On the test I will install Let’s Encrypt which allows you to install free SSL certificates for 90 days and automatically re-issue them.
Continue reading “Installing and Configuring Let’s Encrypt SSL”Category Archives: Security
Removing exploits from Ubiquiti devices
Once I noticed the spread of the virus/exploit on the network with Ubiquiti devices. Exploit using a vulnerability in older versions of firmware copied itself to other devices and from them attacked the following.
Continue reading “Removing exploits from Ubiquiti devices”Installing and Configuring Fail2ban
In this article, I will provide an example of how to install and configure Fail2ban.
Continue reading “Installing and Configuring Fail2ban”Configuring Fail2Ban for ProFTPd
Suppose Fail2Ban is already installed, if not, then see my article – Installing and Configuring Fail2ban.
In Fail2Ban by default, there are already filters for ProFTPd and it knows that the log file is located at /var/log/proftpd/proftpd.log, so it’s enough to create the file:
sudo nano /etc/fail2ban/jail.d/proftpd.local
And enter the data below, thereby activating the check of the log file /var/log/proftpd/proftpd.log:
[proftpd] enabled = true bantime = 86400
Restart Fail2Ban to apply the changes:
sudo service fail2ban restart
You can check the status:
sudo fail2ban-client status proftpd
Installing Nessus on Linux
Nessus – vulnerability scanner in Linux.
Go to the official website http://www.tenable.com/products/nessus/select-your-operating-system and download Nessus for the operating system that you have installed.
Switch to the root user:
su
Run the installation of the downloaded file, for example:
dpkg -i Nessus-7.0.2-debian6_amd64.deb
Run Nessus:
/etc/init.d/nessusd start
After that, you can open Nessus in the browser by clicking https://IP:8834/
For further work, you need to register with https://www.tenable.com/products/nessus/activation-code.
Installing Snort in Ubuntu
Snort – Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) by traffic analysis.
Continue reading “Installing Snort in Ubuntu”How to make a bootable USB flash drive with CAINE
To make a bootable USB flash drive with CAINE, perform several actions:
1) Download the image CAINE from the official site www.caine-live.net
2) Download Universal USB Installer http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/
3) We connect the USB flash drive to the computer and run the Universal USB Installer. In it, we agree with the license agreement by clicking “I Agree“, in the second window where “Step 1:” choose “CAINE Linux“, where “Step 2” click “Browse” and point to the downloaded image of CAINE (for example, caine9.0.iso). In “Step 3:” select the letter of the flash drive, tick the “Format” (this will re-partition the file system table and erase all the data on the USB flash drive).
4) Click “Create” and wait for the process to complete.
Using netwox
I will give examples of using netwox and describe them.
I described the netwox installation in this article – Установка netwox
Example of a standard startup:
sudo netwox
netwox has quite a lot of functions, you can see them by pressing after starting the number 3 and Enter.
Network configuration display:
sudo netwox 1
Display debugging information:
sudo netwox 2
Display information about the IP address or host name:
sudo netwox 3 example.com
Displaying information about the MAC address:
sudo netwox 4 -e 00:15:5D:38:01:08
Obtaining MAC addresses from the IP list:
sudo netwox 5 -i 192.168.1.0/24
Display information that will be used to reach the specified IP address:
sudo netwox 6 192.168.24.254
Sniffer, displaying the transmitted packets on the screen:
sudo netwox 7
Sniffer, displaying only the list of open ports that were used in the captured packets:
sudo netwox 8
Sniffer, mapping of MAC and IP addresses:
sudo netwox 9
An example of capturing packets and displaying brief statistics (the number of packets counted, the size of packages, the percentage of the number of packets (c%), the percentage of the size (s%)):
netwox 10 -d eth0
Convert a digit to an encrypted one:
sudo netwox 21 -n number
Converting a string to an encrypted string (sha256, md5, etc.):
sudo netwox 22 -d text
Show ASCII table:
sudo netwox 23
Check the security of the directory:
sudo netwox 25 /tmp/
Example of ICMP PING:
sudo netwox 49 -i 192.168.24.253
Example of ARP PING:
sudo netwox 55 -i 192.168.24.253
Example ICMP route tracing:
sudo netwox 57 -i examle.com
Example of TCP route tracing:
sudo netwox 59 -i examle.com
Example UDP route tracing:
sudo netwox 61 -i examle.com
Example of port scanning:
sudo netwox 67 -i 192.168.24.254 -p 1-1000
ICMP scanning for availability:
sudo netwox 65 -i 192.168.1.0/24
TCP port access scan:
sudo netwox 67 -i 192.168.1.0/24 -p 80
UDP port access scan:
sudo netwox 69 -i 192.168.1.0/24 -p 80
ARP scanning:
sudo netwox 71 -i 192.168.1.0/24
Flood random fragments:
sudo netwox 74 -i 192.168.24.254
Filling the table of MAC-addresses of the switch by sending a flood:
sudo netwox 75
Synflood:
sudo netwox 76 -i 192.168.24.254 -p 80
etc.
Installing and Configuring Config Server Firewall (CSF) in Ubuntu
Config Server Firewall (CSF) – a software product created for automatic server protection.
Continue reading “Installing and Configuring Config Server Firewall (CSF) in Ubuntu”Configure Firefox for anonymity
To get started, type the following in the address bar of the Firefox browser:
about:config
Below I will describe what settings transmit information about the user, for faster search, you can copy and paste the parameter into the search bar.
Google Safe Browsing (the parameter includes the transmission of information about the sites visited by the user on Google and prevents visits to sites with malicious software):
browser.safebrowsing.enabled browser.safebrowsing.downloads.enabled browser.safebrowsing.malware.enabled
Sending stability and performance reports to Firefox:
datareporting.healthreport.service.enabled datareporting.healthreport.uploadEnabled
Usage statistics:
toolkit.telemetry.enabled
The parameter transmits the real IP address even if a VPN connection or TOR is used:
media.peerconnection.enabled
Enabling integration with the Pocket service:
browser.pocket.enabled
Using geolocation:
geo.enabled
Firefox connects to third-party servers without permission:
loop.enabled
Saving typed text in the search, for further tips:
browser.search.suggest.enabled
Enabling locks to track user information:
privacy.trackingprotection.enabled