Sep 192013
 

Fool those who try to portscan your system!
The Portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.

The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task

Continue reading »

flattr this!

Jul 222012
 

Sometimes you have some firewall that don’t allows you to accept connection other than some specific ports let’s say that you can connect on your VPS or remote server only on the ports 80 (http) and 443 (https), but you need a port also for ssh to manage your vps/server but the port 443 is used by your Web server with its https protocol, so what can you do ?

This is where sslh comes in. It’s a really simple tool that wraps incoming connections to a port and then depending on protocol redirects it onto sshd back on port 22, or to your web server on localhost:443.
Continue reading »

flattr this!

May 212012
 

I thank Maurizio Pagani for allowing me to publish and translate his interesting presentation, published on http://babel.it.

OpenVAS is a framework that includes services and tools for scanning and the complete managment of vulnerability.
A vulnerability scanner is a tool that allows you to scan a target system (IP/HOSTNAME) based on a range of ports and a set of policies. The tool is supported by a database that is used from the vulnerability scanner to analyze possible problems whenever you find a listening service. The tool that scans receives daily updates from the database Network Vulnerability Tests “NVTs”.
Continue reading »

flattr this!

How to put Varnish in front of your Webserver without doing any change.

Varnish is an open source “web accelerator” which you can use to speed up your website. It can cache certain static elements, such as images or javascript but you can also use it for other purposes such as Load balancing or some additional security, in general most of the people want to try it and [...]

Simple security by evaluating open ports

Article by Dominique Cimafranca first published on his blog regarding Ubuntu, and Linux in general. A simple but effective procedure for evaluating security on your computer is to check what sites it’s connecting to, or what sites are connecting to it. Most critical malware nowadays turn computers into zombies for botnets — typically zombified hosts will [...]