December 2024
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Categories

December 2024
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Snort Error Messages

Error Messge: testing snort configuration generate the following message: … ERROR: snort_stream5_tcp.c(906) Could not initialize tcp session memory pool. Fatal Error, Quitting.. Fix: Add more memory or try to reduce max_tcp connections in snort configuration file vi /usr/local/snort/etc/snort.conf preprocessor stream5_global: track_tcp yes, \ track_udp yes, \ track_icmp no, \ max_tcp 162144, \ max_udp 131072, […]

Configure Snort automatic rules updating with PulledPork

OS: CentOS-6.2 i386, Ubuntu 12.04 x86_64 LTS, Ubuntu 10.04 x86_64 LTS, Ubuntu 11.10 i386 Snort Version: 2.9.2.2 IPv6 GRE (Build 121) Hardware: VirtualBox 4.1.12

About

PulledPork is an opensource perl script that can automatically update Snort rules.

Prerequisite Snort installation Install perl modules On CentOS yum install perl-libwww-perl perl-Crypt-SSLeay perl-libwww-perl perl-Archive-Tar -y […]

Snort Installation on CentOS 6.2

Tested On

OS: CentOS 6.2 i386, CentOS x86_64, CentOS 5.7, Ubuntu 10.04 TLS Snort Version: Version 2.9.2.3 IPv6 GRE (Build 205) Hardware: Virtual Machine (VirtualBox 4.1.8)

About

Snort is Network Intrusion Detection System (NIDS). Snort can sniff your network and alert you based on his rule DB if there is an attack […]

OpenVAS 5 Installation on CentOS 6.2

OpenVAS 5 Installation on CentOS 6.2

Install Centos 6.2 Minimal

OS: CentOS 6.2 32bitHardware: Virtual Machine (VirtualBox 4.1.14)OpenVAS: 5

About

OpenVAS is an opensource vulnerability network scanner. OpenVAS let you scan your network for vulnerabilities and create a report on your network status.

Prerequisite

Disable SELINUX

vi /etc/selinux/config

…SELINUX=disabled…

Disable the firewall

Install […]

Linux Hardening Script

#Please check a script regarding Linux Hardening, it may help you to configure your system

####################################################### #!/bin/bash

#####LInux Hardening Script#####

#######################################################

# #

# Files involved in this script are as follow: #

# /etc/ssh/ssh_config #

# /etc/init.d/functions #

# /boot/grub/grub.conf #

# /etc/vsftpd/ftpusers #

# /etc/securetty #

# /etc/issue #

# /etc/motd #

# […]

TCP FineTuning on Linux/RedHat-CentOS-Debian

Here are some, very handy and kewl TCP Fine tunings, i guess i put this together from a few things… and, i would suggest reading my iptables article on here about maybe fine tuning that for anti icmp etc to but, you CAN achieve the same things with tuning the stack! So, we can even […]

Securing /tmp Partition

If you are renting a server then chances are everything is lumped in / and a small amount partitioned for /boot and some for swap. With this current setup, you have no room for making more partitions unless you have a second hard-drive. Learn how to create a secure /tmp partition even while your server […]

E-mail Alert on Root SSH Login

E-mail Alert on Root SSH Login

Want to be notified instantly when someone logs into your server as root? No problem, check out this nice tutorial on email notification for root logins. Keeping track of who logs into your server and when is very important, especially when you’re dealing with the super user account. We […]

Log all activity

I log sshd session in a file called /var/log/sshd.log and here’s how I do it: 1. touch /var/log/sshd.log

2. edit your /etc/syslog.conf and add the lines !sshd *.* /var/log/sshd.log

3. killall -HUP syslogd

The sshd will now log stuff into /var/log/sshd.log. Edit your /etc/ssh/sshd_config file to determine what gets logged. By default, the following […]

Hardening Linux Web Servers

Security is a process, not a result. It is a process which is difficult to adopt under normal conditions; the problem is compounded when it spans several job descriptions. All the system level security in the world is rendered useless by insecure web-applications. The converse is also true—programming best practices, such as always verifying user […]