Advertenties

Categorie: Security

T

Two way authentication for SSH

On each linux server that you install there will be SSH to login as root and install/edit software. Even if you secure this, by disallowing the root user to login, there is a chance somebody might figure this out and use brute-force to hack in to your system. In may situations i have added firewall ...

Monitor your developers activity

If you have a lot of developers working on source code for your company, maybe even the same source codes, and want to see what files have been accessed (and by who) i will show you some perfect commands for this. First install the software we need: [code]apt-get install acct[/code] The service will be automatically ...

S

Secure your server – Linux Malware Detect (LMD)

Malware, short for malicious software, is software designed to infiltrate or damage a computer system without the owner’s informed consent. The context which malware applies to this article is any malicious software, scripts or content that may have found its way onto a Linux system by means of a user account, such as in a ...

V

Vyatta – Blocking unwanted websites

Blocking websites with a transparant Vyatta proxy is easy to install and safe to use. You can use this in any home or business situation. Users will not notice the transparent proxy to be in place. Run the following commands to enable the webproxy (transparent) on the internal interface: [code]set service webproxy listen-address 192.168.1.1 set ...

Cookie law – Wehkamp security vulnerability

All websites are now required to obtain consent from EU visitors for the use of cookies and other tracking technologies. Probably you have seen the buttons and banners on most of the website with texts like: “We are using cookies to give you the best experience on our site. Cookies are files stored in your ...

I

Inviting hackers in your company? Are you?

I agree, this sounds like a very disturbing subject and maybe it is. But are you? Are you inviting hackers on to your network? Let my start by saying that there are 2 types of hackers and only one of them are the type you should be worry’d about. Most people have a Linkedin, Facebook, ...

E

Ethical Hacking – A Crime

In January 2013 the National Cyber ​​Security Center in Holland came with a “Guideline” of Ethical hacking and Responsible Disclosure. Meant to draft steps (rules) and keep a hacker adhere strictly to these rules, if these rules should be met the organization will not follow legal steps. However, it is not a law, so the ...

C

Cisco IOS – Enabling netflow

I’ve  been using Netflow to monitor network traffic since beginning of this year and still i’m a big fan. Netflow allowes you to really dig in the actual network traffic that is generated by servers (or services) and let’s you investigate traffic that should be blocked. Configuring a Cisco to export netflow statistics to a ...

I

IPtables Firewall – Rules testing

Did you ever configure a firewall and locked yourself out? Then you might like these commands to test IPTables configuration for a few seconds and then killing the process. [code]iptables restart; sleep 20; iptables stop[/code] This way you have 20 seconds to see if the rules are in order; if not you just wait until ...

C

Cisco: Filtering based on AS numbers

I am currently trying to lock down a firewall with only a few accept rules for actual servers/traffic. Since there is some connectivity to the internet needed (like Windows updates and such) we need to filter this with access-lists. With these access-lists i simply create a few ‘ALLOW’ rules for actual traffic and a ‘REJECT’ ...