background preloader

Mes manuels

Facebook Twitter

How to: Linux Iptables block common attacks. When Memory Serves You: Using ramfs and tmpfs. Need a performance boost for your reads from and writes to a database or other dynamic files? A RAM-based filesystem is just what the good system doctor ordered. If your read/write performance isn’t keeping up with your needs, the least expensive and least time-consuming fix is to place those heavily used files into RAM. Reading and writing to RAM is significantly faster than when using disk-based filesystems. Disk I/O-sensitive data transfers, like those involving databases, reap extreme benefits from moving to RAM-based filesystems. Why RAM? RAM is fast. You have two performance-boosting options for RAM-based filesystems: tmpfs and ramfs. Ramfs Tmpfs and ramfs handle their jobs very differently. For example, the standard syntax for mounting a new filesystem is as follows: # mount –t fs_type device mount_dir The syntax for setting up a 200MB ramfs filesystem for a database in the directory, /opt/data: # mount –t ramfs –o size=200m ramfs /opt/data tmpfs And the mount command yields:

Chapter 7. Implementing Disk Quotas. Chapter 44. Security and SELinux. Psad: Linux Detect And Block Port Scan Attacks In Real Time. Q. How do I detect port scan attacks by analyzing Debian Linux firewall log files and block port scans in real time? How do I detect suspicious network traffic under Linux? A. A port scanner (such as nmap) is a piece of software designed to search a network host for open ports. Cracker can use nmap to scan your network before starting attack. Psad makes use of Netfilter log messages to detect, alert, and (optionally) block port scans and other suspect traffic. Install psad under Debian / Ubuntu Linux Type the following command to install psad, enter: $ sudo apt-get update $ sudo apt-get install psad Configure psad Open /etc/syslog.conf file, enter: # vi /etc/syslog.conf Append following code kern.info |/var/lib/psad/psadfifo Alternatively, you can type the following command to update syslog.conf: echo -e ’kern.info\t|/var/lib/psad/psadfifo’ >> /etc/syslog.conf psad Syslog needs to be configured to write all kern.info messages to a named pipe /var/lib/psad/psadfifo.

. #! Further readings: 20 Linux Server Hardening Security Tips. Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system. Linux Server Hardening Checklist and Tips The following instructions assume that you are using CentOS/RHEL or Ubuntu/Debian based Linux distribution. #1: Encrypt Data Communication All data transmitted over a network is open to monitoring.

Use scp, ssh, rsync, or sftp for file transfer. . #1.1: Avoid Using FTP, Telnet, And Rlogin / Rsh Services Under most network configurations, user names, passwords, FTP / telnet / rsh commands and transferred files can be captured by anyone on the same network using a packet sniffer. . #2: Minimize Software to Minimize Vulnerability Do you really need all sort of web services installed? #3: One Network Service Per System or VM Instance. Get Detailed Information About Particular IP address Connections. Netstat command and shell pipe feature can be used to dig out more information about particular IP address connection. You can find out total established connections, closing connection, SYN and FIN bits and much more. You can also display summary statistics for each protocol using netstat.

This is useful to find out if your server is under attack or not. You can also list abusive IP address using this method. # netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n Output: 1 CLOSE_WAIT 1 established) 1 Foreign 3 FIN_WAIT1 3 LAST_ACK 13 ESTABLISHED 17 LISTEN 154 FIN_WAIT2 327 TIME_WAIT Dig out more information about a specific ip address: # netstat -nat |grep {IP-address} | awk '{print $6}' | sort | uniq -c | sort -n Busy server can give out more information: # netstat -nat |grep 202.54.1.10 | awk '{print $6}' | sort | uniq -c | sort -n Output: Get List Of All Unique IP Address Find Out If Box is Under DoS Attack or Not Get Live View of TCP Connections Display Interface Table. Ubuntu / Debian Linux: Services Configuration Tool to Start / St. Your Debian / Ubuntu Linux box security depends upon access to system services (one of many aspects).

For example, you may need to provide a web server (Apache service) to serve web pages. However, if you do not need use a service, you should always turn off all unused services to avoid exploits. Traditionally, Debian provided various tools to manage services. There are various methods for managing access to system services: a) /etc/init.d/service b) rcconf c) update-rc.d etc Under Red hat and Centos Linux you can use chkconfig command (ntsysv command) to configure Sys V style init script links. There is also service command to stop / start / restart services. So if you are addicted to the service command under RHEL / CentOS / Mandriva Linux and have wondered what to do in Debian / Ubuntu, Linux try sysvconfig package. sysvconfig - Services Startup Configuration Tool Debian and Ubuntu Linux also offers service command. Sysvconfig package sysvconfig command Further readings.

Linux Force fsck on the Next Reboot or Boot Sequence. Debian / Ubuntu Linux: Send Automatic Email Notification When Se. Q. How do I force apt-get to send me email when upgrades or security updates available under Debian or Ubuntu Linux? Do I need to write a shell script which generates a mail with a list of all packages currently pending an upgrade? A. No you don't have to write a shell script. You need to use apticron command / script for notification. apticron is mainly intended for automatic notification of pending security updates but can also be used in many other situations where timely updates are neccessary. Type the following command at a shell prompt: # apt-get update # apt-get install apticron Configure apticron to send email notifications The default coniguration file is located at /etc/apticron/apticron.conf.

. # apticron.conf # # set EMAIL to a list of addresses which will be notified of impending updates # EMAIL="vivek@nixcraft.in" # # Set LISTCHANGES_PROFILE if you would like apticron to invoke apt-listchanges # with the --profile option. Save and close the file. Sample apticron email. Manual Pages - Main Contents. How to Capture & Save Screenshots of Webpages - Digital Inspirat. How to convert an entire website to an image file or PDF on Windows, Linux or Mac ?

Some time back, we discussed several screen capture add-ons for IE and Firefox with auto-scroll feature that allow you to save lengthy scrolling websites with images, javascript and even Flash animations to graphic files in GIF, JPG, TIFF or PNG formats. While the quality of website pictures captured with these screen capture utilites is excellent, the only limitation is that you are tied to the web browser.

You can grab the image of the entire web page only when the site itself is opened inside the web browser. The good news is that there's a better screen grabbing option available for free. Nathan Moinvaziri has developed WebShot, a tiny 52 kb app for taking screenshots of webpages from Windows Command Prompt. Here's a quick guide to use the Webshot screen capture utlity: Screen capture a complete website (even areas below the fold) webshot.exe /url " CBP tegen wet meldplicht bij datalekken. Nieuws - Volgens privacytoezichthouder CBP mist het voorstel om de meldplicht te beperken tot telefoon- en internetaanbieders zijn doel.

Bovendien is de opzet van de meldplicht onduidelijk en omslachtig. Het College bescherming persoonsgegevens (CBP) pleit voor een meldplicht voor alle bedrijven en overheidsdiensten. Dat zou betekenen dat ook die organisaties moeten melden als er sprake is van inbreuk op persoonsgegevens door bijvoorbeeld hackers. "Het doel van de meldplicht is om burgers te beschermen tegen gevaren zoals identiteitsfraude, financiële verliezen, gemiste kansen in zaken of beroepsontwikkeling. Alle databankbeheerders Al direct was er de kritiek dat de meldplicht veel te beperkt is. Minister Hirsh Ballin heeft in maart aan de Tweede Kamer beloofd een brede meldplicht te onderzoeken. Slechte organisatie Ook ziet het CBP allerlei organisatorische missers bij de opzet van de meldplicht. Niet onafhankelijk Consultatieronde.