Category Archives: sysadmin

sysadmin

Security Dangers of Web Management Interfaces

Security Dangers of Web Management Interfaces | Web management interfaces are an often neglected area in regards to security. Here is a good write up demonstrating how easy it is to find vulnerable web management logins for hacking as well as some best practices: Security Dangers of Web Management Interfaces If you find this topic interesting, you may also be interested in

Vanguard Web App Scanner – Detect XSS and SQL Injection

Vanguard Web App Scanner – Detect XSS and SQL Injection | Vanguard is a web app vulnerability scanner that checks your website for SQL injection and XSS. Vanguard is entirely in perl, so it is easy to modify for your needs. Vanguard works by first doing a port scan with nmap to determine if the host has available HTTP ports, next crawls the entire site, and

How to Check Mail Server for SMTP Over TLS

How to Check Mail Server for SMTP Over TLS | Q. How can I check a server for SMTP over TLS? It is possible to have an SMTP connection use TLS from the sending server to the receiving server to add a pinch of security. Many banks and other security-minded corporations require this to send and receive email. To check the TLS capability of an

Troubleshooting SSH Server Logs and Error Messages

Troubleshooting SSH Server Logs and Error Messages | ssh logs can have various messages that are all difficult to interpret as the exact meaning is all based on the situation or circumstance. Below are some general tips to keep in mind if you run across any of these messages in your logs! Example 1 If you see this, someone is trying random logins

Open Source Auditing Tools

Open Source Auditing Tools | Here are various open source tools that are useful for security auditing! If you are a consultant, or an admin that just likes to be on top of his game, these are free open source tools that help audit the security level of workstations and servers in your environment. Note: These are by nature Linux-friendly

How to Read a Packet Capture .cap File from Command Line

How to Read a Packet Capture .cap File from Command Line | There are a couple of ways to read a packet capture .cap file from the command line. I’ll show you how! tcpdump The tack r filename option for tcpdump will display a capture file onto the screen. Pipe it to less to get something to scroll. $ tcpdump -r mycapturefile.cap | less $ tcpdump -r

Which Linux to Use

Which Linux to Use | A common question I hear is ‘Why are there so many different versions of Linux?‘ Especially when there is simply ‘Windows’, or ‘OS X’, it seems logical that there could be a single ‘Linux’, but for various reasons that is not the case. Linux is a multi-purpose operating system used for everything from powering