On Thursday I released an article detailing how to get Proxmox setup and also how to configure networking with IPv6. However that article got long and I just said I would address the firewall in the future. Well, that’s today because I need to get the configuration stuff written down before I forget. In addition to the firewall there are some other security house keeping items for a new proxmox install, that includes disabling the root account and using sudo and changing the default SSH port. So let’s go.
The base OS under Proxmox is Debian. Debian is great and it is lighter-weight than Ubuntu so I am all for using it.
If you are already somewhat comfortable with Proxmox and Debian configuration and just prefer I get to the point then (more…)
One of the things I wanted to get from my OpenVPN Access Server was a usage report that would be emailed to me regularly. OpenVPN Access Server writes such logs to a file in /var/log on Ubuntu and Debian based systems. However it also writes a lot of other things. So I first started by examining the log. The key information I wanted was:
Date and Time of Successful Connections
In my setup, OpenVPN connected users are put into a unique IP subnet and assigned an address by a DHCP server that is part of Access Server. All very easy to setup. In digging through the logs I found entries that are made whenever an IP address is assigned to a newly connected user.
An entry looked something like this: (more…)
You have two servers that both run linux. An origin server and a target server. You want to open up an SSH connection as the root user from the origin server to the root user account on the target server. Furthermore, you do not want to be prompted for a password but you still want it to be relatively secure.
Source: 14 Best Open Source Web Application Vulnerability Scanners – InfoSec Resources
Regular vulnerability scanning and remediation is a key part of strong security in your enterprise. Particularly scanning publicly available services like Websites and Applications. Thankfully it doesn’t have to be a horribly expensive affair! This is a handy list with some short write-ups on some of the most popular open source Web Application vulnerability scanners.