I’m kind of a control freak when it comes to my servers, lately the temperatures in Sweden reaches well above 30 degrees celsius and i need to get a warning in case the temp goes below 23 or above 26.
If you’re getting the following error it means that your certbot script is outdated.
Syslog used to handle NetFilter logging and you had to write regexp rules to sort your firewall logs, like: :msg,contains,”[ABF_Blocked” /var/log/abf-blocked.log”
Asbra Firewall is a combination of scripts and tools for Firewall configuration and Intrusion Detection (NIDS). It uses sqlite3 to save information on blocked traffic and counts the occurrences of attacking hosts with optional blocking.
Blacklisting large amounts of IPs, i use this with the iptables “blocked logging” in ABF (AsBraFirewall).
How do you know if your daemons go down? Some use services like pingdom but i’d rather check myself.
PHP-Class for encryption of text. I use it for safe storage of information in databases.
Running on Debian 9 Stretch.
The output of some commands are impossible to read, especially a network flow in real time. I’ve collected a few ways to accomplish coloring of keywords.
When Apache cant find the page that you are looking for it says “Not Found” and then it reveals your apache version number and sometimes even the modules that you have enabled. Do you want this?
We recently got a lot of invoices from sites all over the web, even from sites located outside of Sweden. Someone was mirroring our site using iframes and a similar domain name to ours.
Also called MalDet, has a set of signatures for matching malware in web-files. It uses the ClamAV scanner engine (if found) which also includes its own signatures.
Leaving your wp-login.php script or wp-admin folder accessible from the internet allows for bruteforcing of your passwords My way of solving this is by creating a randomly named folder e.g. “asbra” with som php code that sets a cookie which is required by the .htaccess file.
Apache supports lots of different encryption protocols, some of which have serious vulnerabilities that puts sites at risk of being breached. The Poodle and Beast exploits are just a couple examples of how attackers have taken advantage of weaknesses in SSL and TLS to compromise organizations.
And the winners with 107 hits each are: 184.108.40.206 220.127.116.11
I’ve been cleaning up lots of hacked wordpress sites lately and i thought i’d share my findings and also my attempt to refine this technique with AES-encryption instead of obfuscation
A collection of commands to help you determine if you’ve been hacked, the same commands can be used to find obfuscated code and dangerous php in any other CMS system such as Joomla or Drupal.
I was seeing lots of Warnings about POST-request to xmlrpc.php in the logfiles of modSecurity for apache. Turns out that wordpress uses the XML-RPC protocol that was created in 1998, the problem with having this enabled is that it encourages hackers to try and guess your password by making hundreds or thousands of login attempts […]
Install Tcpcrypt and you’ll feel no difference in your every day user experience, but yet your traffic will be more secure and you’ll have made life much harder for hackers.