Linux

Determine rkhunter false positive on Redhat

rkhunter has given several warnings (“One or more warnings have been found while checking the system.”) lately and this has forced me to check the installations repeatedly only to determine the fact that it was a false positive. On Redhat systems and their derivatives (Fedora, CentOS…) a easy check can be performed to determine if […]

Read More
Linux

mysql_secure_installation — Improve MySQL Installation Security

This program enables you to improve the security of your MySQL installation in the following ways: You can set a password for root accounts. You can remove root accounts that are accessible from outside the local host. You can remove anonymous-user accounts. You can remove the test database, which by default can be accessed by […]

Read More
Linux

chkrootkit: false positive on port 465

On my Debian Etch server I’ve got Zimbra Open Source Edition mail solution installed and when I use chkrootkit to scan for rootkits it reports the following Checking `bindshell’… INFECTED (PORTS: 465) After a quick research I realized that this port 465 is SMTP over SSL on a Zimbra installation. Further investigation reveals that port […]

Read More
Security

Allow NFS through iptables on a RedHat system

This post describes how you can configure your RedHat Enterprise WS 4 NFS system behind a iptables firewall to be available for clients outside the firewall on a permanent basis. Symptom NFS relies on portmap to assign the ports on which it will listen. One side effect of this is that the ports are randomly […]

Read More
Network

Allow NFS through iptables

This is one way to determine the ports needed to open in your iptables rules to get NFS to work properly. First we need to determine the ports NFS uses rpcinfo -p | awk -F ” ” ‘{print $3 “, ” $4 “, ” $5}’ | sort | uniq Notice! Since portmap assigns ports on […]

Read More