Security

/Security

Simple Iptables Blacklist

Anyone that has run a server for any length of time quickly learns that the Internet is full of spammers, bots and other characters you would prefer didn’t exist. A firewall is key to keeping these guys out and Linux comes with a Kernel level firewall called iptables that can be employed for this purpose. The only downside of iptables is that people who don’t deal with it on a regular basis tend to find its syntax a little bit daunting. In this post I am going to run you through the process of setting up a basic firewall IP blacklist. Using a bash script to read an blacklist of IP addresses and feeding these to iptables so they can no longer access your server. First up create decide where you would like the script to live. for this example I am just going to put it in /root/scripts. i.e mkdir /root/scripts nano firewall.sh Continue reading “Simple Iptables Blacklist” »

By |June 16th, 2014|Linux, Security, Uncategorized|0 Comments

Creating a Tor Relay on Debian

The TOR project has proven itself an important tool in the fight to protect the anonymity of people online. The project obviously needs servers to route traffic through for the project to achieve its goals though. So contributors are needed to donate relays nodes ensuring a free Internet for all. In this post I am going to run you though the process of installing TOR and configuring a relay service for use by the network on a Debian system. First up login to your machine via a terminal, update the package library and install the Tor server: apt-get update apt-get install tor Then change into the Tor config directory cd /etc/tor Continue reading “Creating a Tor Relay on Debian” »

By |June 12th, 2014|Linux, Security|0 Comments

PHP FPM Errors After Upgrade

6obj0w9nop

By |June 10th, 2014|PHP, Security, Sysadmin|0 Comments

Tunnelling data over SSH with Putty

An SSH tunnel is used to route unencrypted traffic through an encrypted SSH channel. Its comes in handy for routing traffic over untrusted or hostile networks as the data is encrypted to maintain privacy and prevent eavesdropping. It is also very handy in for bypassing firewall restrictions where the usage of certain services are restricted. [...]

By |December 16th, 2013|Security, Uncategorized|0 Comments

Nginx: Locking Down The WordPress Backend By IP Address

I recently looked at the server logs for a new site that had just launched and noticed alot of hits by random IP addresses being made to the WordPress login script. Similar to the excerpt below: 182.18.209.4 – – [10/Jun/2013:07:33:26 -0400] “POST /wp-login.php HTTP/1.1” 200 4807 “drinknycity.com/wp-login.php” “Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0” 200.75.126.115 – – [10/Jun/2013:07:36:29 -0400] “POST /wp-login.php HTTP/1.0” 200 4749 “drinknycity.com/wp-login.php” “Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0” 190.37.99.209 – – [10/Jun/2013:07:43:00 -0400] “POST /wp-login.php HTTP/1.0” 200 4749 “drinknycity.com/wp-login.php” “Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0” 85.105.213.253 – – [10/Jun/2013:07:47:18 -0400] “POST /wp-login.php HTTP/1.0” 200 4749 “drinknycity.com/wp-login.php” “Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0” 123.21.234.227 – – [10/Jun/2013:08:06:45 -0400] “POST /wp-login.php HTTP/1.0” 200 4749 “drinknycity.com/wp-login.php” “Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0” 190.26.124.56 – – [10/Jun/2013:08:10:43 -0400] “POST /wp-login.php HTTP/1.0” 200 4749 “drinknycity.com/wp-login.php” “Mozilla/5.0 (Windows NT 6.1; rv:19.0) Gecko/20100101 Firefox/19.0″ Without installing a dedicated plugin to log more details about the requests on the page. At a glance, it appears that automated bots are trying to brute force access to the WordPress backend of the site. If you are like me you most likely only need to access the back end of your WordPress sites from a couple of networks. So I am going to run through the process of locking down access by IP address to wp-login.php under nginx. Continue reading “Nginx: Locking Down The WordPress Backend By IP Address” »

By |June 11th, 2013|Linux, Security, Wordpress|0 Comments

Filling device storage with HTML5 localstorage

A while back I wrote about using HTML5 local storage engine for storing websites data locally on a client device for caching or off line use. The W3 recommendation on web storage recommends a size limit on the amount of data storage allowed per origin. This has currently been implemented by the major browsers as follows: 2.5 MB per origin in Google Chrome 5 MB per origin in Mozilla Firefox, Safari and Opera 10 MB per origin in Internet Explorer Continue reading “Filling device storage with HTML5 localstorage” »

By |March 1st, 2013|HTML5, Security|0 Comments

Ruxmon Is Coming To Sydney

Next Friday will see Sydney hold its very first Ruxmon meetup and by the look of the presentations its not going to be one to be missed. Presentations Proprietary Protocols RCE : Research leads - Jonathan Brossard This presentation will discuss the following techniques for protocol analysis: Automated TCP replay (as in "proper valid tcp [...]

By |June 23rd, 2011|Security|0 Comments