In order to further secure access to my workstation, after the switch to Gentoo sources, I now enabled two-factor authentication through my Yubico U2F USB device. Well, at least for local access - remote access through SSH requires both userid/password as well as the correct SSH key, by chaining authentication methods in OpenSSH.
Enabling U2F on (Gentoo) Linux is fairly easy. The various guides online which talk
pam_u2f setup are indeed correct that it is fairly simple. For completeness
sake, I've documented what I know on the Gentoo Wiki, as the pam_u2f article.
Be it because of SELinux experiments, or through general audit experiments, sometimes you'll get in touch with a message similar to the following:
audit: audit_backlog=321 > audit_backlog_limit=320 audit: audit_lost=44395 audit_rate_limit=0 audit_backlog_limit=320 audit: backlog limit exceeded
The message shows up when certain audit events could not be …
On today's GSE Linux / GSE Security meeting (in cooperation with IMUG) I gave a small (30 minutes) presentation about what SELinux is. The slides are online and cover two aspects of SELinux: some of its design principles, and then a set of features provided by SELinux. The talk is directed …
When we look at the SCAP security standards, you might get the feeling of "How does this work". The underlying interfaces, like OVAL and XCCDF, might seem a bit daunting to implement.
This is correct, but you need to remember that the standards are protocols, agreements that can be made …
metadata.xml file syntax definition (the DTD for those
that know a bit of XML) has been updated to support CPE definitions. A
CPE (Common Platform Enumeration) is an
application, operating system or hardware device using its vendor,
product name, version, update, edition and …
Lately, DDoS attacks have been in the news more than I was hoping for. It seems that the botnets or other methods that are used to generate high-volume traffic to a legitimate service are becoming more and more easy to get and direct. At the time that I'm writing this …
If you follow the news a bit, you know that PostgreSQL has had a significant security vulnerability. The PostgreSQL team announced it up front and communicated how they would deal with the vulnerability (which basically comes down to saying that it is severe, that the public repositories will be temporarily …