Posts

Showing posts from 2019

OPENSSH - List supported Ciphers and Algorithms

We need this list because sometimes our Vulnerabiliy Scanning software
points out that some old ciphers are WEAK.

From the man pages of SSH:

 -Q cipher | cipher-auth | mac | kex | key
             Queries ssh for the algorithms supported for the specified version 2.  The available features are: cipher (supported sym‐
             metric ciphers), cipher-auth (supported symmetric ciphers that support authenticated encryption), mac (supported message
             integrity codes), kex (key exchange algorithms), key (key types).



Supported cipher suites

[vicky@vicky-centos-7 ~]$  ssh -Q cipher
3des-cbc
blowfish-cbc
cast128-cbc
arcfour
arcfour128
arcfour256
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com


Supported message integrity codes

[vicky@vicky-centos-7 ~]$ ssh -Q mac
hmac-sha1
hmac-sha1-96
hmac-sha2-256
hmac-sha2-512
hmac-md5
hmac-md5-96
hmac-ripemd160
hmac-ripemd160@openssh.com
umac-64@openss…

Security as a Service (SECaaS)

What is Security as a Service (SECaaS)? Security as a Service (SECaaS) can most easily be described as a cloud delivered model for outsourcing cybersecurity services. Much like Software as a Service, SECaaS provides security services on a subscription basis hosted by cloud providers. Security as a Service solutions have become increasingly popular for corporate infrastructures as a way to ease the in-house security team’s responsibilities, scale security needs as the business grows, and avoid the costs and maintenance of on-premise alternatives. Benefits of Security as a Service Cost Savings One of the biggest benefits of a Security as a Service model is that it saves a business money. A cloud delivered service is often available in subscription tiers with several upgrade options so a business only pays for what they need, when they need. It also eliminates the need for expertise. The Latest Security Tools and Updates When you implement SECaaS, you get to work with the latest securit…

WTF is The Blockchain?

The ultimate 3500-word guide in plain English to understand Blockchain. Author : Mohit Mamoria
SOURCE : https://hackernoon.com/wtf-is-the-blockchain-1da89ba19348

MySQL FLUSH Commands

Flush privileges mysql> FLUSH PRIVILEGES; when we grant some privileges for a user, running the command flush privileges will reloads the grant tables in the mysql database enabling the changes to take effect without reloading or restarting mysql service. Flush TABLES mysql> FLUSH TABLES; The command closes all tables which are currently open or in use. And clears cache which intern make better utilization on available memory. Flush HOSTS mysql> FLUSH HOSTS; The command uses host cache tables, if maximum number of connections has been reached for a particular host, mysql server will not able to make new connections. flushing host tables resets the process and again allows the connections for particular HOST. Flush LOGS mysql> FLUSH LOGS; The command closes and reopens all log files, if log files are to big and taking more time to load then you can run the command which will create an empty log file.
REFERENCE / SOURCE : https://www.interserver.net/tips/kb/mysql-flush-commands…