Feb 19th, 2012
PS command: process tree, threads, security
PS command: process tree, threads, security
To print a process tree:
ps axjf
To get info about threads:
ps axms
To get security info:
ps axZ
ps -eM
PS command: process tree, threads, security
To print a process tree:
To get info about threads:
To get security info:
cPanel Security Tokens
cPanel have added numerous security features to cPanel/WHM 11.25. cPanel security token system attempts to prevent cross-site request forgery (XSRF) attacks by appending URLs with a session token in the form of cpsess[number].
When this feature is enabled, absolute URLs are no longer allowed. This new feature helps to ensure a safe environment.
Quick Security Scan For WHM version 11.28
This feature disables operating system-level services that are not necessary for your web server.
The services that will be disabled are:
* portmap — Maps network drives.
* atd — The “at” daemon, similar to cron jobs.
* cups — Used for printing.
* Console mouse services — Provides Linux mouse support.
* xfs — X font server; allows a server running the X Window System to communicate with a font renderer.
* NIS — Network information service.
* NFS statd — Used for network file system (NFS) mounting.
* RPC idmapd — Used for running an NFS server.
Note: A [FAILED] error message means that the service was not running when the scanner attempted to turn it off. This service will still be prevented from starting in the future.
Reference: http://cpanel.net
PHP security restricting Includes
Local include attacks occur when an attacker is able to pull local files into PHP scripts to view sensitive information on or about your system. For example, an attacker may be able to include and subsequently view the /etc/passwd file using a PHP inclusion vulnerability, in effect acquiring some basic information about every account associated with your web server.
To help prevent local include vulnerabilities, you can set the open_basedir parameter in your PHP configuration to a specific directory. This will limit an attacker’s access via local includes to a single directory. In most cases, you will want to set the open_basedir parameter to a public_html directory, allowing PHP to open and modify HTTP-accessible (public) files contained within the specified directory while limiting access to more sensitive information contained outside of the specified directory
Php Security Preventing Information Disclosure
Disclosing information, such as errors, to attackers can leave your system in a vulnerable position. Before and during an attack, the attacker will need to acquire a wealth of general information about your system. This information includes your directory structure, database names, usernames, and more. Preventing PHP from printing errors to the web application’s user interface is one way to inhibit an attacker’s ability to gain information he could use to compromise your system.
When display_errors is disabled, your developers are still able to retrieve debugging information from the appropriate PHP logs.