Microsoft Security Bulletin Summary for January 2015

Patch windows or die, it’s hard to come up with a new description for this each month:

  • Vulnerability in Windows Application Compatibility Cache Could Allow Elevation of Privilege (3023266)
  • Vulnerability in Windows Telnet Service Could Allow Remote Code Execution (3020393)
  • Vulnerability in Windows User Profile Service Could Allow Elevation of Privilege (3021674)
  • Vulnerability in Windows Components Could Allow Elevation of Privilege (3025421)
  • Vulnerability in Network Location Awareness Service Could Allow Security Feature Bypass (3022777)
  • Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)
  • Vulnerability in Network Policy Server RADIUS Implementation Could Cause Denial of Service (3014029)
  • Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3019215)

Microsoft Security Bulletin Summary for January 2015

Twitter Posts for week ending 2015-01-10

Twitter Posts for week ending 2014-12-27

Webserver on Raspberry Pi

As an experiment this site is now running on my Raspberry Pi.

Assumptions you have setup your Raspberry Pi with Raspbian with a static IP, and allowed port 80 through your firewall to that static IP address.

Please remember to make sure you OS is up to date:

sudo apt-get update && sudo apt-get upgrade

Installing Nginx

The first peace of software you will need to install is Nginx

sudo apt-get install nginx

Now we can start Nginx

sudo /etc/init.d/nginx start

You can now test if it’s working by putting in the IP address of your server in a browser to see if it works e.g. http://192.168.0.1

The browser will now display a Page saying “Welcome to nginx”

Install PHP

Use the next command to install PHP

sudo apt-get install php5-fpm

Now we need to make some configuration changes, now we need to make some configuration changes

sudo nano /etc/nginx/sites-available/default

Scroll down the configuration file and uncomment by removing the #

listen 80; ## listen for ipv4; this line is default and implied

Set the serve name to your server name

server_name www.webwhitenoise.com;

Change the index line to the following

index index.php index.html index.htm;

Uncomment the next section in the configuration file

location ~ \.php$ {
 fastcgi_split_path_info ^(.+\.php)(/.+)$;
 # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
 
 # # With php5-cgi alone:
 # fastcgi_pass 127.0.0.1:9000;
 
 # # With php5-fpm:
 fastcgi_pass unix:/var/run/php5-fpm.sock;
 fastcgi_index index.php;
 include fastcgi_params;
 }

Now exit from nano and remember to save the changes

Now we need to edit the php.ini configuration file

sudo nano /etc/php5/fpm/php.ini

Find cgi.fix_pathinfo in the file and change it as follows

cgi.fix_pathinfo=0

Now we need to reload PHP and Nginx

sudo /etc/init.d/php5-fpm reload && sudo /etc/init.d/nginx reload

You can now test if PHP is working on Nginx by adding a index.php file tot he root of the server

cd /usr/share/nginx/www
sudo nano index.php

Add the following line to the file

<?php phpinfo(); ?>

If you now refresh the webpage we opened earlier in the browser it shlould display the PHP info page.

Install MySQL server

Now we install MYSQL

sudo apt-get install mysql-server

As a part of this process you will be prompted to enter a password, this password will be the root password for MySQL.

Once this process completes install MySQL Client and MySQL PHP components

sudo apt-get install mysql-client php5-mysql

Now we need to setup a database and user in MySQL

Connect to the MySQL Server using the root user, you will be prompted for the password

mysql -uroot -hlocalhost -p

We now create a database, wordpressdb represents the name of the database

CREATE DATABASE wordpressdb;

Now we create a user for WordPress to use to access the database, wordpressuser represents the user id and password_here a password. Root should not be used

CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'password_here';

Now we grant this user access tot he database

GRANT ALL PRIVILEGES ON wpdb.* TO 'wordpressuser'@'localhost';

Flush the privileges for the changes to take effect

FLUSH PRIVILEGES;

Now press CTRL + C to exit MySQL

Now test the username against the database

mysql -uwordpressuser -hlocalhost wordpressdb -p

Now press CTRL + C to exit MySQL

Finished

You now have a working server server with Nginx, PHP and MySQL ready to use.

Twitter Posts for week ending 2014-12-20

Twitter Posts for week ending 2014-12-13

Microsoft Security Bulletin Summary for December 2014

  • Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)
  • Cumulative Security Update for Internet Explorer (3008923)
  • Vulnerabilities in Microsoft Word and Microsoft Office Web Apps Could Allow Remote Code Execution (3017301)
  • Vulnerability in Microsoft Office Could Allow Remote Code Execution (3017349)
  • Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (3017347)
  • Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)
  • Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126)

Microsoft Security Bulletin Summary for December 2014