Annual Loss Expectancy

In the context of risk management, the annual loss expectancy is an estimate of the monetary damage to the organization, from the realization of risks, over the course of one year. Calculation of ALE happens during a risk assessment.

Security Links Cheatsheet

Security-oriented Linux Distributions

Scanning Tools

Knowledge & Practice

Security Job Boards

Security Job Tips

  • The Top 10 Highest Paying Jobs in Information Security, Part 1 and Part 2.
  • Landing a Hands-On Security Gig, Part 1 and Part 2.

Certifications

Residual Risk

In the context of risk management, a residual risk is one that has been identified, but for any reason it cannot be dealt with.

How to run Firefox 3.6 on Ubuntu 15.04

These instructions will allow you to run the ancient 3.6 version of Firefox on a recent Ubuntu installation, namely 15.04, but it could apply to versions of Debian, Ubuntu and Linux Mint released close to 15.04.

Read More →

Show privileges for all users in MySQL

Example script:

mysql   --silent \
        --skip-column-names \
        --user mysqldumper \
        --execute 'SELECT User, Host from mysql.user' | \
        while read User Host; do 
            mysql --user mysqldumper --execute "SHOW GRANTS FOR '$User'@'$Host'"; 
            echo "==========================="; 
        done

The mysqldumper user only requires read permissions on the databases.

Example queries on the Sakila MySQL database

Sakila is a sample database provided by MySQL, meant to be used in tests and documentation examples. This page lists some example queries against that database.

Get a non-normalized selection of actors and films in which they played:

SELECT  actor.first_name, 
        actor.last_name, 
        film.title 
FROM actor, film, film_actor 
WHERE film_actor.actor_id = actor.actor_id 
AND film_actor.film_id = film.film_id;

Get the same result with double INNER JOIN:

SELECT actor.first_name, actor.last_name, film.title 
FROM film_actor 
INNER JOIN actor ON film_actor.actor_id = actor.actor_id 
INNER JOIN film ON film_actor.film_id = film.film_id;

OpenSSL

  • A useful script that discovers the expiry date for a given certificate: ssl-expiry-date. At some point I slightly modified this script to read a Bind DNS zone file and check each A record for SSL Expiry, for the purpose of discovering which subdomains were using a wildcard SSL certificate. I should publish that somewhere some day...

  • A very clear explanation of SSL encryption, not specific to OpenSSL, but it uses OpenSSL for all its examples: Secure your website with SSL encryption.

Stale NFS Causes BackupPC fileListReceive Failure

Recently, one of my BackupPC clients running CentOS failed to backup, with the contents of the host log being:

    2015-06-10 01:40:10 incr backup started back to 2015-05-16 08:56:42 (backup #600) for directory /
    2015-06-10 21:40:18 Aborting backup up after signal ALRM
    2015-06-10 21:40:18 Got fatal error during xfer (fileListReceive failed)

...and the last bad XferLOG containing:

    fileListReceive() failed

This happened a couple of times in a row, and the interval between the start time of the backup and the failure was consistently 20 hours. While checking, I noticed that an rsync process started on the client by BackupPC was running for about a week. I did an strace -p <PID> on the process ID of rsync and noticed that it was trying to stat an old NFS export, mounted from a server that no longer exists.

Although there are other ways to fix this, it was OK for this host to be rebooted at the time, problem solved.

/etc/snmp/snmpd.conf

Sometimes, snmpd will report the wrong speed of a network interface. For example, the following output shows a speed of 10Mbps, whereas the ethernet port on the server is actually working at 100Mbps:

    IF-MIB::ifIndex.2 = INTEGER: 2
    IF-MIB::ifDescr.2 = STRING: eth0
    IF-MIB::ifType.2 = INTEGER: ethernetCsmacd(6)
    IF-MIB::ifMtu.2 = INTEGER: 1500
    IF-MIB::ifSpeed.2 = Gauge32: 10000000

The Net-SNMP documentation mentions this. This can be manually fixed with the interface directive in snmpd.conf, for example:

    interface eth0 6 100000000
About

Hello, I'm Marios Zindilis and this is my website. Opinions are my own. You also find me on LinkedIn and GitHub.

Unless otherwise specified, content is licensed under CC0.

Search