07 Jul 10 Hardening your server
Hardening your server is perhaps the best way to prevent, or at least reduce, attacks on your server. What follows is a basic overview of what you should do to harden your server. If you are not completely comfortable doing this, you should retain the services of someone who is, to avoid data loss.
The key service you want to secure is SSH, as that is perhaps the most vulnerable. If someone should have access through this protocol, they would have complete power over your server, and all the sites on it.
(more…)
Tags: server hardening, ssh, website security consultant
25 Dec 09 SSHing from a compromised machine
Often, when working with compromised machines, as a security consultant, I find a malicious SSH binary. The malicious SSH binary generally logs all usernames, passwords and hosts connected to from the compromised machine, and usually in /tmp/. The attacker can then log back into the machine and collect this file at a later date.
(more…)
Tags: attacker, binary, hacker, libc, malicious, md5, Security Consultant, ssh
17 Mar 09 Copy files securely from host to host with SCP
SCP is a really handy utility for copying files to or from your machine to another host over SSH.
Usage:
scp /tmp/myfile user@otherhost:/tmp/
Will send /tmp/myfile over to /tmp/ on otherhost
scp user@otherhost:/etc/passwd ~/
Will copy /etc/passwd from otherhost to my home directory (~/)
Like everything in Linux, it’s that easy 
As SCP uses SSH as it’s transport, key authentication will allow a passwordless login.
Tags: key authentication, scp, ssh
24 Oct 08 rsync over SSH, SSH key login, public keys, automated backups
This tutorial will cover how to set up a simple backup job between two machines using rsync and ssh. You will need HOST A and HOST B, whereby HOST B is your target backup service.
On HOST B:
mv ~/.ssh/id_rsa ~/.ssh/identity
cat ~/.ssh/id_rsa.pub
Tags: archive, automated backup, automatic backup, backup, public key, rsync, ssh, ssh key, ssh public key
26 May 08 Split access SSH problems
So far everything works flawlessly, all applications, protocols and service with the split access setup, but I have a strange bug with SSH, and it only affects SSH clients built on openssl, such as dropbear and openssh. After authentication, it just hangs, and running in verbose mode shows that it seems to fail upon attempting to resize the tcp window. Only fails occasionally, when it receives no acknowledgement from the server.
After much digging, I only had minimal success getting to the bottom of the issue, but the following hack fixed the issue:
(more…)
Tags: cached routes, dropbear, iproute2, iptables, openssh, openssl, routes, split access, ssh, tcp window
|
I'm Adam Palmer, and I'm a PHP Programmer, Web Security Consultant, and Linux Consultant.
I run 'APNIC Solutions Ltd' and spend most of my time consulting, managing server clusters, and writing PHP, whilst what little spare time I have is dedicated to playing with gadgets.
|
