WaZaRWiki : SecurityTips

GaelReignier :: Categories :: PageIndex :: RecentChanges :: RecentlyCommented :: Login/Register :: Hosted by: eNiX

Revision [230]

Most recent edit made on 2008-12-03 12:20:03 by GaelReignier

Additions:

tcp_syncookie

This setting protects you from the TCP SYN flood.
The configuration file is living here: 
/proc/sys/net/ipv4/tcp_syncookies

To have this surviving a reboot, update /etc/sysctl.conf:
net.ipv4.tcp_syncookies=1



Revision [229]

Edited on 2008-12-03 11:59:36 by GaelReignier

Additions:

Fail2ban

This is a neat piece of software that update iptables when people are trying to do brute force attacks



Revision [223]

Edited on 2008-12-01 11:39:53 by GaelReignier

Additions:

TCP wrappers

- to check if a service comes under TCP wrapper checks:
root@www2:~# ldd /usr/sbin/sshd |grep wrap
		libwrap.so.0 => /lib/libwrap.so.0 (0x00002aaaaabc2000)
root@www2:~# ldd /usr/sbin/apache2 |grep wrap



Revision [213]

Edited on 2008-10-27 19:01:14 by GaelReignier

Additions:

nmap

Ping scan: nmap -sP 10.20.30.0/24



Revision [75]

Edited on 2008-05-13 23:13:00 by GaelReignier

Additions:

SELinux

http://elibrary.fultus.com/technical/index.jsp?topic=/com.fultus.redhat.elinux5/manuals/Deployment_Guide/rhlcommon-chapter-0017.html



Revision [72]

The oldest known version of this page was edited on 2008-05-12 23:40:15 by GaelReignier
ITTips

AES-256 is stronger than RSA-512.
AES-256 ~ RSA-15,380
Page History :: 2008-12-03 12:20:03 feed icon :: Owner: GaelReignier :: Search:
Valid XHTML 1.0 Transitional :: Valid CSS :: Powered by WikkaWiki
Page was generated in 0.0124 seconds