⇨
see all
The New Year is just beginning, and we already have a few important CVE’s to discuss, this time around Polkit and LUKS. The CVE numbers for these vulnerabilities are CVE-2021-4034 and CVE-2021-4122 respectively. In this episode, Jay and Joao discuss these vulnerabilities.
We’ve discussed supply-chain attacks in the past, and now it’s time to see an actual example that happened recently. However, this particular incident is especially unique as the libraries in question were allegedly poisoned by the actual developer. In this episode, Joao and Jay discuss the recent sabotage regarding two very popular NPM libraries.
In the 42nd episode of The Homelab Show (where does the time go?!) Jay and Tom Discuss Security Onion. It’s definitely a very appealing solution for enhancing your security.
It’s frustrating when critical infrastructure encounters an issue that results in a disruption of service. High Availability is a concept that aims to help alleviate (or hopefully eliminate) such downtime, and is a very attractive goal for system administrators. In this episode, Jay and Joao discuss high availability, as well as its pros and cons.
In various tutorials throughout the history of LearnLinuxTV, we’ve gone over the importance of using public keys with OpenSSH. But what do you do when you have multiple clients you work with, how do you manage keys between them? In this video, we’ll go through an example scenario where we have three clients, and we need to maintain multiple SSH keys for each.
When creating a deployment image or template for distributing Linux to devices or servers, it’s a good idea to make sure that you reset the host keys for SSH. In this video, I’ll show you an easy method I found for automating this.
You can find the systemd unit file I used in the video here.
(more…)TheLog4Shell vulnerability is taking the Internet by storm, and it’s already being used for real-world attacks. In this video, Jay discusses the details around Log4Shell vulnerability in Log4j, and also CrowdSec’s community-based response to the situation.
CrowdSec is a cutting-edge security solution for your Linux servers. As an intrusion prevention system, its goal is to stop unauthorized access and prevent attacks. But unlike other IPS solutions, it does it a different way – by using knowledge as power. CrowdSec was covered on this channel before, but in this video, you’ll see an updated look complete with an overview of how to set up protection for WordPress as well.
Although there’s no such thing as a “perfect” deployment image, including some sane defaults into your images and templates can save you a lot of work down the road, and also give you the opportunity to include more secure defaults. In this episode, we’ll discuss deployment image defaults as well as some recent news.
We’ve talked about Enterprise Linux Security from the worldview of the system administrator, but what’s it like on the other side? In this episode, Jay and Joao are joined by Atalay Kelestemur, an Ethical Hacker, as we discuss the mindset of the attacker.
