No Image

Adobe Flash Player 신규 취약점 보안 업데이트 권고

2015-12-30 KENNETH 0

Adobe Flash Player 신규 취약점 보안 업데이트 권고 출처 : http://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=23863 □ 개요 o Adobe社는 Flash Player에서 발생하는 취약점을 해결한 보안 업데이트를 발표[1] o 낮은 버전 사용자는 악성코드 감염에 취약할 수 있으므로 해결방안에 따라 최신버전으로 업데이트 권고 □ 설명 o Adobe Flash Player의 취약점에 대한 보안 업데이트를 발표[1] · 임의코드 실행으로 이어질 수 있는 타입 혼란 취약점(CVE-2015-8644) · 임의코드 실행으로 이어질 수 있는 정수 버퍼 오버플로우 취약점 (CVE-2015-8651) · 임의코드 실행으로 이어질 수 있는 use-after-free 취약점(CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650) · 임의코드 실행으로 이어질 수 있는 메모리 손상 취약점 (CVE-2015-8459, CVE-2015-8460, CVE-2015-8636, CVE-2015-8645) □ 영향 받는 소프트웨어 o Adobe Flash Player 소프트웨어 명 동작환경 영향 받는 버전 Adobe Flash Player Desktop Runtime 윈도우즈, 맥 20.0.0.235 및 이전버전 Adobe Flash Player Extended Support Release 윈도우즈, 맥 18.0.0.268 및 이전버전 Adobe Flash Player for Google [ more… ]

No Image

RHSA-2015:2697-1: Critical: flash-plugin security update

2015-12-29 KENNETH 0

Red Hat Enterprise Linux: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651 Source: rhn-errata

No Image

Secure by Default in MySQL 5.7

2015-12-29 KENNETH 0

MySQL 5.7 comes with enhancements which makes a deployment secure by default. These features try to minimize attack surface as much as possible without hampering usability aspect. They are useful for novice user because they help close common security loopholes which can be leveraged by an attacker.… Source: mysqlserverteam.com

Scaling Web Applications with NGINX – Part II: Caching and Monitoring

2015-12-29 KENNETH 0

The following is adapted from a talk given by Matt Williams at nginx.conf 2015, held in San Francisco in September. This blog post is the second of two parts, and is focused on caching and monitoring; the first part, focused on load balancing, can be found here. You can view the presentation slides or watch the video of the complete talk. Table of Contents – Part I, Load Balancing (previous post) 1:45 Benefits of Load Balancing/Caching 2:58 Load Balancing Methods 7:02 Which Method Should You Choose? 10:58 FYI Load Balancing 15:05 How to Ensure Session Persistence Table of Contents – Part II, Caching and Monitoring (this post) 17:08 Caching 19:33 FYI Caching 21:09 FYI Tuning 23:46 How to Find the Right Configuration 25:17 Why Monitor 26:30 Datadog 27:50 NGINX Monitoring Tools 28:40 Tools to Test With 29:45 Key Metrics 30:29 [ more… ]

No Image

iptables port redirection

2015-12-29 KENNETH 1

iptables 를 이용한 포트 리다이렉션   원하는 내용 OS : linux 기본 smtp 포트는 25번을 사용하되, 587에서의 접근을 허용하고자 함 다만, 메일엔진에서 설정하지 않고 리눅스의 iptables만을 가지고 처리 하고 싶다면…   설정 echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp –dport 587 -j REDIRECT –to-port 25 기존에 작동하는 25번 포트는 변동 사항이 없으며 추가로 587 포트에 대해서 접근을 요청시 25포트로 리다이렉션 해줌   테스트 사용툴 : terminal & telnet # telnet 192.168.0.111 587 Trying 192.168.0.111… Connected to 192.168.0.111. Escape character is ‘^]’. 220 office.ilaya.com ESMTP Sendmail 8.14.7/8.14.7; Tue, 29 Dec 2015 11:39:37 +0900