Posts

OPENSSH - List supported Ciphers and Algorithms

We need this list because sometimes our Vulnerabiliy Scanning software
points out that some old ciphers are WEAK.

From the man pages of SSH:

 -Q cipher | cipher-auth | mac | kex | key
             Queries ssh for the algorithms supported for the specified version 2.  The available features are: cipher (supported sym‐
             metric ciphers), cipher-auth (supported symmetric ciphers that support authenticated encryption), mac (supported message
             integrity codes), kex (key exchange algorithms), key (key types).



Supported cipher suites

[vicky@vicky-centos-7 ~]$  ssh -Q cipher
3des-cbc
blowfish-cbc
cast128-cbc
arcfour
arcfour128
arcfour256
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com


Supported message integrity codes

[vicky@vicky-centos-7 ~]$ ssh -Q mac
hmac-sha1
hmac-sha1-96
hmac-sha2-256
hmac-sha2-512
hmac-md5
hmac-md5-96
hmac-ripemd160
hmac-ripemd160@openssh.com
umac-64@openss…

Security as a Service (SECaaS)

What is Security as a Service (SECaaS)? Security as a Service (SECaaS) can most easily be described as a cloud delivered model for outsourcing cybersecurity services. Much like Software as a Service, SECaaS provides security services on a subscription basis hosted by cloud providers. Security as a Service solutions have become increasingly popular for corporate infrastructures as a way to ease the in-house security team’s responsibilities, scale security needs as the business grows, and avoid the costs and maintenance of on-premise alternatives. Benefits of Security as a Service Cost Savings One of the biggest benefits of a Security as a Service model is that it saves a business money. A cloud delivered service is often available in subscription tiers with several upgrade options so a business only pays for what they need, when they need. It also eliminates the need for expertise. The Latest Security Tools and Updates When you implement SECaaS, you get to work with the latest securit…

WTF is The Blockchain?

The ultimate 3500-word guide in plain English to understand Blockchain. Author : Mohit Mamoria
SOURCE : https://hackernoon.com/wtf-is-the-blockchain-1da89ba19348

MySQL FLUSH Commands

Flush privileges mysql> FLUSH PRIVILEGES; when we grant some privileges for a user, running the command flush privileges will reloads the grant tables in the mysql database enabling the changes to take effect without reloading or restarting mysql service. Flush TABLES mysql> FLUSH TABLES; The command closes all tables which are currently open or in use. And clears cache which intern make better utilization on available memory. Flush HOSTS mysql> FLUSH HOSTS; The command uses host cache tables, if maximum number of connections has been reached for a particular host, mysql server will not able to make new connections. flushing host tables resets the process and again allows the connections for particular HOST. Flush LOGS mysql> FLUSH LOGS; The command closes and reopens all log files, if log files are to big and taking more time to load then you can run the command which will create an empty log file.
REFERENCE / SOURCE : https://www.interserver.net/tips/kb/mysql-flush-commands…

SIEM: A rose by any other name

What is a CASB (Cloud Access Security Broker)?

Cloud access security brokers (CASB) are on-premises or cloud-hosted software that sit between cloud service consumers and cloud service providers to enforce security, compliance, and governance policies for cloud applications. CASBs help organizations extend the security controls of their on-premises infrastructure to the cloud.

Reference: https://www.skyhighnetworks.com/cloud-security-university/what-is-cloud-access-security-broker/

Amazon CloudFront and HTTP/2

HTTP/2 is a major revision of the HTTP protocol. This new version has several features that make page loading and rendering faster.
·Multiplexing allows multiple requests and response messages between the client and Amazon CloudFront to be in flight at the same time over a single connection, instead of multiple connections, which improves page load times. ·Header compression reduces the overhead bytes downloaded by the client, helping get the content to the viewer sooner. This is especially useful for mobile clients that are already constrained on bandwidth. ·Stream priority, allows for quicker page rendering by enabling the client to control the order in which web assets are delivered, thereby optimizing user experience.
HTTP/2 is enabled by default for all new Amazon CloudFront distributions, and for existing distributions HTTP/2 can be enabled by editing the distribution configuration. There is no additional charge for using this feature, and clients that do not support HTTP/2 will s…