The Customize Windows

Technology Journal

The Customize Windows > security

By Updated on

Let’s Encrypt Effect : Huge Slash of Price of SSL/TLS DV and EV Certificates

It Was Probably Obvious When Let’s Encrypt Project Was Launched. In Reseller Market, There is Huge Slash of Price of SSL/TLS DV and EV Certificates, Which is Up to 70% of Official Price. Official Pricing However, Mostly Unchanged. Additionally, there has been services to deliver DV and EV certificates in Monthly plan like Software-as-a-Service. If you have 4+ old Geo Trust like SSL/TLS certificate … [Read more...]

By Updated on

Mirai Botnet : A Risk of Servers to IoT Devices

More and More Information Coming Out About Mirai Botnet. Mirai Botnet Was Risk of Servers and Also IoT Devices Including Some Consumer Grade Products. On October 21st 2016, Dyn was hit by a DDoS attack that created serious problems : the collapse of Dyn made unreachable for many hours the portals of the most notes from Silicon Valley (and more), from Amazon to Airbnb, PayPal, Twitter, Facebook … [Read more...]

By Updated on

How To Install Metasploit on Ubuntu 16.04 LTS To Test Security

White hat or Black hat, hacking demands good grasp of all sysadmin works. The usage style we show on this website are intended for testing security of own servers - that is white hat way. We have a list of essential security tools for GNU/Linux servers. Metasploit framework needs Ruby, Postgre SQL, Java etc. Here is how to install Metasploit on Ubuntu 16.04 LTS to test security of servers. Off … [Read more...]

By Updated on

How To Install, Configure & Run Malware Detect (maldet) On Linux Server

Previously, we talked about a bunch of anti malware for GNU/Linux servers. That list essentially was for the purpose of our future guides around those softwares. Here is a step by step complete guide on how to install, configure & run malware detect (maldet) on linux server with Ubuntu server commands as example. Reader needs not much experience to get used and work. Again - Linux Malware … [Read more...]

By Updated on

List Of Anti Malware For GNU/Linux Server

We noticed that we need to deliver guides around some known things which are possibly not known to the new users. Somehow, many we missed to talk about them since the year 2010. Anti Malware is not fully correct phrase for Linux but the meaning is obvious. Here is a usable list of Anti malware for GNU/Linux server. Malware are programs which aims to disrupt the normal operation of a server. … [Read more...]

By Updated on

Wannacrypt Ransomware : Security Alert

Once again we should give thanks to Edward Snowden. WannaCry ransomware is a global attack. Wannacrypt encrypts whatever files it can find. After infecting, Wannacry ransomware possibly will display a screen on the infected system asking for $300 to $600 worth of Bitcoins to decrypt. Wannacrypt ransomware originated from NSA and now waiving the flag of Governmental democratic nuisance. It is not … [Read more...]

By Updated on

New Security Header : Expect CT Header Nginx Directive

At least Chrome going to require all certificates issued in October 2017 and onward will have to be logged in Certificate Transparency logs. That Certificate Transparency is via expect CT Header declaration. This guide shows deployment of Expect CT Header as Nginx directive. As we are not machines, we will talk a little bit on Certificate Transparency.   Where From This Expect CT … [Read more...]

By Updated on

HTTPS Everywhere Atlas Vs HSTS Preload List

SSL rather TLS has been available to all after Let's Encrypt (project is certbot now) project became usable. In This Article We Have Explained Real Life Matters Around HTTPS Everywhere Atlas Vs HSTS Preload List For the WebMasters and Developers. We talked around Nginx configuration for HSTS, but with time things need update.   HTTPS Everywhere Atlas Vs HSTS Preload List in … [Read more...]

By Updated on

What is CAA DNS Record And How to Add?

A decision of CA/Browser Forum taken in March 2017 by vote to make CAA mandatory which be in action by September 2017. Here is our guide around CAA DNS Record and how to add CAA DNS Record. Previously we discussed about DNS-based Authentication of Named Entities – DANE and how to add DANE. CAA stands for Certification Authority Authorization.   What is CAA DNS Record?   In this … [Read more...]

By Updated on

Secure Hash Algorithm 1 (SHA-1) Circumvented by Google

Around 2 years back we talk about how to upgrade to SHA-256 and ECC SSL (ECDSA) certificate for the TLS/SSL certificate users. Secure Hash Algorithm 1 is a Cryptographic hashing function. Secure Hash Algorithm 1 (SHA-1) is Circumvented by Google Research For Testing Vulnerability. Some researchers theorised vulnerabilities of SHA-1 from 2005 and now have been exploited for the first time with an … [Read more...]