I want to periodically check if ASCII password/config files on Unix have 400 or 600 access. Folders and files are owned by designated group and user. Folders and Files do not have world write access.
Are there any tools/scripts available for this kind of auditing that I can use on Solaris? (7 Replies)
I read somewhere that you should make sure Apache is configured to not allow symbolic links to be followed outside the webroot, as this can compromise security.
I can imagine how this could lead to a security risk:
eg:
Is my assumption correct? -- Is it nothing more than: "its just... (0 Replies)
Hi,
I am doing a services audit on one of our servers at work and I notice that I sometimes have a service with two slightly different prefixes. For example,
S94httpd
K15httpd
Can one of them be safely deleted? (2 Replies)
DERDUMP(1) NSS Security Tools DERDUMP(1)NAME
derdump_ - Dumps C-sequence strings from a DER encoded certificate file
SYNOPSIS
derdump [-r] [-i input-file] [-o output-file]
STATUS
This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477[1]
DESCRIPTION
derdump dumps C-sequence strings from a DER encode certificate file
OPTIONS -r
For formatted items, dump raw bytes as well
-i DER encoded file
Define an input file to use (default is stdin)
-o output file
Define an output file to use (default is stdout).
ADDITIONAL RESOURCES
NSS is maintained in conjunction with PKI and security-related projects through Mozilla dn Fedora. The most closely-related project is
Dogtag PKI, with a project wiki at PKI Wiki[2].
For information specifically about NSS, the NSS project wiki is located at Mozilla NSS site[3]. The NSS site relates directly to NSS code
changes and releases.
Mailing lists: pki-devel@redhat.com and pki-users@redhat.com
IRC: Freenode at #dogtag-pki
AUTHORS
The NSS tools were written and maintained by developers with Netscape and now with Red Hat.
Authors: Gerhardus Geldenhuis <gerhardus.geldenhuis@gmail.com>. Elio Maldonado <emaldona@redhat.com>, Deon Lackey <dlackey@redhat.com>
LICENSE
Licensed under the Mozilla Public License, version 1.1, and/or the GNU General Public License, version 2 or later, and/or the GNU Lesser
General Public License, version 2.1 or later.
NOTES
1. Mozilla NSS bug 836477
https://bugzilla.mozilla.org/show_bug.cgi?id=836477
2. PKI Wiki
http://pki.fedoraproject.org/wiki/
3. Mozilla NSS site
http://www.mozilla.org/projects/security/pki/nss/
nss-tools 15 February 2013 DERDUMP(1)