Category: Security

Linux Security, Hardening linux and other tips and tutorials

Centos / Redhat 7 Switching back to iptables

Centos / Redhat 7 Switching back to iptables

It may be frustrating to learn yet another firewall (firewalld) in Centos or RHEL 7 . Here is how  you can switch back to the favorite IPTABLES. Stop firewalld and disable it to start...

SELinux Tutorial

SELinux Tutorial

Selinux is Security Enhanced Linux. I see that many administrators disable Selinux to ease administration, however it is a good idea to enable SELINUX. View Selinux Status: getenforce Disable SELinux : setenforce 0 Disable...

Filtering capture files with wire shark

Filtering capture files with wire shark

Filter by IP address, source and or destination IP Address ip.addr==192.168.1.1 ip.src==192.168.1.1 ip.dst==192.168.1.1 (ip.src==192.168.1.1)||(ip.dst==192.168.1.1) (ip.src==192.168.1.1)&&(ip.dst==192.168.1.1) To Exclude an IP Address : !(ip.addr==192.168.1.1)

NTP Reflection Attack

NTP Reflection Attack

In order to avoid NTP reflection attack , you need to disable the monlist command support or this can also be fixed by updating NTP to 4.2.7 vi /etc/ntp.conf restrict -4 default nomodify nopeer...

Open SSL commands

Open SSL commands

Here are some very useful open-ssl commands : To check openssl version : openssl version -a Check information in a certificate : openssl x509 -text -in api_cert_chain.crt List of all available ciphers: openssl ciphers...

Install OSsec on Centos

Install OSsec on Centos

1. Download Ossec : wget http://www.ossec.net/files/ossec-hids-2.7.tar.gz tar -zxvf ossec-hids-2.7.tar.gz cd ossec-hids-2.7 ./install.sh Controlling Service: /var/ossec/bin/ossec-control start /var/ossec/bin/ossec-control stop Edit Configuration File : vi /var/ossec/etc/ossec.conf Installing Agent: Authorizing Agents: /var/ossec/bin/manage_agents 1. Add an Agent :...

Writing Iptables rules by hand

Writing Iptables rules by hand

*nat :PREROUTING ACCEPT [92:7226] :POSTROUTING ACCEPT [62:3916] :OUTPUT ACCEPT [62:3916] COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] COMMIT

Iptables tutorial and examples

Iptables tutorial and examples

Delete existing rules: iptables -F or iptables –flush Set Default Chain Policies: iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP Block an IP Address: iptables -A INPUT -s a.b.c.d -j...

Rootkit Hunter–check if your system has been compromised

Rootkit Hunter–check if your system has been compromised

  Download Rootkit Hunter Here Untar and cd into the directory ./installer.sh –layout default –isntall rkhunter –update Now, you have to edit the Root Kit Hunter config file -on the newer Rootkit Hunter versions,...