Main menu:

Site search

Categories

Archive

Archive for 'Firewalls and Security'

Tutorial for securing your linux server

Just surfing for fun today and came across a quick and easy tutorial for securing your linux server.  While not the end all for security, it sure is a great start. http://mysql-apache-php.com/basic-linux-security.htm

Where to get mod_security rules?

Mod_security is an awesome tool to scan query strings for malicious content…blocking it before it ever enters execution. One of the best resources I have ever found to get some mod_security rules. They have both rules for versions 1 and 2. These rules block hundreds of attempts on my server every day. http://www.gotroot.com/downloads/ftp/mod_security/rules.conf

Upside Down Ternet

Here is an interesting way to annoy those people that think they just found an open wireless access point. With some creative iptables and perl things get really interesting http://www.ex-parrot.com/~pete/upside-down-ternet.html

How to disable DNS recursion on linux

By disabling recursive lookups on your server, you will help in the never ending battle against SPAM… 1. SSH Into your Server 2. Do a nano -w /etc/named.conf 3. Search for // query-source address * port 53; 4. Type Recursion no; 5. Save and Restart Bind

monload2

there is a great utility that will help to monitor and control processes on a linux box called monload2.  It can be found at http://www.dei.isep.ipp.pt/~andre/extern/monload2.html  from the site… The monitor program – how it works We first address the high load mad process problem, that was easy, from time to time we run the ps [...]

looking for space hogs?

Here are a few commands strung together to find all the files that are more than 1000000c in size. What is 1000000c? That would be character (unbuffered) special find /var -size +1000000c -exec ls -l {} \;  a variation on this is to find large files that have been accessed in the last day find /var -type [...]

AT&T aka att.net abuse address

AT&T once had a server of mine incorrectly listed in their spam filter.  It took hours to find, but finally I found an address to get removed from the list.  In case you ever need it here it is abuse_rbl@att.net

rkhunter to the rescue

There is a tool that I highly recommend running on any Linux box to help detect problems and root kits, rkhunter. It is available via http://www.rootkit.nl/ What makes it a must have is that you can automate the running and updating of the package, and have it send you daily reports of what it finds. [...]

Anti-Leach with .htaccess

Anti-Leach tutorial. If you need to prevent people from linking to your image from other web sites this can be accomplished in apache via a .htaccess file. Leachers will just get a “X” instead of an image. RewriteEngine OnRewriteCond %{HTTP_REFERER} !^http://www.yoursite.com [NC] RewriteCond %{HTTP_REFERER} !^http://yoursite.com [NC] RewriteRule [^/]+.(gif|jpg)$ – [F] Note: The first line is [...]

ROOT_PATH vulnerabilities.

In PHP there is a vulnerability involving the ROOT_PATH include. It bascially allows via poor coding and a well constructed querystring to pass a file to PHP from a remote server and execute the code. As an example the included file could be used to send spam or phishing email be routing it internally through [...]