Error Messge: testing snort configuration generate the following message: … ERROR: snort_stream5_tcp.c(906) Could not initialize tcp session memory pool. Fatal Error, Quitting.. Fix: Add more memory or try to reduce max_tcp connections in snort configuration file vi /usr/local/snort/etc/snort.conf preprocessor stream5_global: track_tcp yes, \ track_udp yes, \ track_icmp no, \ max_tcp 162144, \ max_udp 131072, […]
|
||||||
|
OS: CentOS-6.2 i386, Ubuntu 12.04 x86_64 LTS, Ubuntu 10.04 x86_64 LTS, Ubuntu 11.10 i386 Snort Version: 2.9.2.2 IPv6 GRE (Build 121) Hardware: VirtualBox 4.1.12 About PulledPork is an opensource perl script that can automatically update Snort rules. Prerequisite Snort installation Install perl modules On CentOS yum install perl-libwww-perl perl-Crypt-SSLeay perl-libwww-perl perl-Archive-Tar -y […] Tested On OS: CentOS 6.2 i386, CentOS x86_64, CentOS 5.7, Ubuntu 10.04 TLS Snort Version: Version 2.9.2.3 IPv6 GRE (Build 205) Hardware: Virtual Machine (VirtualBox 4.1.8) About Snort is Network Intrusion Detection System (NIDS). Snort can sniff your network and alert you based on his rule DB if there is an attack […] OpenVAS 5 Installation on CentOS 6.2 Install Centos 6.2 Minimal OS: CentOS 6.2 32bitHardware: Virtual Machine (VirtualBox 4.1.14)OpenVAS: 5 About OpenVAS is an opensource vulnerability network scanner. OpenVAS let you scan your network for vulnerabilities and create a report on your network status. Prerequisite Disable SELINUX vi /etc/selinux/config …SELINUX=disabled… Disable the firewall Install […] #Please check a script regarding Linux Hardening, it may help you to configure your system ####################################################### #!/bin/bash #####LInux Hardening Script##### ####################################################### # # # Files involved in this script are as follow: # # /etc/ssh/ssh_config # # /etc/init.d/functions # # /boot/grub/grub.conf # # /etc/vsftpd/ftpusers # # /etc/securetty # # /etc/issue # # /etc/motd # # […] Here are some, very handy and kewl TCP Fine tunings, i guess i put this together from a few things… and, i would suggest reading my iptables article on here about maybe fine tuning that for anti icmp etc to but, you CAN achieve the same things with tuning the stack! So, we can even […] If you are renting a server then chances are everything is lumped in / and a small amount partitioned for /boot and some for swap. With this current setup, you have no room for making more partitions unless you have a second hard-drive. Learn how to create a secure /tmp partition even while your server […] E-mail Alert on Root SSH Login Want to be notified instantly when someone logs into your server as root? No problem, check out this nice tutorial on email notification for root logins. Keeping track of who logs into your server and when is very important, especially when you’re dealing with the super user account. We […] I log sshd session in a file called /var/log/sshd.log and here’s how I do it: 1. touch /var/log/sshd.log 2. edit your /etc/syslog.conf and add the lines !sshd *.* /var/log/sshd.log 3. killall -HUP syslogd The sshd will now log stuff into /var/log/sshd.log. Edit your /etc/ssh/sshd_config file to determine what gets logged. By default, the following […] Security is a process, not a result. It is a process which is difficult to adopt under normal conditions; the problem is compounded when it spans several job descriptions. All the system level security in the world is rendered useless by insecure web-applications. The converse is also true—programming best practices, such as always verifying user […] |
||||||
|
Copyright © 2024 - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
Recent Comments