Category: Security

Log4J Quick Test

Hi Folks, This just in from Canonical. The following two commands are to be run in a terminal window, and they check the vulnerability of your system/server to the respective CVE: $ sudo ua fix CVE-2021-44228 $ sudo ua fix CVE-2021-45046 Ideally you want the result: CVE-2021-45046: Apache Log4j 2 vulnerability https://ubuntu.com/security/CVE-2021-45046 No affected packages… Continue reading Log4J Quick Test

Log4Shell Wild West

Hi Folks, Patch those servers! I’ve had hundreds of attacks today, currently at least 100 IP addresses being blocked actively by automated defenses. That has resulted in a great set of malicious IP addresses to probe at a later date. Keep up the contribution of IP address, and I’ll post those some time in the… Continue reading Log4Shell Wild West

Hi folks,

We’ll start the discussion by introducing the Lynx browser. It’s what is call a text only browser. That means nothing active of any kind other than the text of the page. I call it a safety browser because nothing can infect you as long as there is nothing but text downloaded, and not ever executing that. The beauty of this browser is that because it does not support JavaScript, Adobe Flash, or other similar active content, nefarious websites will have an exponentially harder time downloading and installing malware.

Lynx is a platform independent text browser, meaning it basically runs on any operating system:
– Lynx is available in source code and for Unix flavors, MacOS, Windows 32, and DOS386+
– Several Linux distributions already carry it, just install the lynx package using apt, yum or whatever is appropriate for your distribution.
– The package website is https://lynx.invisible-island.net/release/

One caveat of using this browser is that many dynamic sites will break. The other is that even with this browser, failure to follow basic internet hygiene protocol will get you infected…

Peace and safe computing!

Catwhisperer