Articles in the Uncategorized category

  1. 'Secure Programming: How to Implement User Account Management'

    November 18, 2010

    Most web applications work like this:

    The application uses a single database account to perform all actions. Users are just some records in a table. Account privileges and roles are part of this table, or separate tables.

    This implies that all security must be designed and build by the application developer. I think this is entirely wrong. There is a big risk:

    In such applications, SQL-injection will allow full control of the entire database.

    This is something that is often overlooked. And the solution is simple. The application should not use a general account with full privileges. The application should use the database account of the user accessing the application. All actions performed by this user are thus limited by the privileges of this database account. The impact of SQL-injection would be significantly reduced.

    The public part of a website is still using an application account, but the privileges of this account can be significantly reduced. To obtain elevated privileges, a user must first authenticate against the application and thus the database.

    Please understand another benefit: it is not required to store username/password combinations of privileged accounts on the application server. The configuration file will only contain the credentials of the unprivileged account. An attacker compromising the application server with limited privileges, won't have access to the database with elevated privileges.

    I understand that this solution requires a bit more work to setup at the start, but once implemented, it reduces complexity and improves security so much.

    Of course, the security of your data is as good as the hardening of your database server. But that's another story.

  2. 'Zabbix Security: Client-Server Communication Seems Insecure'

    September 27, 2010

    Zabbix is a populair tool for monitoring servers, services and network equipment. For monitoring hosts, Zabbix provides an agent that can be installed on the hosts that must be monitored.

    Based on the supplied documentation and some remarks on the internets, the 'security' of Zabbix agents seems to rely on an IP-filter. It only accepts traffic from a specific IP-address. However, the protocol that is used between the Zabbix server and agents is unencrypted and does not seem to employ any additional authentication.

    With a man-in-the-middle attack, pretending to be the Zabbix server, you would be able to compromise all servers running Zabbix. If remote commands are enabled on these hosts, the damage that could be done may be something you don't want to think about. Or maybe you do. Although it is true that for such an attack to be possible, as an attacker you need access to a system within the same network (VLAN) as the server, but none the less, it is just not secure.

    Personally I don't think that Zabbix is suitable for high-security environments, due to the lack of encryption of sensitive data and the weak authentication mechanism.

    Zabbix should employ at least SSL as a means for encrypted transport and use a password or shared secret for authentication. Even better would be the use of client-side certificates such as implemented by the system management tool Puppet.

    [update]

    Please note that Nagios agents also seem to work this way, but I have no experience with Nagios so I can't say for sure.

    And Nagios is widely deployed in the enterprise...

    Tagged as : zabbix security
  3. Compiling Handbrake CLI on Debian Lenny

    August 03, 2010

    In this post I will show you how to compile Handbrake for Debian Lenny. Please note that although the Handbrake GUI version does compile on Lenny, it crashes with a segmentation fault like this:

    Gtk: gtk_widget_size_allocate(): attempt to allocate widget with width -5 and height 17

    (ghb:1053): GStreamer-CRITICAL **: gst_element_set_state: assertion `GST_IS_ELEMENT (element)' failed

    (ghb:1053): GStreamer-CRITICAL **: gst_element_set_state: assertion `GST_IS_ELEMENT (element)' failed

    (ghb:1053): GLib-GObject-CRITICAL **: g_object_get: assertion `G_IS_OBJECT (object)' failed

    Segmentation fault

    So this post only describes how to compile the command-line version of Handbrake: HandBrakeCLI.

    • Issue the following apt-get commando to install all required libraries and software:

    apt-get install subversion yasm build-essential autoconf libtool zlib1g-dev libbz2-dev intltool libglib2.0-dev libpthread-stubs0-dev

    1. Download the source code at http://sourceforge.net/projects/handbrake/files/

    2. Extract the source code and cd into the new handbrake directory.

    3. Compile handbrake like this:

    ./configure --disable-gtk --launch --force --launch-jobs=2

    The --launch-jobs parameter determines how many parallel threads are used for compiling Handbrake, based on the number of CPU cores of your system. If you have a quad-core CPU you should set this value to 4.

    The resulting binary is called HandBrakeCLI and can be found in the ./build directory. Issue a 'make install' to install this binary onto your system.

    Tagged as : Uncategorized

Page 2 / 18