Hacking
In light of all the complex and specialized attacks on Internet-facing servers, it’s very important to protect your cloud assets from malicious assailants whose sole purpose is to leach, alter, expose, siphon sensitive data, or even to shut you down. From someone who does a lot of Linux deployments, I […]
The Internet Control Message Protocol (ICMP) has many messages that are identified by a “type” field. You need to use 0 and 8 ICMP code types. => Zero (0) is for echo-reply => Eight (8) is for echo-request. To enable ICMP ping incoming client request use following iptables rule (you need to add following […]
Following list summaries the common attack on any type of Linux computer: Syn-flood protection In this attack system is floods with a series of SYN packets. Each packets causes system to issue a SYN-ACK responses. Then system waits for ACK that follows the SYN+ACK (3 way handshake). Since attack never […]
Linux comes with a host based firewall called Netfilter. According to the official project site: netfilter is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses […]
AIDE is an open source host-based intrusion detection system which is a replacement for the well-known Tripwire integrity checker. It provide software integrity checking and it can detect that intrusions (monitor filesystem for unauthorized change such as find out if system binaries modified and a new cracked versions installed or […]
Q. How do I detect port scan attacks by analyzing Debian Linux firewall log files and block port scans in real time? How do I detect suspicious network traffic under Linux? A. A port scanner (such as nmap) is a piece of software designed to search a network host for open ports. […]
Spoofing and bad address attack tries to fool the server and try to claim that packets had come from local address/network. Following IP/netwok address are know to open this kind of attack: Incoming source IP address is your servers IP address Bad incoming address from following ranges: 0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 […]
How do I configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux? Netfilter is a host-based firewall for Linux operating systems. It is included as part of the Linux distribution and it is activated by default. This firewall is controlled by the […]
Everybody says that Linux is secure by default and agreed to some extend (It’s debatable topics). However, Linux has in-built security model in place by default. Need to tune it up and customize as per your need which may help to make more secure system. Linux is harder to manage but offers […]