pride in them as well. Therefore, as you’ll be enjoying a sunset view on your porch, have a quick read at our BSD Magazine issue to crown the special day.
Now, let’s have a glimpse of what our experts prepared for you.
In Brief
Ewa & The BSD Team
This column presents the latest coverage of breaking news, events, product releases, and trending topics from the BSD sector.
Illumos Containers Using OmniOSce
Carlos Neira
Containers have been around almost two decades, starting with FreeBSD jails implementation around 2000. Thereafter, Sun Microsystems took a step further and implemented Solaris Zones around 2004, which was based on FreeBSD’s jails. Both containerization technologies allow you to partition your machine further and give you more mileage for your money as it is lighter than hardware virtualization. This means performance is better as applications run on bare metal. Enhanced security, such that if a zone or jail is compromised, the attacker is confined to that virtual host. We will learn about Solaris Zones using an Illumos derivative called OmniOSce, and instructions that could be applied to other Illumos based distributions.
bhyvearm64: Virtualization on ARMv8-A
Alexandru Elisei
Virtualization is the process of creating a virtual machine that acts like the real hardware for the guest operating system. Efficient virtualization requires hardware features that reduce the overhead usually associated with using virtual machines. Looking to enter the server market, ARM has developed the ARMv8-A architecture which offers such features. We have ported the FreeBSD bhyve hypervisor port to this architecture and we have called the port bhyvearm64.
iSCSI On FreeBSD
Abdorrahman Homaei
iSCSI is a protocol that gives you the ability to share storage over a network at block level. It’s like connecting new storage to your computer and can format it as you wish. In iSCSI terminology, the computer that shares the storage is known as the target, and the clients which access the iSCSI storage are called initiators. FreeBSD originally supports kernel-based iSCSI target and initiator. Many people are not sure about choosing between DAS (Block-Level directly), NAS (File-Level over the network) and SAN (Block-Level over the network). Don’t settle for storage based on the amount of space only, rather, the answers to these important questions should act as a guiding principle. What is your storage expansion policy? What is your backup policy?
HTTP/2 and PHP with Apache on FreeBSD: Not as Simple as it Seems
Bob Cromwell
In an earlier article, I showed you how to run FreeBSD on Google Compute Engine, running an Apache web server with PHP. Now, let's see how to improve its performance with the latest version of HTTP. HTTP/2 has significant advantages over earlier versions, however, it and PHP don't work together "out of the box" on FreeBSD, and what appears to be the appropriate fix breaks an otherwise functioning web server. Follow my investigation of the mystery, and at the end, I'll have assembled a working configuration for you.
Self Exposure: Redundant Firewalls with OpenBSD, CARP and pfsync
Daniele Mazzocchio
Firewalls are among the most critical components in network infrastructure, since their failure may cause entire groups of machines to go offline. The damage may range from the public (web, mail, DNS, etc.) servers to become unreachable from the outside world up to being unable to surf this website!
Expert Speak by E.G. Nadhan: Just Takes 5 Seconds to Grow Your Team Culture
E.G. Nathan
How many times have you been in a situation where you are about to sharply critique a co-worker, a colleague, or an acquaintance for something they did not do right? Well, as it turns out, Gallup’s workplace research suggests praise should outweigh criticism by a 5-to-1 margin. Five praises for one criticism (if at all there is one).
Interview with Joel Knight
Ewa & The BSD Team
Joel Knight is an original contributing author to the OpenBSD PF User’s Guide (www.openbsd.org/faq/pf) and the original author of some of the native OpenBSD SNMP MIBs (packetmischief.ca/openbsd-snmp-mibscvsweb.openbsd.org/cgi-bin/cvsweb/src/share/snmp/). He’s contributed some minor patches to the OpenBSD pf(4) subsystem and network stack over the years.
Online shopping and electronic transactions are revolutionizing the way business is being carried out, both for individuals and corporate entities. Are we entering a golden age of choice, or should the Latin phrase Caveat Emptor be embedded on every “accept” button for Internet sales?
Rob Somerville
I’ve just been ripped off of £153.25 for a Samsung Galaxy J5 mobile phone, or to be more accurate, Amazon has, along with approximately 1,000 other customers who have paid exorbitant amounts of money to a clearly fraudulent storefront that has exploited a subtle flaw in the E-commerce model that Amazon, eBay, and PayPal operate.
If any questions arise in your mind during or after reading the articles, please feel free to contact me via email: ewa@bsdmag.org. We hope you enjoy reading this issue and develop new skills with our magazine.
Thank you,
Ewa & The BSD team
REF: https://bsdmag.org/download/bhyvearm64-virtualization-on-armv8-a/
---------- Forwarded message ---------
From: Check_mk Announcements
Date: Sat, Jul 21, 2018 at 6:17 PM

