Category: security

How to use NordVPN in a LXD container

NordVPN is one of many VPN services. I was asked to have a look at how to make it work in a LXD container and as a result I am writing this post. I am not advertising this service, nor do I use affiliate links, etc. Up to now, NordVPN have refused to fix their …

Continue reading

Permanent link to this article: https://blog.simos.info/how-to-use-nordvpn-in-a-lxd-container/

Using the radare2 snap package

radare2 is a tool for reverse-engineering software. It is quite versatile, and can deal either with binary files of executable code, or even attach to a running process. Packaging (making available an installation package for end-users) is always an issue, especially when the software gets updated often. There is in the works a snap package …

Continue reading

Permanent link to this article: https://blog.simos.info/using-the-radare2-snap-package/

A network-isolated container in LXD

In this post we see how to get different types of network-isolated containers in LXD. Even if you are not interested in such things, doing this tutorial will help you understand better LXD proxy devices. LXD container with no networking To get a LXD container without networking, you omit the networking configuration in the profile …

Continue reading

Permanent link to this article: https://blog.simos.info/a-network-isolated-container-in-lxd/

How to use virtual machines in LXD

Update 22 May 2020: The Ubuntu container images have been updated to install on first boot the LXD Agent in the VM. The corresponding section below has been updated so that you can skip the manual step, if your VM image does it for you. Update 22 May 2020: See also the tutorial at https://discuss.linuxcontainers.org/t/running-virtual-machines-with-lxd-4-0/7519 …

Continue reading

Permanent link to this article: https://blog.simos.info/how-to-use-virtual-machines-in-lxd/

Discussion on running X11 applications from within LXD system containers

With LXD, you can create system containers. These system containers are similar to virtual machines, while at the same time they are very lightweight. In a VM, you boot a full Linux kernel and you run your favorite Linux distribution in a virtualized environment that has a fixed disk size and dedicated allocation of RAM …

Continue reading

Permanent link to this article: https://blog.simos.info/discussion-on-running-x11-applications-from-within-lxd-system-containers/

Testing CVE-2019-11043 (php-fpm security vulnerability) with LXD system containers

CVE-2019-11043 is a buffer overflow in php-fpm that under certain conditions, can lead to remote execution. There is an exploit at PHuiP-FPizdaM that targets certain nginx and php-fpm configurations. On their page, the describe how to use Docker to test this exploit. In this post, we use LXD to test the exploit and verify whether …

Continue reading

Permanent link to this article: https://blog.simos.info/testing-cve-2019-11043-php-fpm-security-vulnerability-with-lxd-system-containers/

%d bloggers like this: