Security Dangers of Web Management Interfaces | Web management interfaces are an often neglected area in regards to security. Here is a good write up demonstrating how easy it is to find vulnerable web management logins for hacking as well as some best practices: Security Dangers of Web Management Interfaces If you find this topic interesting, you may also be interested in
Vanguard Web App Scanner – Detect XSS and SQL Injection
Vanguard Web App Scanner – Detect XSS and SQL Injection | Vanguard is a web app vulnerability scanner that checks your website for SQL injection and XSS. Vanguard is entirely in perl, so it is easy to modify for your needs. Vanguard works by first doing a port scan with nmap to determine if the host has available HTTP ports, next crawls the entire site, and
How to Check Mail Server for SMTP Over TLS
How to Check Mail Server for SMTP Over TLS | Q. How can I check a server for SMTP over TLS? It is possible to have an SMTP connection use TLS from the sending server to the receiving server to add a pinch of security. Many banks and other security-minded corporations require this to send and receive email. To check the TLS capability of an
Troubleshooting SSH Server Logs and Error Messages
Troubleshooting SSH Server Logs and Error Messages | ssh logs can have various messages that are all difficult to interpret as the exact meaning is all based on the situation or circumstance. Below are some general tips to keep in mind if you run across any of these messages in your logs! Example 1 If you see this, someone is trying random logins
nessus localhost port
nessus localhost port | Q. What is the default port for Nessus? A. https://localhost:8834
Open Source Auditing Tools
Open Source Auditing Tools | Here are various open source tools that are useful for security auditing! If you are a consultant, or an admin that just likes to be on top of his game, these are free open source tools that help audit the security level of workstations and servers in your environment. Note: These are by nature Linux-friendly
How to Read a Packet Capture .cap File from Command Line
How to Read a Packet Capture .cap File from Command Line | There are a couple of ways to read a packet capture .cap file from the command line. I’ll show you how! tcpdump The tack r filename option for tcpdump will display a capture file onto the screen. Pipe it to less to get something to scroll. $ tcpdump -r mycapturefile.cap | less $ tcpdump -r
This account is currently not available
This account is currently not available | This account is currently not available If you get this message attempting to ssh in or su’ing as another user, there is no valid shell set for this user. You can quickly inspect this by looking at the /etc/passwd file. Check for an entry that has something like ‘/bin/false’ or ‘/bin/nologin’ for the shell: userdude:x:111:113::/home/userdude:/bin/false
Which Linux to Use
Which Linux to Use | A common question I hear is ‘Why are there so many different versions of Linux?‘ Especially when there is simply ‘Windows’, or ‘OS X’, it seems logical that there could be a single ‘Linux’, but for various reasons that is not the case. Linux is a multi-purpose operating system used for everything from powering
How to Kill Zombie Processes
How to Kill Zombie Processes | Killing zombie processes in Linux or Unix cannot be done, as they are already dead. Often the only solution is to restart your machine. However, it is sometimes possible to kill or restart the parent process which will then often clear out zombie child processes. To show parent/child process hierarchy, use the following command: $
