skip to main content

TAMU Webmaster's Blog


Information and insight from the A&M Webmasters

Web Security

WordPress CAS Authentication Issues

So apparently several of us around campus simultaneously experienced a similar issue recently with the CAS authentication plugin many of us use. The basic issue was that we were getting “Application Not Authorized” when trying to log into an HTTPS protected WordPress site using the CAS Maestro plugin. Our friend Donald St. Martin over in Engineering wrote up this great walk through of the problem and how to fix it.

HTTPS and the CAS Maestro WordPress plugin

 

Tuesday, January 31st, 2017 CMS, Systems, Uncategorized, Web Security No Comments

Has Your Site been Hacked?

Imagine you come into your office and sit down at your desk to start your day.  You log into your computer and visit your departmental website…and to your horror you see that the front page has been hijacked and it is now selling Cialis or streaming the latest pirated movie.  You have been hacked!  Would you know what to do?  That question was recently asked in two different groups that I have been in, both of which were filled with people who should have known.  Most didn’t.

Come join us at the next uWeb meeting, where the CIS security team will be talking about exploits on campus.  They will show a few examples of what has been reported on campus, some of the most common platforms that get exploited and how to prevent them, and advice on what to do if it does happen to you.

The meeting is scheduled for Tuesday October 28 at 3:30 rescheduled for Tuesday December 9 at 3:00  in Room 2605 of the GSC.  The presentation will be broadcast on TTVN Channel 9 6 and will be recorded for later viewing on MediaMatrix..

Monday, October 13th, 2014 Miscellaneous, Web Security No Comments

Aggie Clips

As mentioned a few days ago, we are working on the TAMU News suite of sites this Fall.  The first of these sites to be rolled out is the Aggie Clips.  This is a service provided to campus communicators and administrators to give them a taste of how Texas A&M is being portrayed in news outlets around the country and the world.  (Note that this site is limited to viewing from on campus or remote connections to the TAMU domain.)

We migrated this site, which was originally separate html files for each article (over 25,000 of them at one point) before we put the files into a database last year,  into WordPress as a way of keeping them organized.  One nice discovery that we made was that WordPress now suports CAS logins.  I know there are a lot of WordPress blogs around campus, and unfortunately the standard installation doesn’t come with secure logins, so we pass this tip along in hopes that more people start to use it.  Installation was quite easy, with only the CAS client needing slight modifications to handle our unique response payload.

Friday, September 4th, 2009 Miscellaneous, Web Security 2 Comments

5th Annual Collegiate Cyber Defense Competition (CCDC)

This year Texas A&M will be hosting the CCDC in Rudder Tower March 6-8, 2009. I know from my own experience that the the students who compete are some of the best students to enter the industry because of the knowledge they gain in this competition.

I was a Linux Team Leader as a student at UTSA for the very first CCDC competition. I still have several friends who compete in this competition and it is a great way for IT and CS students to learn about the dark side of computer networks and programming. Too often students go through school not knowing the dangers lurking on the networks and websites that they will soon be working on.

The competition is not just about defending the network, but also about handling typical business requests during the defense. Some of the hardest challenges we faced as a team in the first competition were the business requests handed to us by the White Team. They would request that new mail accounts be created, or they would ask for access to a SQL server. As soon as those services were opened up they were attacked by the Red Team. If we weren’t prepared our services would be compromised or we would not get the tasks completed in time to get points for them.

Only teams who can establish an effective method of handling these requests truly come out as winners in this competition. The same is true in the real world! Some of the other “requests” that came from the White team were related to redundancy and failover – they would come in and say “your firewall machine has failed” and would literally take the machine away. We had 10 minutes to get another firewall machine in place or face point deductions or worse – a security compromise! Honestly, we didn’t have the processes in place to handle these scenarios and it burned us (the UTSA team). But, I know for a fact that every student on that team now values redundancy on the network and servers that run our applications and access!

This competition is important to raising security awareness, so please support the students and teams willing to compete and put their skills on the line against some of the best hackers around. More information can be found at the Texas A&M CCDC website, or at the National CCDC site hosted by the UTSA Center for Information Assurance and Security. Texas A&M’s also has a CIAS program to help students conduct research and learning about information security and assurance.

Tags: , , , , ,

Tuesday, January 13th, 2009 Area Events, Miscellaneous, Web Security No Comments

Be Careful with Internet Explorer Until Patch Day

Microsoft has failed to release a patch for a new exploit (Microsoft Security Advisory 961051) that targets Internet Explorer 7. The exploit allows malicious websites to install trojans and malware on the victims computer according to TechRepublic. This exploit allows the malicious site to run at the same security level as the user logged into the computer.

For users this means only visit sites you really trust right now with IE or use another browser such as FireFox, Safari, Opera, or Chrome. Assume that in the next couple days this exploit will be used heavily in XSS attacks until it can be patched. This could be used to steal passwords, perform malicious actions in your name, and more.

For administrators of Windows based networks, this again reinforces that user accounts should be limited in ability to mitigate the damages done, and security settings in browsers and group policy should be set as high as possible while still allowing people to perform their job duties. Users will administrative abilities on the local computer could be affected the most with this attack.

Tags: , ,

Friday, December 12th, 2008 Web Security No Comments

Using the Bad Guys’ Tools to Keep You Informed and Secure!

My background did not start out in web development but in network administration and security. As such, I monitor the IT security industry in addition to all the web development blogs and sites I frequent. One of the things I’ve learned in IT security is that typically the bad guys are faster than the good guys. A good way to stay on top of things is to watch the resources the bad guys use to keep your good guys up to speed.

One of the sites I watch is milw0rm, an exploit archive and notification site. I use an RSS reader to watch everything that comes from them. Yesterday (12/8/08) I saw an item regarding XSRF in phpMyAdmin 3.1.0, which is the latest version (as of this writing). Since we use phpMyAdmin sometimes, I notified those responsible for it’s upkeep and made sure we didn’t use it when visiting other sites until a patch is available.

Today (12/9/08), I got a notification from the phpMyAdmin Security Feed site about the vulnerability. My point is that by monitoring what the bad guys are doing, we were able to move faster to protect ourselves than the company who writes the software. In fact, the Security notification links back to milw0rm as well.

I wrote earlier about monitoring RSS feeds from product vendors, and this is just another way for you to stay informed and avoid bad PR from a security incident.

Some of the security related RSS feeds I watch are:

Tags: ,

Wednesday, December 10th, 2008 Web Security No Comments

phpMyAdmin Exploit

I know there are a lot of folks on campus who run phpMyAdmin to connect to their mySQL databases.  If you haven’t heard, there was a major exploit announced last night. Details are available from http://www.phpmyadmin.net/home_page/security/PMASA-2008-10.php

Patches and updated versions are now available at SourceForge.

Tuesday, December 9th, 2008 Web Security No Comments

Categories

Archives