Category: Security
-
WordPress hack attempt…
Gotta love the script kiddies – keeping us entertained by “hacking” static HTML sites: 5.135.230.129 230.159.29.94[CHR(0)]'<?php print(238947899389478923-34567343546345); ?>’ $domain.com – [11/Mar/2019:10:46:51 -0700] “GET / HTTP/1.1” 200 1533 “http://www.google.com/'<?php print(238947899389478923-34567343546345); ?>'” “Mozilla/5.9′<?php print(238947899389478923-34567343546345); ?>'”
-
Apache Airflow 1.10.2– Active Directory Authentication (via LDAP[s])
This basic guide assumes a functional airflow deployment, albeit without authentication, or perhaps, with LDAP authentication under the legacy UI scheme. This guide also assumes apache airflow 1.10.2, installed via pip using MySQL and Redis. The guide also assumes Amazon Linux on an EC2 instance. Pre-requisites: An Active Directory service account to use as the…
-
Tuning EC2 Network Stack
I recently had an issue with web requests taking 1.2-1.5 seconds from a service hosted in AWS. I had a small SSD-backed EC2 instance with a small SSD-backed RDS instance running a wordpress site and this type of performance was not acceptable. After a bit of troubleshooting I discovered that the network was suffering from…
-
Rebooting: quick tip
Note to self: whenever rebooting a server, login via SSH and restart the OpenSSH daemon first to validate that it will come back up. I just updated an AWS instance and rebooted it without doing this. Some new update in OpenSSH required that the AuthorizedKeysCommandUser be defined if AuthorizedKeysCommand is defined and the OpenSSH daemon…
-
AWS VPC DB Security Group
The other day I was working with a client and creating a CloudFormation template that used RDS instances within a VPC. I found that while creating the DB security group object that I was getting an error like the following: STACK_EVENT CloudFormationName DBSecurityGroupName AWS::RDS::DBSecurityGroup 2012-12-17T22:30:20Z CREATE_FAILED Please see the documentation for authorizing DBSecurityGroup ingress. For…
-
SSH Public Key Authentication via OpenLDAP on RHEL/CentOS 6.x
With the release of RHEL/CentOS 6.x there are some changes to the way clients authenticate using public keys over SSH with keys stored in OpenLDAP. I was able to get this working with the following modifications. Pre-requisites: * RHEL / CentOS 6.x * openssh-ldap Setup the sshd_config by setting up the AuthorizedKeysCommand. This will execute…
-
DNS Vulnerability
Tuesday a vulnerability was made public which affects all users of the DNS system. The vulnerability was discovered by Dan Kaminsky, a prominent researcher in the area of DNS, who organized a mass patch release by major vendors to prevent delays between the vulnerability becoming public and the patch being released. http://doxpara.com/ This is a…