- Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing.
- Open a Terminal and enter the following :
sudo apt-get install nmap
- Scan your system for open ports with :
Sunday 7 July 2013
Ubuntu Server: Scan Open Ports - Nmap.
Ubuntu Server: Install Firewall - DenyHosts and Fail2Ban.
- DenyHosts is a python program that automatically blocks SSH attacks by adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins
- Open a Terminal and enter the following :
sudo apt-get install denyhosts
Ubuntu Server: Audit Your System Security - Tiger.
- Tiger is a security tool that can be use both as a security audit and intrusion detection system.
- Open a Terminal and enter the following :
sudo apt-get install tiger
- To run tiger enter :
Ubuntu Server: HTTPS Configuration
The mod_ssl module adds an important feature to the Apache2 server - the ability to encrypt communications. Thus, when your browser is communicating using SSL, the https:// prefix is used at the beginning of the Uniform Resource Locator (URL) in the browser navigation bar.
The mod_ssl module is available in apache2-common package. Execute the following command from a terminal prompt to enable the mod_ssl module:
sudo a2enmod ssl
Saturday 6 July 2013
Kali Linux: Fix Installing & Updating Packages
write in terminal
nano /etc/apt/sources.list
and then replace all text with this
# deb cdrom:[Debian GNU/Linux 7.0 _Kali_ – Official Snapshot i386 LIVE/INSTALL $
# deb cdrom:[Debian GNU/Linux 7.0 _Kali_ – Official Snapshot i386 LIVE/INSTALL $
Ubuntu Server: Restrict Apache Information Leakage.
- Edit the Apache2 configuration security file :
sudo vi /etc/apache2/conf.d/security
- Add or edit the following lines and save :
Ubuntu Server: Harden PHP For Security
- Edit the php.ini file :
sudo vi /etc/php5/apache2/php.ini
- Add or edit the following lines an save :
Ubuntu Server: Harden Network With sysctl Settings.
- The /etc/sysctl.conf file contain all the sysctl settings.
- Prevent source routing of incoming packets and log malformed IP's enter the following in a terminal window:
sudo vi /etc/sysctl.conf
- Edit the /etc/sysctl.conf file and un-comment or add the following lines :
Ubuntu Server: SSH Hardening - Disable Root Login And Change Port.
- The easiest way to secure SSH is to disable root login and change the SSH port to something different than the standard port 22.
- Before disabling the root login create a new SSH user and make sure the user belongs to the admin group (see step 4. below regarding the admin group).
- If you change the SSH port also open the new port you have chosen on the firewall and close port 22.
- Open a Terminal Window and enter :
sudo vi /etc/ssh/sshd_config
Ubuntu Server: Install Firewall - UFW
The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall.
ufw by default is initially disabled. From the ufw man page:
“ ufw is not intended to provide complete firewall functionality via its command interface, but instead provides an easy way to add or remove simple rules. It is currently mainly used for host-based firewalls. ”
The following are some examples of how to use ufw:
The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall.
ufw by default is initially disabled. From the ufw man page:
“ ufw is not intended to provide complete firewall functionality via its command interface, but instead provides an easy way to add or remove simple rules. It is currently mainly used for host-based firewalls. ”
The following are some examples of how to use ufw:
Subscribe to:
Posts (Atom)