Using Vuls Vulnerability Scanner For Linux

Vuls is a vulnerability scanner for Linux, agentless and written in golang.

Vuls downloads NVD(National Vulnerability Database) and inserts into a sqlite database. Vuls has built in CVE dictionary for this sqlite file.

Second step you should prepare ssh key based authorization between server and scan target. Because vuls is an insider scanner. Logic behind the vuls system is searching for unattended upgrades thus getting unsecure packages by this way.

Imho this could be problematic at some distros. Likewise debian team likes to patch some vulnerabilities in prior versions of packages. I think there could be many false positives.

Download

Libgcrypt 1.7.0 released

Libgcrypt is a general purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers, hash algorithms, MACs, public key algorithms, large integer functions, random numbers and a lot of supporting functions.

Version 1.7. has new algorithms and modes listed below:

– SHA3-224, SHA3-256, SHA3-384, SHA3-512, and MD2 hash algorithms.

– SHAKE128 and SHAKE256 extendable-output hash algorithms.

– ChaCha20 stream cipher.

– Poly1305 message authentication algorithm

– ChaCha20-Poly1305 Authenticated Encryption with Associated Data
mode.

– OCB mode.

– HMAC-MD2 for use by legacy applications.

* New curves for ECC:

– Curve25519.

– sec256k1.

– GOST R 34.10-2001 and GOST R 34.10-2012.

link

Debian Jessie compiling PHP with OCI8 & PDO OCI

First we need to grab instant client from oracle..
Basic and Devel RPM packages is enough.

Before we install PHP we need to install prerequisites.

sudo apt-get install gcc libbz2-dev libpng12-dev libc-client2007e-dev libmcrypt-dev libxml2-dev libcurl4-openssl-dev libxslt1-dev libaio1 apache2-dev alien

Turn rpm packages to debian packages with alien.

sudo alien -d oracle-instantclient12.1-basic-12.1.0.2.0-1.x86_64.rpm
sudo alien -d oracle-instantclient12.1-devel-12.1.0.2.0-1.x86_64.rpm

Install instant client packages we freshly converted.

sudo dpkg -i oracle-instantclient12.1-basic_12.1.0.2.0-2_amd64.deb
sudo dpkg -i oracle-instantclient12.1-devel_12.1.0.2.0-2_amd64.deb

Download latest php source from php.net; for example;

wget http://php.net/distributions/php-5.6.19.tar.bz2

tar -jxvf php-5.6.19.tar.bz2

cd php-5.6.19

export paths to system;

export PATH=/usr/lib/oracle/12.1/client64/bin:$PATH
export ORACLE_HOME=/usr/lib/oracle/12.1/client64/
export C_INCLUDE_PATH=/usr/include/oracle/12.1/client64/

now we configure to generate make files;

./configure --with-pdo-oci --with-oci8 --with-pdo-oci --with-apxs2=/usr/bin/apxs2 --with-kerberos --with-mysql --with-pdo-mysql --with-bz2 --with-curl --with-gd --with-imap --with-imap-ssl --enable-mbstring --with-mcrypt --with-openssl --enable-zip --with-zlib --disable-phar

(if you need phar, delete last option).

make & install

make
sudo make install

DROWN or not to DROWN

DROWN logo
DROWN stands for Decrypting RSA with Obsolete and Weakened eNcryption. DROWN is another downgrade attack over SSL hence this time over SSLv2.
SSL has a good history with downgrade attacks likewise Lucky13, Crime, BEAST, Poodle. Currently %33 of internet servers uses SSLv2. With DROWN an attacker can decrypt connection with server which has SSLv2 enabled.

Papers and Vulnerability Testing Here

Microsoft Encryption Library for Healthcare Databases released.

Microsoft Encryption Library for Health Databases released.

“SEAL” (Simple Encrypted Arithmetic Library) is a homomorphic encryption algorithm and allows querying medical data without decryption.

The code contains a few basic examples, and more detailed documentation will be available soon.

Download

 

Encrypted Database provider zeroDB goes open source

ZeroDB is an end-to-end encrypted database. Data can be stored on untrusted database servers without ever exposing the encryption key. Clients can execute remote queries against the encrypted data without downloading all of it or suffering an excessive performance hit.

 

ZeroDB sources published at github.

ZeroDB-server sources

information about zerodb technology

 

Microsoft producing new encryption algorithm for healthcare data

Microsoft is working on a new encryption algorithm for healthcare sector.  Algortihm which called “SEAL” is a homomorphic encryption algorithm and allows querying medical data without decryption.

 

Release address (not yet published)

Research Article (pdf)

sslip.io, free wildcard SSL certificate for everyone

while we are waiting for free and open Certificate Authority “Lets Encrypt”, we got a new option.

sslip.io gives a subdomain based upon your ip and you just need to set up SSL key which released at GitHub to your server.

Finally you will have a ip based SSL subdomain address e.g.  https://52-0-56-137.sslip.io/

Detail of SSLip.