security – Page 5

How to Set Up KernelCare Enterprise for Reboot-Free Live Patching

Live patching enables Linux server administrators to benefit from critical security fixes right now, with the flexibility of rebooting later. There are multiple services that facilitate live patching, and in this video Jay goes over how to set up KernelCare Enterprise for this very purpose. This tutorial will go over what KCE is, how to install it, check for patches, and more!

Thanks to TuxCare for sponsoring today’s video.

Check out KernelCare Enterprise here. You can find a list of patches that KCE has available here.

⇨

Read more: How to Set Up KernelCare Enterprise for Reboot-Free Live Patching
Enterprise Linux Security Episode 53 – Digital Twins
By using clever infrastructure engineering strategies to increase reliability, you can minimize disruption and downtime for your organization. Another technique to consider is the concept of Digital Twin – having a full system clone/mirror you can use to test enhancements, perform a root-cause analysis, or more. In this episode, Jay and Joao discuss Digital Twins and how the concept can potentially help your organization.

Download Links
- MP3 version
- MP3 version (smaller file, lower bitrate)
- Ogg version
Relevant Articles
- Digital Twin (Wikipedia article)
- More malicious packages posted to online repository. This time it’s PyPI
⇨

Read more: Enterprise Linux Security Episode 53 – Digital Twins
Enterprise Linux Security Episode 51 – Samba in the Kernel, What Could Possibly Go Wrong?!
Adding unnecessary components to the Kernel is generally a bad idea, as it increases its threat surface. In this episode, Jay and Joao discuss a recent story that’s a perfect example of why it’s important to keep this under control. A vulnerability was recently discovered in the Linux kernel that scored the highest possible rating, and it all started when ksmbd was added.

Download Links
- MP3 version
- MP3 version (smaller file, lower bitrate)
- Ogg version
Relevant Articles
⇨

Read more: Enterprise Linux Security Episode 51 – Samba in the Kernel, What Could Possibly Go Wrong?!
5 Must Have Tweaks to Secure OpenSSH

OpenSSH is a fantastic tool for remotely managing Linux servers, but with great power comes great responsibility! If a threat actor is able to gain access to OpenSSH on your Linux server, then they have full access to cause all kinds of mischief. In this video, Jay goes over 5 must-have tweaks to strengthen the security of OpenSSH on your server.

Thanks to Linode for sponsoring this video. Support LearnLinuxTV and spin up your very own Linux server by checking out their awesome cloud platform.

⇨

Read more: 5 Must Have Tweaks to Secure OpenSSH
Enterprise Linux Security Episode 46 – Monitoring
If you’re in charge of maintaining servers and related equipment, what should you monitor? While monitoring is something that will grow and expand over time, Jay and Joao will give you some tips in this episode to get you started. Check out this episode for some tips on some of the baseline checks you should implement with your monitoring solution of choice.

Download Links
⇨

Read more: Enterprise Linux Security Episode 46 – Monitoring
Enterprise Linux Security Episode 43 – Grand Theft Data
In this episode, Jay and Joao discuss a handful of cybersecurity events in the news. While none of these stories are super exciting from a technical standpoint, there’s definitely some lessons to be learned. As part of this discussion, Jay and Joao will talk about topics related to the recent Grand Theft Auto leak, as breaches that targeted Uber, 2k games, and more.

Relevant Links
Download Links
⇨

Read more: Enterprise Linux Security Episode 43 – Grand Theft Data
Enterprise Linux Security Episode 42 – Do NOT Fire Your Security Team!
Recent news of Patreon firing their security team is making the rounds online, and in this episode, Jay and Joao will talk about this very strange story and some takeaways from it.

Relevant Links
Download Links
⇨

Read more: Enterprise Linux Security Episode 42 – Do NOT Fire Your Security Team!
Enterprise Linux Security Episode 40 – Continuous Integration / Continuous Delivery
Continuous Integration/Continuous Delivery is huge concept when it comes to application deployment nowadays, and with good reason. Automating the compilation, testing, and other aspects of the development process increases efficiency and reliability. Security is another layer of a good CI/CD system, and in this episode, Jay and Joao discuss CI/CD and the security aspects of the popular deployment style.

Relevant links
- Unpacking Cloud-Based Cryptocurrency Miners That Abuse GitHub Actions and Azure Virtual Machines
Download Links
⇨

Read more: Enterprise Linux Security Episode 40 – Continuous Integration / Continuous Delivery
CrowdSec Console First Look – A Free and Awesome Security Dashboard for Linux Servers

CrowdSec is an Intrusion Prevention System that does things a bit differently than other IPS solutions. It’s collaborative, and open-source. CrowdSec has been featured on LearnLinuxTV a few times in the past, but in this video we’ll explore the CrowdSec Console, which allows you to monitor the security events of your Linux servers from an impressive web dashboard. In this video, we’ll get an overview and see it in action!

Note: This is not a review, but an overview of a security solution that Learn Linux TV is actually using in real-life.

⇨

Read more: CrowdSec Console First Look – A Free and Awesome Security Dashboard for Linux Servers
Enterprise Linux Security Episode 35 – Top 25 Dangerous Software Weaknesses
In this episode, Jay and Joao discuss a recent report that identifies the “Top 25 most dangerous software weaknesses.” This list includes the usual suspects, as well as some very interesting findings as well. In addition, the descriptions of the common weaknesses serves as a good jumping in point if you’re new to this podcast.

Download Links
Relevant Articles
- 2022 CWE Top 25 Most Dangerous Software Weaknesses
⇨

Read more: Enterprise Linux Security Episode 35 – Top 25 Dangerous Software Weaknesses
Enterprise Linux Security Episode 32 – MySQL for Everyone!
Are you a fan of MySQL? What if we told you that there’s an infinite supply of it online, right out in the open?! It’s literally as bad as it sounds! In this episode, Jay and Joao discuss how over 3.6 million MySQL instances are publicly available, as well as other forms of unintended public access.

Download Links
Relevant Articles
- Over 3.6 million MySQL servers found exposed on the Internet
⇨

Read more: Enterprise Linux Security Episode 32 – MySQL for Everyone!
Enterprise Linux Security Episode 31 – How NOT to Research Security
A “researcher” with a screen name of “Sockpuppets” decides to demonstrate how insecure some specific online resources are, in the worst way possible. You can’t make this stuff up! In this episode, Jay and Joao discuss what this individual wanted to accomplish (and what happened instead).

Download Links
Relevant Articles
- How I hacked CTX and PHPass Modules
⇨

Read more: Enterprise Linux Security Episode 31 – How NOT to Research Security