background preloader

Sécurité informatique

Facebook Twitter

Netsecstudents: Subreddit for students studying Network Security and its related subjects. Malware Unicorn by securedorg. Codebashing. [PentesterLab] Bootcamp. Online Penetration Testing and Ethical Hacking - FREE Video Training Course. Setting up a OpenVPN server on Linux - ARM BlogARM Blog. I sometimes want to access my home network when working remotely in order to access my private files or machines in my network.

Setting up a OpenVPN server on Linux - ARM BlogARM Blog

Opening up the Samba ports for example in your router to the bad world outside is the most stupid thing to do, so in order to gain access we need to setup a VPN connection. There are several ways to accomplish this and in this example I will be installing the versatile OpenVPN software which can act as a server and client and is opensource (and therefore available on almost any platform). In this post we will set up the OpenVPN server (service), create the needed keys for the VPN authorization, set up the VPN tunnel interface and create a sample client config to connect with. The instructions are run as root. A free, almost foolproof way to check for malware. How to block network traffic by country on Linux.

As a system admin who maintains production Linux servers, there are circumstances where you need to selectively block or allow network traffic based on geographic locations.

How to block network traffic by country on Linux

For example, you are experiencing denial-of-service attacks mostly originating from IP addresses registered with a particular country. You want to block SSH logins from unknown foreign countries for security reasons. Your company has a distribution right to online videos, which requires it to legally stream to particular countries only. You need to prevent any local host from uploading documents to any non-US remote cloud storage due to geo-restriction company policies.

All these scenarios require an ability to set up a firewall which does country-based traffic filtering. In this tutorial, I am going to present another iptables-based GeoIP filtering which is implemented with xtables-addons. Install Xtables-addons on Linux Here is how you can compile and install xtables-addons on various Linux platforms. $ cd geoip $ . How to Install Let's Encrypt Free SSL Certificate On Your Website. Another Big Milestone – Let's Encrypt is now offering Free HTTPS certificates to everyone.

How to Install Let's Encrypt Free SSL Certificate On Your Website

Let's Encrypt has opened to the public, allowing anyone to obtain Free SSL/TLS (Secure Socket Layer/Transport Layer Security) certificates for their web servers and to set up HTTPS websites in a few simple steps (mentioned below). Let's Encrypt – an initiative run by the Internet Security Research Group (ISRG) – is a new, free, and open certificate authority recognized by all major browsers, including Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer. Échangez par e-mail en toute sécurité. Surfez incognito sur Internet avec le réseau Tor. Échangez par e-mail en toute sécurité. Free Python for Security Professionals Training Class. Watch the Course Intro Video Joe Perry (@perry) has put together a framework that is a complete MUST-KNOW for any aspiring cyber security professional who wants to move up the ladder.

Free Python for Security Professionals Training Class

Python for Security Professionals is a class that is designed to teach you the functions of Python that play a role in a penetration testing career. It is not necessary to know Python from a complete programming language knowledge level, however, there are certain commands and functions that are critical to becoming a top-tier professional. Again, this class is designed specifically for NON-CODERS who know they need to know this critical scripting language for a successful career in penetration testing and cyber security. This course will take you from basic concepts to advanced scripts in just over 10 hours of material, with a focus on networking and security. OverTheWire: Bandit. Python for Security Professionals: Free IT Security Training. Python is an excellent programming language that has rapidly become popular among Hackers, Reverse engineers, software testers, Forensic analyst and Penetration testers.

Python for Security Professionals: Free IT Security Training

Python is a simple object-oriented and minimalistic language that is easy to learn for novice programmers as well as experienced developers. Most Python programs run on all major operating systems including Windows, Linux, Mac, etc. What makes Python such an effective platform for Security Professional and Hackers? Python supports pre-built extensive libraries that are specifically designed for penetration testing and provide some powerful functionalities. So if you are looking for a most widely used and easy to learn scripting language, go for Python. There is nothing wrong if I say that scripting languages like BASH, Perl, and Ruby can not do the same things as Python, but building those capabilities are possible and much easier using Python. Free Online Cyber Security Training - Cybrary.

Instructors: Cybrary’s Subject Matter Experts Price: Free Course Format: Self-Paced, Video Training, Module FormatRegistration Dates: Enroll & Access AnytimeWho Can Enroll: Anyone.

Free Online Cyber Security Training - Cybrary

Peter Smith releases his new book on Linux Network Security free of charge : linux. Hidden backdoor API to root privileges in Apple OS X. The Admin framework in Apple OS X contains a hidden backdoor API to root privileges.

Hidden backdoor API to root privileges in Apple OS X

It’s been there for several years (at least since 2011), I found it in October 2014 and it can be exploited to escalate privileges to root from any user account in the system. The intention was probably to serve the “System Preferences” app and systemsetup (command-line tool), but any user process can use the same functionality. Apple has now released OS X 10.10.3 where the issue is resolved. OS X 10.9.x and older remain vulnerable, since Apple decided not to patch these versions. We recommend that all users upgrade to 10.10.3. Why I started searching for vulnerabilities in OS X TrueSec specialists speak at IT conferences worldwide. This time it was a security conference for developers, and many of them use Apple OS X as their primary operating system. Security Magazines, White Papers, Reports, and eBooks. Web Application Security for Dummies Free eBook.

The Last Password You Have to Remember. NSA-Documents: Attacks on VPN, SSL, TLS, SSH, Tor : programming. Vie privée : le guide pour rester anonyme sur Internet. Cracking. Qui d'entre vous n'a jamais utilisé une liaison wifi pour se connecter à son modem routeur :ClubBox, N9ufBox, freeBox, LiveBox, ou même un hotspot à l'extérieur...???

Cracking

Une minorité je crois dont je fais partie :DCeux qui ont passé leurs vies à gueuler avec les hotliners pour faire fonctionner cette liaison savent très bien que c'est pas du tout facile de garder un très bon signal pour longtemps...Comme ils savent aussi qu'ils ont besoin d'un nom de réseau SSID et d'une clé WEP que généralement en 128-bits...et quand on appelle la hotline on doit avoir ces deux paramètres pour rectifier le dysfonctionnement qu'il y est.. sinon, si on 'est novice :D (et c'est le cas pour la plupart des cas qui appellent la hotline) le pauvre hotliner se casse la tête à vouloir nous la montrer sur l'interface du modem ...

Hack Zone: Hacking. Définition : Un hacker c'est quoi?

Hack Zone: Hacking

Pour la première définition de ce site, je vais essayer de m'appliquer... C'est un mec (ou une fille, désolé mais faut avouer que vous êtes en très forte minorité) qui rentre dans des ordinateur où il n'a pas de droit d'accès et qui jette un coup d'oeil un peu partout pour voir s'il trouve pas quelque chose d'intéressant. Certains affirmeront qu'ils sont là pour la régulation de l'Internet ou pour en refaire un espace fun et non un espace commercial comme il est de plus en plus voué à devenir. A chacun de voir... Ca c'était ma définition perso mais il en existe une perso de "the mentor", très bien écrite et qui représente bien la manière dont pas mal de Hackers se sont mis au biz même si elle ne me correspond pas.

Hacking. Apprendre le "Hack" Le Blog du Hacker — Ce qui est sécurisé à 99% n'est pas sécurisé.