..Changes in all Check_MK Editions:

WATO:
* 6354 FIX: Timespecific parameters: List of timeperiods is now sorted
* 6339 FIX: Fixed sorting of subfolders in breadcrump navigation
* 6346 FIX: Fixed failed host rename when host is configured as parent on folder level
* 6343 FIX: Analyze parameters: Shows parameters of clustered services now
* 6347 FIX: Add hover title to make long permission titles visible

User interface:
* 6356 New standard theme for Check_MK GUI

Notifications:
* 6345 FIX: Fixed invisible/lost notification rules when editing notification rules
* 6348 FIX: Contact groups in notification rule conditions are now sorted

Event console:
* 6226 Allow to match against the monitoring site in rules
* 6344 FIX: Fixed exception in MIB listing when directories are e.g. in /usr/share/snmp/mibs
* 6227 FIX: Fix failing termination or config reload

Core & setup:
* 6349 FIX: Fixed not working "manual checks" in Check_MK Raw Edition
* 6340 FIX: Fixed debian agent package incompatibilities
* 6350 FIX: Fixed broken checking of unrelated hosts when using manual checks

Checks & agents:
* 6122 zebra_model, zebra_printer_status: new checks for zebra printers
* 6121 security_master, security_master.humidity, security_master.temp: new checks to monitor sensors of security master devices
* 6125 mssql_connections: new check to monitor active connections of a MSSQL database
* 6309 FIX: winperf: Set default levels to 90, 95 percent
* 6124 FIX: juniper_bgp_state: avoid crash if peer state or peer status is missing in SNMP walk
* 6123 FIX: fsc_sc2_fans, fsc_sc2_power_consumption, fsc_sc2_psu, fsc_sc2_temp, fsc_sc2_voltage: avoid crashes when values values are missing in the SNMP walk
* 6312 FIX: filesystem: Fixed blemish in discovery dialog: Invalid check parameter: Undefined key 'patterns' in the dictionary
* 6311 FIX: diskstat: Ignore partitions which do not provide all necessary information
* 6342 FIX: Fixed degraded SNMP check performance when using SNMP sub checks

BI:
* 6351 FIX: Fixed creating BI aggregations

..You can download Check_MK from our download page:
 * http://mathias-kettner.de/check_mk_download.html

2018年7月21日 星期六

Google Cloud Next ’18

Next logo
Next ’18: Join us live or online July 24–26.
It’s not too late to register for the Google Cloud event of the year in San Francisco.
REF: https://cloud.withgoogle.com/next18/sf/explore

2018年7月20日 星期五

Plex: Get social in virtual reality

Watch Together
Invite friends and family to watch movies, shows, and personal videos together AND in real-time. Even across different VR hardware!
REF: https://www.plex.tv/blog/plex-vr-but-wait-theres-more/

2018年7月18日 星期三

TrendLabs: Blackgear Cyberespionage Campaign Resurfaces, Abuses Social Media for C&C Communication


Figure 2. Infection chain of Blackgear’s attack
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/blackgear-cyberespionage-campaign-resurfaces-abuses-social-media-for-cc-communication/

