NIDS – Network Intrusion Detection System
A NIDS is a Network Intrusion Detection System, a system to detect intrusions from the network and take counter-measures ranging from (temporarily) blacklisting to logging through responding with...
View ArticleWhy using root on UNIX/Linux is bad ?
A lot of people use the root account to do anything they need, just because it is easier… This is a really bad idea, as that user can do anything to the system. Not only can he access/delete/modify any...
View ArticleIDS – Intrusion Detection Systems
An IDS is a system to track any changes not planned to a system. It is often used on sensitive machines where any unauthorized access is purely prohibited but can also act as a fool-proof system, more...
View ArticleNetfilter – iptables on Debian
To create and save iptables rules the default Debian way, this is the way to go: create your rules using the CLI [1] iptables save them on the active rule by issuing a /etc/init.d/iptables save active...
View ArticleWhy adding . to the PATH on UNIX is BAD ?
This article was first written in December 2003 for the BeezNest technical website (http://glasnost.beeznest.org/articles/96) Some UNIX administrators find it handy to add «.» in the PATH (and some...
View ArticleSecurity flaw in Dokeos – tablesort library
A hacker found a new security flaw affecting all versions of Dokeos. Please apply the patch referred to in the following link as soon as possible: http://www.dokeos.com/wiki/index.php/SecurityPosted in...
View Articlem0n0wall
m0n0wall (http://m0n0.ch) est un dérivé embarqué de FreeBSD spécialisé en pare-feu (firewall). Le but premier du projet était de générer un firewall très réduit en taille (pour pouvoir facilement le...
View Article20 most common passwords
I wouldn’t want this post to disappear, so just to make sure that the information is better spread on what passwords *not to use*, here is the list: 1. 123456 2. 12345 3. 123456789 4. Password 5....
View ArticleNginx Anti-DOS filter for Fail2Ban
We are currently trying out this Fail2Ban rule on one of our server, to block simple (but very upsetting) DOS attacks on Nginx automatically (after 30 seconds). New filter in...
View ArticleBeezNest fixes new Chamilo security flaws in 48h
Secunia gave the Chamilo Security team full details of three security flaws detected in version 1.9.4 on Monday the 4th of March 2013. These flaws were detected by Fernando Muñoz, a regular contact for...
View ArticleLa seguridad de los LMS
La seguridad de los sistemas de gestión del aprendizaje (LMS) o de cursos virtuales, especialmente en el ámbito corporativo, es un tema crítico. De la misma manera que los documentos relativos a...
View Article