4th Floor, 4 Tabernacle Street London EC2A 4LU

Block IPs by country – Apache

Step 1 If you are using debian or ubuntu, install the mod-geoip package. sudo apt-get install libapache2-mod-geoip   Step 2 Enable GeoIPEnable, edit geoip.conf /etc/apache2/mods-enabled/geoip.conf GeoIPEnable On   Step 3 Find Country Code Lookup: https://en.wikipedia.org/wiki/ISO_3166-1 In Apache vhosts file, outside of the </Directory> tags: <Location /> ##ISO 3166 Country Codes ## Block China ## Block Costa […]

Linux – if anyone logs in notify SSH

Put the following in /etc/profile: The script /etc/profile is executed at every login (for bash shell users).   if [ -n “$SSH_CLIENT” ]; then TEXT=”$(date): ssh login to ${USER}@$(hostname -f)” TEXT=”$TEXT from $(echo $SSH_CLIENT|awk ‘{print $1}’)” echo $TEXT|mail -s “ssh login” you@your.domain aFrom:youradd@email.com fi   If you have issues delivering mail to a GMAIL inbox, […]

SSH Key Conversion to an OpenSSH compatible format

puttygen supports exporting your private key to an OpenSSH compatible format. You can then use OpenSSH tools to recreate the public key. Open PuttyGen Click Load Load your private key Go to Conversions->Export OpenSSH and export your private key Copy your private key to ~/.ssh/id_dsa (or id_rsa). Create the RFC 4716 version of the public […]

Fix Open Postfix Relay – Unauthenticated Email

If your mail server is left open, anyone can use your SMTP service to send mail, and spammers will use it. This can result in your server being blacklisted and extraneous use of system resources that neither benefit you nor your users. Postfix logoTo secure Postfix, there are a number of functions you can add […]

UNIX – Fork Explained

Mr. Peabody Explains fork() Introduction How Windows Does It How Unix Does It So Why Do People Want the Unix Way? How does it work in Perl? Introduction UNIX – Fork Explained Say, Mr Peabody. I was just reading through the Perl 5.6 release notes and noticed that a new function called fork() is now […]

Ubuntu – Which Process is Using a port?

Ubuntu – Which Process is Using a port? 1- Find what application/process is using the pro, type: sudo netstat -lpn |grep :8080 and press Enter. You will get an output similar to this one tcp6       0      0 :::8080                 :::*                    LISTEN      6782/java 2- I have got the process Id, which is 6782, now this is the […]

Heart Bleed – Exploit Example Code

Heart Bleed – Exploit Example Code If you need to test your server for the vulnerability, here is a simple Python script… [python] #!/usr/bin/python import sys import struct import socket import time import select import re from optparse import OptionParser options = OptionParser(usage=’%prog server [options]’, description=’Test for SSL heartbeat vulnerability (CVE-2014-0160)’) options.add_option(‘-p’, ‘–port’, type=’int’, default=443, […]

SFTP Only for a user – Debian

SFTP Only for a user – Debian Add the user info the sshd_config file in /etc/ssh/sshd_config Ensure the line is uncommented; Subsystem sftp /usr/lib/openssh/sftp-server Match User userbob ForceCommand internal-sftp ChrootDirectory /home/userbob X11Forwarding no AllowTcpForwarding no   Ensure the home directory is not group writeable. It should be 755. /etc/init.d/ssh restart service ssh restart Test the […]