Archives For Security

Today, a co-worker alerted me to the ‘drown attack’. DROWN is an acronym for “Decrypting RSA with Obsolete and Weakened eNcryption”. While it’s a spin on an older vulnerability, it also builds upon it. This has been declared CVE-2016-0800.
Continue Reading…


On Feb 16th, Google and Red Hat announced a critical glibc stack-based buffer overflow bug. Here’s how you can patch it on Red Hat (RHEL), CentOS, etc..
Continue Reading…


Back on Jan 19th there was a lot of hoopla about the kernel vulnerability that is CVE-2016-0728. Updating your CentOS 7 kernel won’t be difficult – here are some tips. Continue Reading…


This is something that cPanel has set by default – the ability to see directory listings when visiting a directory with no acceptable ‘index’ page. You really don’t want this enabled as unsavory types can view what else you have in that directory. Follow this simple guide to secure your server a bit more and disable directory listing.
Continue Reading…