Linux Security: Working with OpenSSL and httpd

Install 'mod_ssl' on the host 'webserver' sudo yum install mod_ssl Generate and sign the private key for 'shop.example.com' using 'openssl' openssl genrsa -aes128 -out /etc/pki/tls/private/httpdkey.pem # You will get a prompt for a password openssl req -new -x509 -key /etc/pki/tls/private/httpdkey.pem -out /etc/pki/tls/certs/httpdcert.pem -days 365 # You will get a prompt for a password Update the... Continue Reading →

Linux Security: Disk Encryption with eCryptfs

Install eCryptfs on the Provided System sudo apt-get install ecryptfs-utils Configure '/opt/protected' as an Encrypted Mount sudo mount -t ecryptfs /opt/protected /opt/protected # Use "supersecret1" as passphrase # Accept defaults fot all prompts Copy the Contents of '/etc/profile.d' sudo cp /etc/profile.d/* /opt/protected/ Re-encrypt '/opt/profile.d/* /opt/protected/ umount /opt/protected Full Video https://youtu.be/mdKwudK0Dfg

What are the several indicators of compromise(IOC) that organizations should monitor?

Unusual Outbound Network TrafficHTML Response SizesGeographical IrregularitiesIncreases in Database Read VolumeLog-In Red FlagsUnexpected Patching of SystemsLarge Numbers of Requests for the Same FileWeb Traffic with Unhuman BehaviorSuspicious Registry or System File ChangesUnusual DNS RequestsMobile Device Profile ChangesBundles of Data in the Wrong PlaceMismatched Port-Application TrafficSigns of DDoS ActivityAnomalies in Privileged User Account Activity

What is the difference between IDS and IPS?

IDS is Intrusion Detection System and it only detects intrusions and the administrator has to take care of preventing the intrusion. IPS is Intrusion Prevention System, the system detects the intrusion and also takes actions to prevent the intrusion.

What is the difference between Symmetric and Asymmetric encryption?

Basis of ComparisonSymmetric EncryptionAsymmetric EncryptionEncryption keySame key for encryption & decryptionDifferent keys for encryption & decryptionPerformanceEncryption is fast but more vulnerableEncryption is slow due to high computationAlgorithmsDES, 3DES, AES and RC4Diffie-Hellman, RSAPurposeUsed for bulk data transmissionOften used for securely exchanging secret keys

What is a three-way handshake process?

It’s called three-way handshake because three segments are exchanged between the server and the client. SYN : The client wants to establish a connection with the server, and sends a segment with SYN(Synchronize Sequence Number) to the server if the server is up and has open ports.SYN + ACK : The server responds to the... Continue Reading →

A WordPress.com Website.

Up ↑