Archive for October, 2014
Script: jbcleanup.sh
by dervish on Oct.24, 2014, under Linux, Scripts
#!/bin/sh
# 20141024 - Jamey Hopkins
echo "Before: `ls *log* | wc -l` Files at `du -h . | cut -f1`"
[ 0 -ne `find *server.log -mtime +9 | wc -l` ] && find *server.log -mtime +9 | xargs gzip -v
[ 0 -ne `find *server.log.gz -mtime +30 | wc -l` ] && find *server.log.gz -mtime +30 | xargs rm
echo "After : `ls *log* | wc -l` Files at `du -h . | cut -f1`"
SSL 3.0 Protocol Vulnerability and POODLE Attack | US-CERT
by dervish on Oct.17, 2014, under Security
Systems AffectedAll systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios.Some Transport Layer Security (TLS) implementations are also vulnerable to the POODLE attack.
Source: SSL 3.0 Protocol Vulnerability and POODLE Attack | US-CERT