Blogs

Linux Auditing Tool

Lynis an excellent tool to audit your linux servers. As per the website

Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system (including Mac). Even the installation of the software itself is optional!.

Go GET IT from - http://cisofy.com/lynis/

Happy Auditing

.......have fun

Penetration Testing

Check out this distribution with collection of great tools to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.

http://fire.dmzs.com/

Happy Hunting ... Bleh

Hackers Comic

All you wanna be hackers new bees check out below comic strip ... for some geeky cool comic

http://www.hackerstrip.com/

FUNZzzzzzz.....

Night Lion Security PHP Stress

Night Lion Security proof of concept denial of service / stress tester for PHP websites running with Apache and NGINX systems (PHP-FPM and PHP-CGI)

About - https://www.nightlionsecurity.com/blog/news/2014/04/phpstress-dos-attack...

to Download it - http://packetstormsecurity.com/files/download/126513/phpstress-master.zip

Have Fun ......

Etherape - Check your Network Traffic

A nice GUI interface to see where your network traffic is going to or coming from.

Screenshots - http://etherape.sourceforge.net/images/index.html

Website - http://etherape.sourceforge.net/

Have fun

Random Js Virus

In late 2009 and early 2010 i have seen a new kind of Attack on websites which Security Companies Named as Random Js Virus. It used to insert a java script code to redirect the page on a rogue website inside tag. Lately they have started putting encrypted code to make it look like a genuine code.

I am still seeing its happening to lost of websites. The main reason are : -

1) Week FTP Passwords

2) FTP traffic in plain text

3) Sql Injection

GNU/Linux Server Security - The Initial Steps

Below are the Steps and the links to the tools which you can use on your GNU/Linux server to make it secure.

Server Security:-

1) If you are not having cpanel / webmin and not good with iptables rules as well you can use APF http://www.rfxn.com/projects/advanced-policy-firewall/ however if you are having cpanel then go for http://configserver.com/cp/csf.html. Both the utilities provides easy to use interface to configure the firewall rules

2) You can use more tools from this page http://www.rfxn.com/projects/

3) On server where you are not using cpanel you can use.

Securty Wiki

System Monitoring

A very good article about it at

http://www.serverwatch.com/tutorials/article.php/3937996/Try-collectl-fo...

its a good tool for system monitoring

and the tool link is at

http://collectl.sourceforge.net/

Enjoy

Bleh

Green Sql - A great Mysql firewall

Green Sql - it acts as proxy in between your database and request from outside world . It blocks the attempts for sql injection.

Great tool to add more for your Mysql security for more information visit below link

http://www.greensql.net/

Bleh