There are various intrusion prevention software available to prevent brute-force attacks. Here is How to Install, Configure PyFilter to Control Illegitimate SSH Login Attempts. PyFilter project is sponsored by Digital Ocean and developed by individual developer as Free Software under GNU GPL 3.0 License. PyFilter has own Github repo, own website. I guess a question will arise in mind - why not … [Read more...]
How to Decrease the Chance of Data Theft Via Indian Government
Indian Government can not recruit high end brains is a good point but there is no reason to feel that Indian Government employees are morons. Highly intelligent crook may fake as moron. Proof Does Not Exist By Certain IT Habits Decrease the Chance of Hacker Intrusion. Exactly Like the Era Before Edward Snowden in America, it is Not Possible To Proof That Your Data is Stolen. Here is How to … [Read more...]
EU Data Protection: New Rights and Obligations
At the end of May 2018, the new European Data Protection law will be fully effective. Consumers can look forward to more rights. Since 1990s, a lot has changed and these rules across Europe is about to see their biggest change. But companies are facing to impliment significant changes whch they need to react. Not only the big corporations, but also small companies and even blogger, private … [Read more...]
Optionsbleed (CVE-2017-9798) : Apache Web Server Memory Leak Bug
Possibly most of the users are already aware, yet we may have our readers who are yet not aware of Optionsbleed. Optionsbleed (CVE-2017-9798) is a minor bug of Apache Web Server which may reveal password like data. Users are advised to update to patch. The bug was identified by a freelance journalist H. Böck in 2014 but has only received importance these days and in a dedicated update it has been … [Read more...]
Can Cloud Check Ransomware Attacks?
The first two decades of the 21st century have witnessed cloud computing rapidly gaining a foothold. It has been the buzzword among the tech savvy, though not without reason. Of late, there is another term from the same industry that is hitting headlines — ransomware, like we previously we discussed about WannaCrypt ransomware. Though, cloud computing is intended to make one's life easy and IT … [Read more...]
Brute Force SSH Test Own Server With ncrack, hydra, medusa
If we use these purely hacking tools, we can really check how our servers appear to a black hat hacker. It is normal not to know how to use them by a relatively new sysadmin. These will give you idea why odd log entries appear too. Here is real life way to brute force SSH test own server with ncrack, hydra, medusa. These are no way closest to real black hat hackers work. They will have many … [Read more...]
Explained : This site works only in browsers with SNI support
If you have shared host or a cloud or virtual or dedicated server or service hosting multiple domains, it is normal to face the message - This site works only in browsers with SNI support. It's not an error, it's a warning message. It is a thing related to IPv4 and initial days with TLS. We are trying to explain the implication of the error message and in very short, for ordinary websites like a … [Read more...]
How To Use Nikto & WPScan WordPress Vulnerability Scanner
Previously, we talked about how to get started to use Nmap NSE scripts against own WordPress installation for checking vulnerability. There are other two important scanners, one is Nikto and the other is WPScan. WPScan is purely for WordPress whereas Nikto gives information. In this guide we will talk around how to use Nikto & WPScan WordPress vulnerability scanner. We are using Ubuntu server. … [Read more...]