Securing DNS

DNS is a very important part in any Network. Main objective of securing DNS includes secure exchange of data between DNS servers. Securing DNS queries, Zone transferes and DNS updates can be included in securing DNS. Here, we have mentioned two methods to secure DNS. ie, Securing dns through chroot and by editing named.conf. Please make sure that you have taken the backup of named.conf

1. Securing dns through chroot :-
Chroot function is a powerfull mechanism to secure the system. Chroot command uses a chroot() system call.

Continue reading…

mod_security installation on a plesk server

Check for the current version of apache installed on the server and make sure that the apache development tools have been installed on the server (i.e. httpd-devel package) using the command
rpm -qa | grep httpd-devel

In case the apache development tools are not installed on the server, install the package via yum

yum install httpd-devel

The devel package is necessary for addition of extra modules to apache ( since apxs [apache extension tool] comes with httpd-devel. Before installation of mod_security, ensure that the c (apache module) is installed on the server as well. The command httpd -t -D DUMP_MODULES will provide a list of all loaded apache modules.

Use

httpd -t -D DUMP_MODULES | grep httpd -t -D DUMP_MODULES to check for the unique_id_module

If the unique_id_module is not installed, download the apache source package from http://httpd.apache.org/download.cgi (preferably the source file of current version of apache installed on the server) and use the command as below to add unique_id_module to apache

apxs -iac httpd-2.2.22/modules/metadata/mod_unique_id.c ( I installed unique_id_module for apache 2.2.22, in general the command can be modified as
apxs -iac /path/to/extracted/apache/source/modules/metadata/mod_unique_id.c )

Now download the latest version of mod_security from http://www.modsecurity.org/download/ and extract the contents of the archive.
Enter the directory with the extracted contents and run the command

./configure –with-apxs=/path/to/apxs

Use the command which apxs to check for the path of the apxs binary

Now run make and make install to build and install the module. After installation, add

LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua5.1.so
LoadModule security2_module modules/mod_security2.so

to the apache configuration file ( httpd.conf usually present in /etc/httpd/conf/httpd.conf ) and restart apache.

Note:: Install lua package via yum if liblua5.1.so is not present in /usr/lib/ , also apache should be compiled with proxy proxy_http proxy_ftp proxy_connect (for enabling mod_proxy) for mod_security to work properly.

After installation mod_security can be suitably configured.

Setting up MySQL remote Server

Remote server configuration

1. Edit the /etc/my.cnf file in the remote server and add the following line somewhere under [mysqld] in the my.cnf file
bind-address=<IP address of the remote server>
2. Restart mysql on the server

Granting privileges for database::

In order to access a database ‘abc’ on the remote server from another machine, we need to add sufficient privileges for a user in the machine from which the connection is made. i.e. from the mysql prompt ( use mysql command or mysql -u root -p to enter the prompt).

mysql> grant all privileges on abc.* to username@IP address of the machine from which the connection is to be made identified by <password>

Example::

Let us consider two machines with the following data
Remote server IP:: xxx.xxx.x.1
Ip of local machine from which connections to remote database in xxx.xxx.x.1 are made:: xxx.xxx.x.100

Edit the my.cnf file in the remote server and add the following

bind-address = xxx.xxx.x.1
anywhere under [mysqld]

Inorder to grant permissions for the user ‘bl’ from xxx.xxx.x.100 to connect to the database ‘ab’ in xxx.xxx.x.1 , enter the mysql prompt and type in the command

mysql>grant all privileges for ab.* to bl@ xxx.xxx.x.100 identified by pass; (# where pass is the password)
mysql>flush privileges;
mysql>exit

Checking for mysql connectivity from xxx.xxx.x.100 to xxx.xxx.x.1

Enter the command below in the machine xxx.xxx.x.100 and type in the password pass upon the prompt
[root@local ~]# mysql -u bl -h xxx.xxx.x.1 -p

Inorder to specify the remote database name and location for a site software like wordpress, joomla etc. , modify the configuration file and update the details of the database along with the password and IP address of the remote server in the specified filed.

Inorder to configure wordpress to access the database ‘ab’ from a remote machine xxx.xxx.x.1, modify the configuation file as below

define(‘DB_NAME’, ‘ab’);
define(‘DB_USER’, ‘bl’);
define(‘DB_PASSWORD’, ‘pass’);
define(‘DB_HOST’, ‘ xxx.xxx.x.1’);

Android, iPhone apps violating open source rules

As most of the mobile applications used today contain open source, 70% fail to comply with their respective licenses. From a recent survey conducted by OpenLogic, Inc., a leading provider of enterprise open source software support, announced that 71% of Android, iPhone, and iPad apps containing open source failed to comply with basic open source licensing requirements. They scanned 635 leading mobile applications in order to identify open source components and evaluate compliance with the relevant licenses.

Applications that contain open source components are required to comply with the rules of all relevant licenses, such as the GPL or Apache license. Applications that fail to comply may be subject to legal action or removal from app stores.Non-compliance with open source licenses is typically not purposeful, but rather caused by a lack of awareness and visibility into open source usage.

Very often developers and the companies bringing out new mobile software are not aware of open source and its constraints or might not even know that an app is using open source while open source compliance is not at all difficult. App developers need to pay attention to open source license compliance to ensure their apps are not impacted by legal actions.