search for: security_guid

I?m looking to configure a centos 7 server to lock out anaccount after 3 login failures. I?ve followed this ? https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls ? Section2.1.9.5 Account Locking ? And even rebooted the serverbut it doesn?t lock my test account out. login as: test test at X?s password: Access denied test at X's passw...

On 03/17/2017 02:41 AM, Ian Diddams wrote: > I?ve followed this > > > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls Can you send the /etc/pam.d/system-auth that you used for your test?

...ing FIPS gap analysis for our product, can someone help to have a look my questions? Our product is server running under CentOS 6.x, and according to the upstream (RedHat) document, CentOS can be configured to FIPS mode: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-Federal_Standards_And_Regulations-Federal_Information_Processing_Standard.html And according to the CentOS forum, if we enabled FIPS mode on CentOS, then OpenSSL will also be in FIPS mode https://www.centos.org/forums/viewtopic.php?t=9078 Questions: (1) Is that true for Open...

...that maybe only aes-cbc is using aes-ni [3] and that could mean that after a install aes-ni is not used at all. Does anyone know about this or has experiences? [1] http://en.wikipedia.org/wiki/AES_instruction_set [2] https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-LUKS_Disk_Encryption.html [3] http://forum.centos.org/modules/newbb/viewtopic.php?topic_id=38226&forum=56&post_id=166657#forumpost166657 -- Kind Regards, Markus Falb -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Typ...

Hi All, I was searching around but was not able to find out. We all know that packet traverses through the Net Filter hooks but how to practically realize that. Please guide Regards Clove

Hi All:) I would like to start using a tool for automating of os hardening. I found some informations about Bastille. One things which attracted my attention is that in http://bastille-linux.sourceforge.net/news_updates.htm the last post is from January 29th, 2012 :D Is the tool ready to use at the moment with CentOS 6/7? Are there any alternatives which you can recommend? Thanks for all info

On Mon, February 9, 2015 3:14 pm, PatrickD Garvey wrote: > On Mon, Feb 9, 2015 at 11:12 AM, John R Pierce <pierce at hogranch.com> wrote: >> On 2/9/2015 11:06 AM, Always Learning wrote: >>> The third item was a 16.1 MB PDF of 1,344 pages. A quick scan of the PDF >>> shows every page appears to be readable. 11 pages devoted to BASH. Information on other interesting

Dear Linux Gurus I'm having problems with KVM and networking. My guest cannot use NAT through the host's connection. This is what I've done: I installed a new version of Centos 6.5 on the hardware. Starting with a Net-Install, I selected the Virtual Hosting, and later added "Desktop". I ran "yum update" with some reboots until nothing needed updating. The

2016-06-02 8:48 GMT+02:00 Volker Lendecke <Volker.Lendecke at sernet.de>: > On Wed, Jun 01, 2016 at 07:44:26PM +0000, Seth Goldin wrote: > > I disabled client signing from the client side, via OS X's global > nsmb.conf > > file: https://discussions.apple.com/message/30282470#30282470 > > > > The performance was back to over 600 MB/s, as compared to 60 MB/s

Just trying to follow the instructions here https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html I don't think I am doing anything special. At the point where there is some communication going on Getting this error packet from *****:1024: received Vendor ID payload [Cisco-Unity] Apr 01 17:33:44 carneab4.memset.net pluto[15986]: packet from **...

Hello all: I am looking at the documentation of the new firewalld service in CentOS 7. It looks like no matter what I configure with it, outgoing connections are still going to be allowed. That does not seem very secure. I always set my servers to default policy of DROP for everything incoming and outgoing and then add rules to allow very specific traffic through. Is this possible using the

...address and key in ipsec.secrets. > > -- > Eero > > > 2016-04-01 19:38 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > >> Just trying to follow the instructions here >> >> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html >> >> I don't think I am doing anything special. >> >> At the point where there is some communication going on >> >> Getting this error >> >> packet from *****:1024: received Vendor ID payload [Cisco-Uni...

...oor brain can hold ;-) Are you looking for something simpler or more detailed than the obvious starting point? https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/ or https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/index.html It may be good to read other guides to understand what is specific to RHEL/Centos and what works in general, but there is probably more than you want to know in the official docs. -- Les Mikesell lesmikesell at gmail.com

...gt; Are you looking for something simpler or more detailed than the > obvious starting point? > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/ > or > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/index.html > > It may be good to read other guides to understand what is specific to > RHEL/Centos and what works in general, but there is probably more than > you want to know in the official docs. > > > -- > Les Mikesell > lesmikesell at gmail.com Thank you, Le...

Hi, I would like to know if there is some feed for OVAL checks like in Redhat: https://www.redhat.com/security/data/oval/. Documentation: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Practical_Examples.html#sect-Auditing_Security_Vulnerabilities_Example Other distributions have an oval feed: - Redhat: https://www.redhat.com/security/data/oval/ - Debian: https://www.debian.org/security/oval/ - Ubuntu: https://people.canonical.com/~ubuntu-security/oval/ Thanks...

hello, I'm running apache 2.2.24 and php 5.2.17. The web site that it's service turns into a 403 Forbidden error every 5 minutes literally. I've found that doing a chmod -Rv 775 on the web root restores the site. However this is a band-aid and no real solution. I've combed through all the cron jobs in /var/spool/cron both on this machine and the one it was recently transferred

You must define connection address and key in ipsec.secrets. -- Eero 2016-04-01 19:38 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > Just trying to follow the instructions here > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html > > I don't think I am doing anything special. > > At the point where there is some communication going on > > Getting this error > > packet from *****:1024: received Vendor ID payload [Cisco-Unity] > Apr 01 17:33:44 carneab...

...learning how to work with CentOS I don't have a RedHat support subscription and thus, can't see the solution. As such I'd appreciate anyone with any ideas, or even a nod in the right direction. (I'm using https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html as my reference for commands) If you need any more information then let me know. Thanks, Aled -- Aled Parry aled.skyrail at gmail.com

...- > > Eero > > > > > > 2016-04-01 19:38 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > > > >> Just trying to follow the instructions here > >> > >> > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html > >> > >> I don't think I am doing anything special. > >> > >> At the point where there is some communication going on > >> > >> Getting this error > >> > >> packet from *****:102...

Hi All, Over the last 20 some years I have a file with about 200K worth of address that have "wrongly" tried to connect to my boxes running centos. So the file has one line per address or group of addresses like: 2.244.112.0/24 So using the OLD iptables I would run through my file build the iptables.txt file and start that with DROP for the IP address. iptables ran through the big