Thursday, January 18, 2018

HOWTO : Install MicroCode in Ubuntu Linux

Linux can update microcode to fix Meltdown and Spectre vulnerabilities instead of BIOS update. Ubuntu can fix the vulnerabilities with just one command.

sudo apt update
sudo apt dist-upgrade


For Intel CPU :

sudo apt install intel-microcode

For AMD CPU :

sudo apt install amd64-microcode

After that, reboot your Ubuntu box.

That's all! See you.


Update on JAN 24, 2018

Since Linux creator Linus Torvalds disagrees to install Intel's patches for Spectre, the Intel microcode is patched back to the previous version. You are not required to uninstall it. You just update and it will patch it back to the previous version. Please see The Hacker News for details.

sudo apt update
sudo apt dist-upgrade



Monday, January 08, 2018

New Year New You 2018!

This year, I am interested in Machine Learning Python Programming. The useful Python 3.x environment is to install Anaconda. Download the shell script and it will install all the related Python 3.x and Python Libraries for you. Your Linux may have 2 copies and 2 versions of Python and their libraries. You can uninstall Anaconda when you do not need it. This tool is very easy to use. You can also use Jupyter Notebook for the development.

Since I am not good at maths, I am going to find a more easier way to learn Machine Learning. The following is the list that I found from the internet which I can understand about Machine Learning programming and concept.

I just modified faizann24's Python script and the demo is below :




I write the script from the scratch. The demo is here :



The following demo is version 0.3 of the Machine Learning Driven Web Application Firewall :



The following demo is version 0.5 of the Machine Learning Driven Web Application Firewall. It is running much faster than previous versions :



Reference

[1] Josh Gordon's Machine Learning Recipes Video
[2] Machine Learning for Complete Beginners
[3] Machine Learning for Security Informatics
[4] Machine Learning is Fun
[5] FWAF Machine Learning Driven Web Application Firewall
[6] FWAF Machine Learning Driven Web Application Firewall (GitHub)
[7] Machine Learning Tutorial Video
[8] How To Build a Machine Learning Classifier in Python with Scikit-learn

That's all! See you.


Friday, January 05, 2018

New year New Hack 2018!

On Jan 4, 2018, GoldJoy Holidays reports that their server has been hacked. It is the second local travel agency company has been hacked in this month so far. The first one is Big Line Holiday which is hacked on Jan 3, 2018.

Big Line Holiday is hosting on their own server which is running Microsoft IIS 8.5 and PHP 5.5.30 with no SSL certificate. On the other hand, Goldjoy Holidays is hosting on web hosting company (the name is unknown to me) which is running Debian Linux, Apache 2.4.10 and PHP 5.6.31. It is believed that Big Line Holiday is running a custom web application while GoldJoy Holidays is running Joomla! Meanwhile, both of them are without security headers.

Today, Jan 5, 2018, GoldJoy Holidays announces that they applied layers of firewall to their website. I curious to know what kind of firewall they applied.

After a quick check, GoldJoy Holidays is now running behind Cloudflare and believed that it is either a free plan or Pro plan. The Cloudflare WAF (Web Application Firewall) may be set to high sensitive and SSL certificate is set. However, the SSL certificate provided by Cloudflare is a share certificate and the IT staff of GoldJoy Holidays misconfigures it. Since the site has no appropriated security headers, it may be affected by MITM (Man-In-The-Middle) attack.

The website of GoldJoy Holidays has several XSS (Cross Site Scripting) vulnerability and several suspected SQLi (SQL Injection) vulnerability. In addition, the website has some other minor problems related to security too. It is believed that the web application is Joomla! 1.5.x.

In my opinion, Cloudflare is not a good solution when your vulnerabilites at your website are not fixed. It will mislead the IT staff or users that your site is secure. Cloudflare WAF can be bypassed. I hope that it is a workaround solution, otherwise, it is still danger.

Reference

[1] Yahoo News
[2] South China Morning Post News
[3] TVB News

That's all! See you.