When you need to run Linux commands with elevated privileges, sudo is the tried and true method to run commands as another user (such as root). In this introductory tutorial, we’ll take a look at some of the inner-workings of sudo.
-
Enterprise Linux Security Episode 17 – Polkit & LUKS CVE’s
The New Year is just beginning, and we already have a few important CVE’s to discuss, this time around Polkit and LUKS. The CVE numbers for these vulnerabilities are CVE-2021-4034 and CVE-2021-4122 respectively. In this episode, Jay and Joao discuss these vulnerabilities.
Relevant links
-
Enterprise Linux Security Episode 16 – Library Poisoning
We’ve discussed supply-chain attacks in the past, and now it’s time to see an actual example that happened recently. However, this particular incident is especially unique as the libraries in question were allegedly poisoned by the actual developer. In this episode, Joao and Jay discuss the recent sabotage regarding two very popular NPM libraries.
-
The Homelab Show – Episode 42: Security Onion
In the 42nd episode of The Homelab Show (where does the time go?!) Jay and Tom Discuss Security Onion. It’s definitely a very appealing solution for enhancing your security.
-
Enterprise Linux Security Episode 15 – High Availability
It’s frustrating when critical infrastructure encounters an issue that results in a disruption of service. High Availability is a concept that aims to help alleviate (or hopefully eliminate) such downtime, and is a very attractive goal for system administrators. In this episode, Jay and Joao discuss high availability, as well as its pros and cons.
Related articles
-
Getting Started with OpenSSH Key Management
In various tutorials throughout the history of LearnLinuxTV, we’ve gone over the importance of using public keys with OpenSSH. But what do you do when you have multiple clients you work with, how do you manage keys between them? In this video, we’ll go through an example scenario where we have three clients, and we need to maintain multiple SSH keys for each.
-
Resetting OpenSSH Host Keys (the easy method)
When creating a deployment image or template for distributing Linux to devices or servers, it’s a good idea to make sure that you reset the host keys for SSH. In this video, I’ll show you an easy method I found for automating this.
You can find the systemd unit file I used in the video here.
(more…) -
The Log4Shell Vulnerability, and CrowdSec’s Community Response
TheLog4Shell vulnerability is taking the Internet by storm, and it’s already being used for real-world attacks. In this video, Jay discusses the details around Log4Shell vulnerability in Log4j, and also CrowdSec’s community-based response to the situation.
Relevant links:
-
Boosting your Linux Server Security with CrowdSec
CrowdSec is a cutting-edge security solution for your Linux servers. As an intrusion prevention system, its goal is to stop unauthorized access and prevent attacks. But unlike other IPS solutions, it does it a different way – by using knowledge as power. CrowdSec was covered on this channel before, but in this video, you’ll see an updated look complete with an overview of how to set up protection for WordPress as well.
-
Enterprise Linux Security Episode 6 – Image Defaults
Although there’s no such thing as a “perfect” deployment image, including some sane defaults into your images and templates can save you a lot of work down the road, and also give you the opportunity to include more secure defaults. In this episode, we’ll discuss deployment image defaults as well as some recent news.
-
Enterprise Linux Security Episode 05 – The “Attacker” Mindset
We’ve talked about Enterprise Linux Security from the worldview of the system administrator, but what’s it like on the other side? In this episode, Jay and Joao are joined by Atalay Kelestemur, an Ethical Hacker, as we discuss the mindset of the attacker.
-
Enterprise Linux Security Episode 3 – Linux Distro Migrations
Migrating your servers from one Linux distribution to another can be a daunting task, even moreso if it’s a migration you’re doing because of unforeseen events or changes within the ecosystem. In this video, Jay and Joao discuss the challenges when it comes to migrating Linux distributions, and the effect this has on security.
