Endlessh is an open source SSH trapit. It send slow random banner string to attacker, wasting their time. Before you install endlessh, you need to change your SSH port to a higher non default port. To do this edit
|
1 |
vi /etc/ssh/sshd_config |
Find
|
1 |
Port 22 |
Replace with
|
1 |
Port YOUR_NEW_PORT_HERE |
If the line is commented with #, uncomment it. Now […]
Due to changes in Apple, Mozilla and Google Root Store Policies, as of September 1, 2020, newly issued SSL/TLS certificates with a validity period greater than 13 months (397 days) are prohibited by policy and will not be trusted. https://www.globalsign.com/en/blog/maximum-ssltls-certificate-validity-now-one-year https://blog.mozilla.org/security/2020/07/09/reducing-tls-certificate-lifespans-to-398-days/ […]
Online Malware Scanner for websites Scan a folder with clamscan maldet https://opentip.kaspersky.com https://sitecheck.sucuri.net Tools https://remnux.org/ Forums http://www.virusinfo.info http://www.rootkit.com http://www.gmer.net Blogs https://www.securelist.com/en/threats/detect?chapter=83 http://www.youtube.com/watch?v=Q5cT3YHKVsY […]
If your web site is hacked and infected by malware, Google Safe Browsing can block your web site with red warning. If this happens, you need to clean your web site. If your web site have lot of files, cleaning become hard as hacker can hide his files in any of these files. Manually verifying […]
Here is few web sites where you can check your SSL certificate is installed properly. https://www.ssllabs.com/ssltest/ https://cryptoreport.websecurity.symantec.com/checker/ https://sslanalyzer.comodoca.com/ See SSL […]
Tripwire is a data integrity tool for monitoring and alerting file and directory changes. https://github.com/Tripwire/tripwire-open-source To install, run
|
1 |
yum install tripwire |
Generate keys Run
|
1 |
tripwire-setup-keyfiles |
This ask you to enter password. Creating Database
|
1 |
tripwire --init |
You need to edit file
|
1 |
vi /etc/tripwire/twpol.txt |
customise it for your system or you may get file/directory not found errors. Checking for changes
|
1 |
tripwire --check |
[…]
Install ModSecurity on Debian Disable ModSecurity for a specific URL ModSecurity is a Web Application Firewall. Protect sites from SQL injection and Application level hacking. To install ModSecurity on Ubuntu/Debian with Apache, run
|
1 |
apt install libapache2-mod-security2 -y |
verify Apache module is installed with
|
1 |
apachectl -M | grep security |
Enable config file
|
1 |
mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf |
Update config
|
1 2 |
sed -i "s/SecRuleEngine DetectionOnly/SecRuleEngine On/" /etc/modsecurity/modsecurity.conf sed -i "s/SecResponseBodyAccess On/SecResponseBodyAccess Off/" /etc/modsecurity/modsecurity.conf |
Restart Apache
|
1 |
systemctl restart apache2 |
[…]
https://www.passbolt.com – Open source password manager. https://www.grc.com/passwords.htm – Online secure password generator. […]