For abuse issues that involve your server host sending emails with complaints that your server is conducting network scanning. What is Network Scanning? Network scanning is a process of identifying active hosts on a network, either for the purpose of attacking them or for network security assessment. It laymans terms, if your hosting provider has ..
How to start protecting your Joomla Site Always keep Joomla core up-to date Always make sure you run the latest patched versions of extensions Make sure you choose strong passwords for all logins Check your own website for vulnerabilities Always check the webserver’s log files for potential hack attempts Secure your server if you host your Joomla website on ..
Check the logs: # nano /var/log messages PAM-hulk: Brute force detection active: 580 LOGIN DENIED Check cphulkd.log at /usr/local/cpanel/logs # nano /usr/local/cpanel/logs/login_log 72.177.xxx.xx – root [11/04/2014:05:48:13 -0000] “POST /login/?login_only=1 HTTP/1.1” DEFERRED LOGIN whostmgrd: brute force attempt (user root) has locked out IP 72…
On Tuesday, October 14, 2014, iSIGHT Partners and Microsoft announced a Zero-Day vulnerability named “Sandworm” found in all versions of Microsoft Windows and Windows Server 2008 and 2012. The vulnerability has been exploited in a small number of cyberespionage attacks against NATO, energy companies, a US academic organization and many others. Microsoft has since created ..
Because fail2ban is not available from CentOS, we should start by downloading the EPEL repository: rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm Follow up by installing fail2ban: yum install fail2ban The default fail2ban configuration file is location at /etc/fail2ban/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of ..
Whitelisting is setup in the jail.conf file using a space separated list. [DEFAULT] # “ignoreip” can be an IP address, a CIDR mask or a DNS host. Fail2ban will not # ban a host which matches an address in this list. Several addresses can be # defined using space separator. ignoreip = 127.0.0.1 192.168.1.0/24 126.96.36.199 ..
Intrusion Detection Systems – this can be gaied by a Cisco or othe..
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store ortransmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID (MID). General requirements for compliance Firewall Intrusion Drevention Systems Intrusion Prevention Systems Dedicated IP addresses PCI ..
According to The Register, a serious vulnerability in SSL v3 will be disclosed tomorrow on October 15th. Some people are recommending disabling SSL v3 in various daemons until further notice. A vulnerability in the design of SSL version 3.0. This vulnerability allows the plaintext of secure connections to be calculated by a network attacker. SSL ..
Products Affected: Product/Channel Fixed in package Remediation details Red Hat Enterprise Linux 7 bash-4.2.45-5.el7_0.2 Red Hat Enterprise Linux Red Hat Enterprise Linux 6 bash-4.1.2-15.el6_5.1 Red Hat Enterprise Linux bash-4.1.2-15.el6_5.1.sjis.1 Red Hat Enterprise Linux bash-4.1.2-9.el6_2.1 Red Hat Enterprise Linux 6.2 AUS bash-4.1.2-15.el6_4.1 Red Hat Enterprise Linux 6.4 EUS Red Hat Enterprise Linux 5 bash-3.2-33.el5.1 Red Hat ..