|
Programs :
Security : Linux : Floodmon
Floodmon is a small Perl daemon used to monitor a server and to detect SYN flood attacks, to alert the administrator and to mitigate the attack in order to allow legitimate connections to succeed (HTTP, POP3, SMTP...). It includes a passive and active defense system able to adjust itself according to the attack magnitude.
Security : Windows : spamMonitor
spamMonitor is a small program to detect if your computer is sending spams, in case of a virus/rootkit infection. It displays an alert each time an outgoing SMTP connection is established from your PC and gives you all details about such a connection (program, PID, remote IP...).
Entirely written in assembly language, it is fast, small (only 20 Kb) and requires very little system resources. It is free, distributed under the Gnu GPL and its source code is available for download.
Security : Linux : Killcx
Killcx is a Perl script to close a TCP connection under Linux, whatever its state is (half-open, established, waiting or closing state).
Articles :
Anti-spam: how to get rid of referer spam
They love to fill our server logs with links pointing to their websites to improved their page ranking. As they like to eat our bandwidth, we will eat theirs.
Anti-spam : how to get rid of spam bots
They are evil, stupid and love to crawl websites in order to steal and swallow every single email they can find : let's please and feed them !
Anti-spam : how to protect your blog/forum from comment spam
Many webmasters do not want to protect their blog or forum with a CAPTCHA test, or to use external filtering services, in order not to bother too much their users. However, they are all facing the same problem : blog spams (AKA comment spams). We'll see how we can get rid of them using different tips and tricks, even very simple ones, so that those spambots will belong to the past and, of course, in a fully transparent manner for your visitors.
Security : Linux : making a bootable USB drive
Making a bootable USB drive with a mini version of Linux and using it to repair our system or restore our MBR (Master Boot Record) is an easy task we tend to forget when everything is working well. But as everything may not always be working well, it is better to be safe than sorry.
Security : Linux : USB on-the-fly encryption
After turning a USB drive into a Swiss Army Knife, we can use all the space left and turn it into a Fort Knox area. Starting from kernel 2.6 we can quickly and safely encrypt disks and any removable device with dm-crypt. It is so easy to loose a USB key (all thus all its data) that it is worth the (very small) pain to protect it.
Security : Linux : using iptables string-matching filter to block vulnerability scanners.
Does "w00tw00t.at.ISC.SANS.DFind:)" sound familiar to you ? If you administrate one ore more servers, there are a lot of chances you found it in your logs and that it gave you headaches or even nightmares trying unsuccessfully to get rid of it.
Security : Linux : communication between mod_security and iptables to block IP's.
iptables and mod_security are both very useful applications to protect a server but they cannot communicate with each other to block IP's in real time, mod_security being an apache module, it inherits its privileges. However, it is easy to solve this problem with a simple client/server written in Perl.
Security : Linux : HTTP DDoS/flood attacks mitigation with ModSecurity
ModSecurity is a module most often used only for string/pattern matching. We will see that it can also do much more than that and be used, for instance, to mitigate or block HTTP floods in an even more effective manner than modules like mod_evasive.
Security : Linux : adding comments to iptables rules
While viewing all iptables rules from a terminal, it can be a pain to try to remember their meaning. Fortunately, a module can be used to add your own comments.
Security : Linux : LiteSpeed webserver monitoring with Munin-node
Three plugins to monitor LiteSpeed HTTP webserver with Munin-node.
|
|
Français