El Salvador's NDI® Video Revolution is Coming For You

El Salvador's NDI® Video Revolution is Coming For You

REF: https://www.newtek.com/blog/el-salvadors-video-revolution-is-coming-for-you/

2018年7月16日 星期一

Honey I Shrunk Ubuntu

Swapnil Bhartiya
Canonical has released a new version of Ubuntu that’s 50% smaller than the standard Ubuntu Server.
Canonical is tightening its focus on cloud and enterprise markets. The company has released a new version of Ubuntu, dubbed Minimal Ubuntu, which it claims is optimized for automated use at scale, with a tiny package set and minimal security cross-section.
Canonical claims that Minimal Ubuntu is the smallest Ubuntu base image for cloud operations. These images are less than 50% the size of the standard Ubuntu server image and boot up to 40% faster.
REF: http://www.linux-magazine.com/Online/News/Honey-I-Shrunk-Ubuntu

2018年7月15日 星期日

The different types of remote work
Let’s get one thing straight: Technology has changed. The ability for employees to work outside of an office is more feasible now than ever. So why are some people raving about remote work while others are ridiculing it?
REF: https://blog.trello.com/working-from-home-is-not-remote-work

2018年7月14日 星期六

TrendLabs: VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities

Figure 1. A Shodan result of an FTP connection to a printer without authentication
Figure 1. A Shodan result of an FTP connection to a printer without authentication
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/vpnfilter-affected-devices-still-riddled-with-19-vulnerabilities/

2018年7月13日 星期五

Plex: Grid View on Apple TV

Grid Goodness on Apple TV
Plex on your Apple TV now displays Live TV and DVR programming in a familiar, grid-style view, making it easier than ever to see what’s on now and coming up. Plex Pass subscribers can quickly navigate to the program they want to watch live or record their favorite shows with one click.
REF: https://www.plex.tv/blog/grid-who/

2018年7月12日 星期四

TrendLabs: July Patch Tuesday: Large Adobe Security Update and Patches for 18 Critical Microsoft Vulnerabilities

The following vulnerabilities were disclosed via Trend Micro’s Zero Day Initiative (ZDI):
In addition to Microsoft’s regular patch cycle, this month’s Patch Tuesday features a massive round of updates from Adobe addressing 107 vulnerabilities across different Adobe products, including Flash, Reader, Acrobat and Adobe Experience Manager. Of these, 68 came from Trend Micro’s ZDI. CVE-2018-5007, a Flash Player type confusion vulnerability that could lead to remote code execution, is a notable vulnerability patched this month.
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/july-patch-tuesday-large-adobe-security-update-and-patches-for-18-critical-microsoft-vulnerabilities/

2018年7月11日 星期三

Netflix: The End of Video Coding?

In the IEEE Signal Processing Magazine issue November 2006 article “Future of Video Coding and Transmission” Prof. Edward Delp started by asking the panelists “Is video coding dead? Some feel that, with the higher coding efficiency of the H.264/MPEG-4 . . . perhaps there is not much more to do. I must admit that I have heard this compression is dead argument at least four times since I started working in image and video coding in 1976.
REF: https://medium.com/netflix-techblog/the-end-of-video-coding-40cf10e711a2

NEMS: Nagios Enterprise Monitoring Server


REF: https://nemslinux.com/

SUSE Forks Red Hat's Spacewalk Project

SUSE and openSUSE developers have forked Red Hat's Spacewalk project to create Uyuni. The fork was announced during the openSUSE Conference in Prague, Czech Republic. Spacewalk is an open-source systems management solution which was upstream for Red Hat Satellite and SUSE Manager.
REF: http://www.linux-magazine.com/Issues/2018/213/News

2018年7月8日 星期日

Microsoft is using AI to cut the cloud’s electric bill

Microsoft’s cloud is far more energy-efficient and carbon-efficient than traditional on-site data centers, according to a study commissioned by the company.


