-
Seneste indlæg
Arkiver
- januar 2024
- december 2023
- november 2023
- oktober 2023
- september 2023
- marts 2023
- oktober 2022
- september 2022
- august 2022
- juli 2022
- juni 2022
- maj 2022
- marts 2022
- februar 2022
- december 2021
- oktober 2021
- september 2021
- august 2021
- marts 2021
- maj 2019
- april 2019
- januar 2019
- december 2018
- november 2018
- oktober 2018
- september 2018
- august 2018
- juli 2018
- maj 2018
- april 2018
- marts 2018
- januar 2018
- december 2017
- september 2017
- juli 2017
- juni 2017
- april 2017
- december 2016
- november 2016
- februar 2016
- januar 2016
- december 2015
- september 2015
- august 2015
- april 2015
- februar 2015
- december 2014
- september 2014
- august 2014
- juni 2014
- april 2014
- marts 2014
- februar 2014
- januar 2014
- november 2013
- oktober 2013
- september 2013
- juni 2013
- maj 2013
- april 2013
- januar 2013
- december 2012
- oktober 2012
- september 2012
- august 2012
- juli 2012
- juni 2012
- maj 2012
- maj 2011
- marts 2011
- februar 2011
- juni 2009
- maj 2009
- marts 2009
- december 2008
- november 2008
- oktober 2008
- august 2008
- juli 2008
- juni 2008
- april 2008
- marts 2008
- februar 2008
- januar 2008
- december 2007
- november 2007
- oktober 2007
- september 2007
- august 2007
- juli 2007
- juni 2007
- maj 2007
- april 2007
- marts 2007
- februar 2007
- januar 2007
- november 2006
- oktober 2006
- august 2006
- juli 2006
- juni 2006
- maj 2006
- april 2006
- marts 2006
- februar 2006
- januar 2006
- december 2005
- november 2005
- oktober 2005
- september 2005
- juni 2005
- maj 2005
- april 2005
- marts 2005
- februar 2005
- januar 2005
- december 2004
- november 2004
- oktober 2004
- september 2004
- august 2004
- juli 2004
- juni 2004
- maj 2004
- april 2004
- marts 2004
- februar 2004
- januar 2004
- december 2003
- november 2003
- oktober 2003
- september 2003
- august 2003
- juli 2003
- juni 2003
- maj 2003
- april 2003
- marts 2003
- februar 2003
- januar 2003
- juli 2002
- juni 2002
Kategorier
- Android (1)
- Ansible (1)
- Apache (53)
- Backdoors (3)
- Backuppc (1)
- Blog (2)
- Cisco (2)
- Development (1)
- Domain Name System (3)
- Exploits (4)
- FreeBSD (64)
- Hardware hacking (2)
- HP (1)
- HTML (2)
- Humor (10)
- I3WM (2)
- Intrusion detection (1)
- IRC (5)
- Irssi (1)
- Javascript (1)
- Knowledge Base (623)
- Kryptering (6)
- KVM (4)
- Lamp (5)
- Letsencrypt (1)
- LifeHack (2)
- Links (30)
- Linux (251)
- MobilPhone (1)
- Monitoring (3)
- Mysql (6)
- Nagios (9)
- Networking (152)
- Old Base (529)
- OpenBSD (4)
- OpenVPN (3)
- Opskrifter (1)
- OsX (1)
- PHP (12)
- Postfix (1)
- Programmering (50)
- Python (5)
- Retro hardware (2)
- Security (13)
- Shellscript (7)
- Sparc (1)
- SQL (24)
- SSH (9)
- Uncategorized (40)
- Vagrant (2)
- Videostreaming (1)
- Vim (7)
- VNC (1)
- Windows (23)
- Wordpress (3)
- Workstation (28)
- xcp-ng (1)
- Zfs (1)
Meta
Månedsarkiv: juli 2004
Verify file integrity and find compromised files
Use Tripwire to alert you to compromised files or verify file integrity in the event of a compromise. One tool that can help you detect intrusions on a host and also ascertain what happened after the fact is Tripwire (http://sourceforge.net/projects/tripwire). … Læs resten
Udgivet i Knowledge Base, Linux, Old Base
Skriv en kommentar
Forensics: Create an image of the entire harddisk
Make a bit-for-bit copy of your system’s disk for forensic analysis. Before you format and reinstall the operating system on a recently compromised machine, you should take the time to make duplicates of all the data stored on the system. … Læs resten
Udgivet i Knowledge Base, Linux, Old Base
Skriv en kommentar
Record honeypot activity
Keep track of everything that happens on your honeypot. Once an attacker has fallen prey to your honeypot and gained access to it, it is critical that you monitor all activity on that machine. By monitoring every tiny bit of … Læs resten
Udgivet i Knowledge Base, Networking, Old Base, Security
Skriv en kommentar
Using honneyd
Use honeyd to fool would-be attackers into chasing ghosts. As the saying goes, you will attract more flies with honey than with vinegar. (I’ve never understood that saying; who wants to attract flies, anyway?) A honeypot is used to attract … Læs resten
Udgivet i Knowledge Base, Networking, Old Base
Skriv en kommentar
Apache IDS
Protect your web server and dynamic content from intrusions. Detecting intrusions that utilize common protocols and services is a job that a network intrusion detection system is well suited for. However, due to the complexity of web applications and the … Læs resten
Udgivet i Apache, Knowledge Base, Networking, Old Base
Skriv en kommentar
Optimizing snort for high performance / Database
Decouple Snort’s output stage so it can keep pace with the packets. Snort by itself is fine for monitoring small networks or networks with low amounts of traffic, but it does not scale very well without some additional help. The … Læs resten
Udgivet i Knowledge Base, Linux, Networking, Old Base
Skriv en kommentar
Stealthing the sensorts
Keep your IDS sensors safe from attack, while still giving yourself access to their data. Your IDS sensors are the early warning system that can both alert you to an attack and provide needed evidence for investigating a break-in after … Læs resten
Udgivet i Knowledge Base, Linux, Networking, Old Base
Skriv en kommentar
Automated snort rule updating
Keep your Snort rules up-to-date with Oinkmaster. If you have only a handful of IDS sensors, keeping your Snort rules up-to-date is a fairly quick and easy process. However, as the number of sensors grows it can become more difficult. … Læs resten
Udgivet i Knowledge Base, Linux, Old Base
Skriv en kommentar
IDS That detect abnormal behaviour automatic
Detect attacks and intrusions by monitoring your network for abnormal traffic, regardless of the actual content. Most NIDS monitor the network for specific signatures of attacks and trigger alerts when one is spotted on the network. Another means of detecting … Læs resten
Udgivet i Knowledge Base, Networking, Old Base
Skriv en kommentar
Dynamic firewall with snortsam
Use SnortSam to prevent intrusions by putting dynamic firewall rules in place to stop in-progress attacks. An alternative to running Snort on your firewall and having it activate filtering rules on the machine it’s running on [Hack #87] is to … Læs resten
Udgivet i Knowledge Base, Linux, Networking, Old Base
Skriv en kommentar