Add first cyber notes (cyphers + aide).
This commit is contained in:
17
20220130140137-cyber.org
Normal file
17
20220130140137-cyber.org
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
:PROPERTIES:
|
||||||
|
:ID: 5943c76c-8b25-4cbd-b0b9-c819e5a490ba
|
||||||
|
:mtime: 20220130203043
|
||||||
|
:ctime: 20220130140137
|
||||||
|
:END:
|
||||||
|
#+title: cyber
|
||||||
|
|
||||||
|
|
||||||
|
* Solution de contrôle d'intégrité ou de scellement
|
||||||
|
** Linux: [[id:262f233d-9ae9-4bd7-a8e9-cba392a2c1f6][AIDE]]
|
||||||
|
|
||||||
|
* Serveur
|
||||||
|
** Tips
|
||||||
|
*** [[id:9eedbc4b-a961-4057-b2d8-8f10845f0478][Vérification des cyphers suites acceptées par un serveur]]
|
||||||
|
|
||||||
|
* Frameworks
|
||||||
|
** Flask: [[id:5f41e674-eb59-4d69-981b-46a18cf28452][Flask-security]]
|
||||||
@@ -0,0 +1,41 @@
|
|||||||
|
:PROPERTIES:
|
||||||
|
:ID: 9eedbc4b-a961-4057-b2d8-8f10845f0478
|
||||||
|
:mtime: 20220130165326
|
||||||
|
:ctime: 20220130165153
|
||||||
|
:END:
|
||||||
|
#+title: Vérification des cyphers suites acceptées par un serveur
|
||||||
|
|
||||||
|
* Howto
|
||||||
|
#+begin_src shell :results output verbatim
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# from https://superuser.com/questions/109213/how-do-i-list-the-ssl-tls-cipher-suites-a-particular-website-offers
|
||||||
|
|
||||||
|
# openssl requires the port number.
|
||||||
|
server='git.adrien.run:443'
|
||||||
|
delay=1
|
||||||
|
|
||||||
|
ciphers=$(openssl ciphers 'all:enull' | sed -e 's/:/ /g')
|
||||||
|
|
||||||
|
echo obtaining cipher list from $(openssl version).
|
||||||
|
|
||||||
|
for cipher in ${ciphers[@]}
|
||||||
|
do
|
||||||
|
echo -n testing $cipher...
|
||||||
|
result=$(echo -n | openssl s_client -cipher "$cipher" -connect $server 2>&1)
|
||||||
|
if [[ "$result" =~ ":error:" ]] ; then
|
||||||
|
error=$(echo -n $result | cut -d':' -f6)
|
||||||
|
echo no \($error\)
|
||||||
|
else
|
||||||
|
if [[ "$result" =~ "cipher is ${cipher}" || "$result" =~ "cipher :" ]] ; then
|
||||||
|
echo yes
|
||||||
|
else
|
||||||
|
echo unknown response
|
||||||
|
echo $result
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
sleep $delay
|
||||||
|
done
|
||||||
|
#+end_src
|
||||||
|
|
||||||
|
* Référence
|
||||||
|
* [[https://superuser.com/questions/109213/how-do-i-list-the-ssl-tls-cipher-suites-a-particular-website-offers][How do I list the ssl tls cipher suites a particular website offers]]
|
||||||
24
20220130200215-aide.org
Normal file
24
20220130200215-aide.org
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
:PROPERTIES:
|
||||||
|
:ID: 262f233d-9ae9-4bd7-a8e9-cba392a2c1f6
|
||||||
|
:mtime: 20220130200546
|
||||||
|
:ctime: 20220130200215
|
||||||
|
:END:
|
||||||
|
#+title: AIDE
|
||||||
|
#+filetags: :TODO:
|
||||||
|
|
||||||
|
* Présentation
|
||||||
|
* Advanced Intrusion Detection Environment ([[https://aide.github.io/][AIDE]])
|
||||||
|
* Permet de vérifier la non altération d'un fichier, suite, par exemple, à une intrusion.
|
||||||
|
* Licence: GPLv2
|
||||||
|
* Fonctionnement :
|
||||||
|
1. Premier "instantané" des fichiers à surveiller => base de données de référence,
|
||||||
|
2. Test d'intégrité périodique (/cron/): comparaison du statut courant du FS avec la "l'instantané" initialement
|
||||||
|
réalisé. Tout changement peut être considéré comme une erreur.
|
||||||
|
|
||||||
|
* Howto
|
||||||
|
TODO
|
||||||
|
|
||||||
|
* Références
|
||||||
|
* [[https://aide.github.io/][Github]]
|
||||||
|
* [[https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-using-aide][Checking Integrity with AIDE - RedHat]]
|
||||||
|
* [[https://www.it-connect.fr/aide-utilisation-et-configuration-dune-solution-de-controle-dintegrite-sous-linux/][AIDE : Utilisation et configuration d’une solution de contrôle d’intégrité sous Linux - IT Connect]]
|
||||||
Reference in New Issue
Block a user