Microsoft is using AI to cut the cloud’s electric bill

[Photo: eberhard grossgasteiger]
REF: https://www.fastcompany.com/40577770/how-microsoft-is-using-ai-to-make-the-cloud-more-energy-efficient?utm_source=DigitalOcean_Newsletter

2018年7月7日 星期六

Security concerns of LXC containers

Security Considerations

Containers use the same kernel as the host, so there is a big attack surface for malicious users. You should consider this fact if you provide containers to totally untrusted people. In general, fully virtualized VMs provide better isolation.
The good news is that LXC uses many kernel security features like AppArmor, CGroups and PID and user namespaces, which makes containers usage quite secure.
REF: https://pve.proxmox.com/wiki/Linux_Container

Unprivileged LXC containers

These kind of containers use a new kernel feature called user namespaces. All of the UIDs (user id) and GIDs (group id) are mapped to a different number range than on the host machine, usually root (uid 0) became uid 100000, 1 will be 100001 and so on. This means that most security issues (container escape, resource abuse, …) in those containers will affect a random unprivileged user, even if the container itself would do it as root user, and so would be a generic kernel security bug rather than an LXC issue. The LXC team thinks unprivileged containers are safe by design.
REF: https://pve.proxmox.com/wiki/Unprivileged_LXC_containers

2018年7月6日 星期五

How to defend your encrypted emails against prying eyes

From June 7
In May, a draft technical paper published at efail.de recommended that people stop using GNU Privacy Guard (GPG) plugins to encrypt their email. At the same time, the Electronic Frontier Foundation raised the alarm about seemingly new vulnerabilities in GPG, echoing the paper's cautionary recommendations. Much of this information isn't new. The issue isn't a flaw in GPG, and there is no need to panic or discontinue using GPG, including for signing emails or for encrypting and decrypting files outside of your email client. Here are the facts.

2018年7月5日 星期四

TrendLabs: Malicious Macro Hijacks Desktop Shortcuts to Deliver Backdoor


Figure 1. Malware infection chain
REF: https://blog.trendmicro.com/trendlabs-security-intelligence/malicious-macro-hijacks-desktop-shortcuts-to-deliver-backdoor/

2018年7月4日 星期三

SUSE Sold for $2.5 Billion

What’s different this time is that SUSE is being acquired by an investment firm and not a tech company. SUSE CEO, Nils Brauckmann, sees this as a move towards independence, with the company charting its own course instead of being a business unit of another tech company. “By partnering with EQT, we will become a fully independent business,” said Brauckmann. “Together with EQT, we will benefit both from further investment opportunities and having the continuity of a leadership team focused on securing long-term profitable growth combined with a sharp focus on customer and partner success.”
REF: http://www.admin-magazine.com/News/SUSE-Sold-for-2.5-Billion

2018年7月3日 星期二

Distribution Release: Network Security Toolkit 28-10234

Network Security Toolkit (NST) is a bootable live disc based on the Fedora distribution. The toolkit was designed to provide easy access to best-of-breed open source network security applications. The project has released NST 28-10234 which is based on Fedora 28. The new version includes Bluetooth improvements and proactive security testing and scanning tools. 
REF: https://distrowatch.com/10249

[USN-3695-1] Linux kernel vulnerabilities

---------- Forwarded message ----------
From: Steve Beattie 
Date: 2018-07-03 4:30 GMT+08:00
...
Details:

Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)

It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)

Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)

Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)

It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)

...
References:
  https://usn.ubuntu.com/usn/usn-3695-1
  CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508,
  CVE-2018-7755

2018年7月1日 星期日

install Windows 10 cumulative updates

Do a search for the update using the KB number for the update you want. For example, KB3194798.
Click the Download button for the 64-bit or 32-bit version of the update...
REF: https://www.windowscentral.com/how-download-and-install-windows-10-cumulative-updates-manually