Skip to main content

Posts

Showing posts with the label Linux

arbtd: Package isn't signed with proper key

  If you are System Admin and worked on linux machine or servers in your current job or in past. Chances are you might come across linux service abrtd, even if you have not worked on it. but might be through some other work. same thing happened to me, while I was doing my regular work of installing php packages on linux  servers , i came across this error for which spent couple of hours actually to resolve it. T he error was 

Sweet32 - Vulnerbility

Recently there was another Vulnerability grab My attention which was related to DES and Tripple DES (3DES) , Any men in the middle can exploit this vulnerability by capturing large amount of encrypted data and thus recover plain text sensitive data. Severity : Medium CVE Number : CVE-2016-2183 For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com Remediation : You need to disable any ciphers starting with DES and 3DES supported by Server by any service present on server for example Apache Nginx etc   Important Point to Remember : 1 :   Normally old browser don't supports DES and 3DES ciphers. It is very important to note that in many cases, a software update (back-ported version provided by Operating System vendor ) won't be enough to resolve this issue. Usually software update doesn't overwrite manually tweaked configuration files, which means, DES/3DES can be still available, even if the software up