Denyhosts is another utility similar to fail2ban. It parses log files toidentify potential attacks against SSH services. A clear advantage thatDenyhosts has over fail2ban is the synchronisation mechanism sinceversion 2.0[1]. Denyhostspermits communication with a central server to exchange informationabout denied hosts by other Denyhosts daemons. However unlike fail2ban,it does not modify any firewall (iptables) rules, instead it relies ontcpwrapper and the hosts.deny file to block ssh access.
Read More →
RANCID stands for really awesome new cisco configuration differ[1]and polls Cisco devices to geta copy of the configuration and an inventory of the hardware and commitsthe details to a version control system such a CVS or SVN. The versioncontrol is used to maintain a history of the changes, and any changes tothe configuration are reported. There are a number of guides availablefor installing RANCID[2,4,5], but I’ve documented thesteps I took here for my reference.
Read More →
CVE-2014-3566 relates to a flaw found in handling of padded bytes in SSL3.0 when using CBC mode for the encryption[3]. The flaw may be exploited topermit a man-in-the-middle (MITM) attack. The attacker may be able todecrypt a selected byte of a cipher text in a limited number (256) ofattempts, by repeatedly requesting the victim to send the same data overmultiple SSLv3 connections.
The vulnerability exists in the protocol itself and not a specificimplementation of the protocol e.
Read More →
Given the recent bash vulnerability disclosure[1]most linux distributions havereleased patches. Unfortunately Apple still expected users to compiletheir patches into bash. If you were using Homebrew or Macport you werein better standing and simply had to create symlinks to the patchedexecutables. I’ve documented the steps I had to take on my Macdesktop.
Compile mkdir bash cd bash/ wget http://opensource.apple.com/tarballs/bash/bash-92.tar.gz tar zxvf bash-92.tar.gz cd bash-92 cd bash-3.2/ curl https://ftp.
Read More →
I have some customers who do not volume license their Microsoft Productand need to activate their Microsoft Office products. This particularcustomer bought a laptop with Microsoft Office 2013 pre-loaded andpurchased a separate Microsoft Office Home and Business 2013 1PCLicense, however when they tried to activate the license by entering intheir product key they kept getting a pop-up error message;
“We’resorry, something went wrong and we can’t do this for you right now.
Read More →
Often times, I employ a CentOS VirtualBox virtual machine (VM) as adevelopment, testing and staging environment, I love the flexibility ofvirtual environments for testing and development work before moving mywork to production environments.
Recently I ran a yum update and yum upgrade on a CentOS 6.4 VM andsubsequently rebooted it, only to be greeted by a blank screen followingbootup. A quick search of virtual TTY terminals yielded a loginprompt.
Read More →
This is a continuation of the post on installing Snort 2.9 on CentOS 6.4(http://nkush.blogspot.com.au/2013/03/snort-29-on-centos-63.html). Thispost installs Barnyard2 on the host.
Barnyard is an output system for Snort. If effectively allows bettersnort performance by enabling Snort to produce binary output which isthen processed by Barnyard.
Barnyard processes the binary Snort output files (unified2 binary) andstores the processed data into a database back-end, for example MySQL.The advantage of using Barnyard instead of the database output fromSnort is that Barnyard is able to “cache” the data in case the databaseis unavailable.
Read More →
Snort is a signature based network intrusion detection system (NIDS)which has become a defacto standard for NIDS. In addition to being usedas a NIDS, Snort may also be used as a simple network traffic packetsniffer or logger.
A number of Snort dynamic preprocessors are available which enables thedevelopment of rules to attack detection.
Snort is an open source product and available for most popular networkoperating systems.
Read More →
My previous posts(http://nkush.blogspot.com.au/2012/08/installing-openvpn-22-on-centos-63-64bit.htmlandhttp://nkush.blogspot.com.au/2011/10/installing-openvpn-22-on-centos-57.html)have been on installing OpenVPN on Linux.
This post is slightly different as it installs and configures OpenVPN ona Microsoft Windows Small Business Server (SBS). The SBS installation isalso different from the previous write-ups since this configuration usesEthernet bridging instead of tunneling.
Although SBS comes with Layer2 Tunneling Protocol (L2TP) andPoint-to-point Tunelling Protocol (PPTP) for Virtual Private Network(VPN), some users may want to use an Secure Sockets Layer (SSL) basedVPN such as OpenVPN.
Read More →
During yet another LaTeX project on my MacBook, I added some algorithmsto my paper. After checking a couple of examples online, and discussingwith a colleage I decided to go with algorithm2e over others such asalgorithm, algorithmic, algorithmicx, program and pseudocode[1].However I got the following error “! LaTeX Error: File`algorithm2e.sty’ not found.” Since I am using macport, to resolvethis I needed to install the texlive-science package by executing sudoport install texlive-science, and all was good again.
Read More →