PermitRootLogin yes IS the default value
Today I found out that my box at work was used for some IRC botnet. According to the logs, root’s password was bruteforced. But, i thought, hey, I am quite sure root is UNABLE to login via ssh (after...
View ArticleSSH attack passwords
I am running a few Ubuntu installations connected to the Internet. As you may know, once machine is connected to the Internet, it is subject to various hacking attempts, both automatic and manual.The...
View ArticleTesting Libvirt Over TLS
libvirt is a technology by RedHat that implements a single interface for different types of virtualization methods. Personally I am using it for kvm/qemu and LXC but the list on their website is much...
View ArticleSecuring wordpress admin with SSL – The hard way
I have since moved away from WordPress back to a static generator, so everything below can be considered an outdated information.Having performed initial migration from Octopress to a hosted WordPress...
View ArticleWhen localhost is not
/etc/hosts is a file where these entries should never be touched: 127.0.0.1 localhost ::1 ip6-localhost ip6-loopback However, during my last trip to my VPS to fix my mail system after opendkim update...
View ArticlePoor man's Linux bridge port security
Bridge is a L2 device that brings two Ethernet segments together. A segment is a collision domain. Since we all use switches now, collision domains are restricted to single ports, so a segment in our...
View ArticleOpenAM creates OpenDJ accounts you don't know about
OpenAM 12.0.1 was recently released (for subscribers only), which fixes this issue. See Issue #201505-05.TL;DR: If you configure OpenDJ using OpenAM configurator (both on the web or configurator tool),...
View Article
More Pages to Explore .....