If you use a Webserver like Apache, you can use a small script to Analyse your Logs. Create a analyse-web.sh Script with: $sudo nano /home/user/analyse-web.sh insert: #!/bin/bash cat /var/log/apache2/access.log | awk '{ print $1 }' | sort | uniq -c exit 0 System Output: 1573 www.domain2.de 3568 www.domain3.de .. If you change the “$1” to other value like “$8” you will get the count of touched files or folders! This shows you attacks on single Files by abnormal high counts! You can use cron to run it every 15Minutes and send it to mailbox of a user. And this way […]
Tag: hardening
Password: Simple script generator on a linux console
If you need a password creator for your daily needs you can do this with a default tool called openssl / libressl and a small bash script: Howto: open a console open as user a editor like nano or vi with $nano pwcreate.sh insert this: #!/bin/sh /bin/bash -c "for i in {1..20}; do openssl rand -base64 32; done" exit 0 exit and save the script set it to runable with $chmod 755 pwcreate.sh test it.. with ./pwcreate.sh should echo like this: 6gUUuothdHwwaWHjA/UhyCiV3FWpPC1lBQTIY3IiQn8= ozqloLyWXQyBJlcVXPVLY2PBpRV04uVkWrP6c1epxCs= gjLE6MWeK+c6EBx1wV/uUxubtrLoeUpXb4GCIEQK3b8= X4RoYhASR6i4BfwDYoB2+/gNWY1P35MM6jJYaOEpV0M= dXoLBGrRC+oei6cm6N1bD8k/ntZi5grtKLEH6SytTXQ= 2DZ1yAi96xvGlHQLQoexUhPc2w1iIqoeVW8zHaMmsvU= Vmq4r5ZXC2EKu5Ze7SLBbKavpkLQC0RRrXEGlDmxfpY= FSXmp+cVKPvpq/JhyhuGHJ2ue3L6hLEcX6XfkUCrYqg= GvbWjPYvoOWJPOMOG6oihGFQv9wNgwZO2Go/ogJkmBM= z6P+VHsGBPKTpR6yzThKjyGVVwa/WWtuv/G/aO27bEM= qBozaA2PMMy+zhVrvUNVSbP2mg9KshsXYfTzuTvmlkI= ARYyGx2dE1yfPJydBlvaNXpKmRbZI7CHbcCPDHgTcNo= 7PrqMZqFJ7gqeGzWjdqFCdIHvnl3vgoYAxiL4wN2Jcw= q6Wwi1rG0j0WqXuUhdIpZ2C7BergeqSExDv87a/DIsw= d7R6nCuYo6lo+gFiwroaAeG5RxPxWrPDf8oJxv+toHU= 7EQZysp2leEqP6eDp8M6+DeT71gpyqYEiSzMvMLjMys= B7J3JdrDxFCW3rV09Ut+wLukVgSUk41SroBQTzrgirY= yXrgYLD2YK2DN+aZCF4N6WXO/IL5RC6JM2mxW3xAnbc= Wr/QF46wo5Dtobl5maojZc2jrF4bvO1sNWed8OpTsTc= […]
Security: Harden DSL Routers and Networks against attacks
Last days there was a high count of news about the Bot Attacks against T-Com Telekom Router devices. To understand the behavior about this up comming security problems you should know following points : Every network supported device can be a goal for a attack ( Routers, Modems, PC, Fridges,IP-TV, IP Switches, IP-Cams…) You have to update the OS for each device monthly, if not supported by the manufacter, then dont buy! Try to get Opensource Hardware with Opensource Software for full access (ssh / console) to have full control Reduce the count of devices who are connected direct to […]
Major Webserver Setup Rules: The “must” do!
If you want to setup a fresh secure Webserver then use this list dont ever upload data, files, images on the Webserver who are classified as “secret” setup daily full backup with Cron view daily the system logs, auth, www, errors … setup a local firewall with less opened ports 80,25 .. setup daily automatic updates by cron reduce the count of users who can login use no logical usernames force long passwords by rules min 15 digits setup a daily load monitor by “uptime” to log setup a realtime network monitor by “iftop” use “nmap” as local portscan to […]