Asterisk systemd service startup output

How to install asterisk on RHEL 8 / CentOS 8 Linux

This article will describe how to install the open source communication software Asterisk on RHEL 8 / CentOS 8; due to the fact that Asterisk and other important dependencies are not available as RPM packages from the repositories, it is needed to compile them from sources.

In this tutorial you will learn:

  • Which are the pre-requisites to install Asterisk
  • How to compile Asterisk from sources
  • How to start Asterisk
  • How to reconfigure or remove Asterisk
  • How to access Asterisk command line interface

Read more

Allowing access from a certain network segment to sshd.

How to install and setup an example service with xinetd on RHEL 8 / CentOS 8 Linux

Xinetd, or the Extended Internet Services Daemon, is a so-called super-server. You can configure it to listen in the place of many services, and start the service that should handle an incoming request only when there it actually arrives to the system – thus saving resources. While this may not seem to be a big deal on a system where traffic is relatively permanent, this service in the front of another approach does have some neat advantages, like logging or access control.

In this article we will install xinetd on a RHEL 8 / CentOS 8, and we’ll put the sshd daemon under it’s care. After verifying the setup, we’ll tweak the configuration a bit to see the access control in action.

In this tutorial you will learn:

  • How to install xinetd
  • How to setup sshd on RHEL 8 / CentOS 8 as an xinetd service
  • How to allow access only from a specific network to the sshd service from xinetd
  • How to audit traffic from xinetd log entries

Read more

Wireshark dialog for creating a capture filter

Filtering Packets In Wireshark on Kali Linux

Introduction

Filtering allows you to focus on the exact sets of data that you are interested in reading. As you have seen, Wireshark collects everything by default. That can get in the way of the specific data that you are looking for. Wireshark provides two powerful filtering tools to make targeting the exact data you need simple and painless.

There are two way that Wireshark can filter packets. It can filter an only collect certain packets, or the packet results can be filtered after they are collected. Of course, these can be used in conjunction with one another, and their respective usefulness is dependent on which and how much data is being collected.

Read more

Introduction to Nmap on Kali Linux

Introduction

Nmap is a powerful tool for discovering information about machines on a network or the Internet. It allows you to probe a machine with packets to detect everything from running services and open ports to the operating system and software versions.

Like other security tools, Nmap should not be misused. Only scan networks and machines that you own or have permission to investigate. Probing other machines could be seen as an attack and be illegal.

That said, Nmap can go a long way in helping to secure your own network. It can also help you to ensure that your servers are properly configured and don’t have any open and unsecured ports. It will also report if your firewall is correctly filtering ports that should not be externally accessible.

Nmap is installed by default on Kali Linux, so you can just open it up and get started.

Read more

crunch kali brute force password attack

Creating Wordlists with Crunch on Kali Linux

crunch kali brute force password attack

Introduction

Wordlists are a key part of brute force password attacks. For those readers that aren’t familiar, a brute force password attack is an attack in which an attacker uses a script to repeatedly attempt to log into an account until they receive a positive result. Brute force attacks are fairly overt and can cause a properly configured server to lock out an attacker or their IP.

This is the point of testing the security of log in systems this way. Your server should ban attackers that attempt these attacks, and should report the increased traffic. On the user end, passwords should be more secure. It’s important to understand how the attack is carried out to create and enforce a strong password policy.

Kali Linux comes with a powerful tool for creating wordlists of any length. It’s a simple command line utility called Crunch. It has simple syntax and can easily be adjusted to suit your needs. Beware, though, these lists can be very large and can easily fill an entire hard drive.

Read more

Use Aircrack-ng To Test Your WiFi Password on Kali Linux

Objective

Test the security of your WiFi password by attacking it

Distributions

This will work with any Linux distribution, but it’s recommended that you use Kali.

Requirements

A working Linux distribution with a WiFi adapter and root privileges.

Difficulty

Easy

Conventions

  • # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
  • $ – requires given linux commands to be executed as a regular non-privileged user

Introduction

Most people have terrible passwords, and WiFi is no exception. Your WiFi password is your primary line of defense against unwanted access to your network. That access can result in a whole host of other nasty things because an attacker can monitor the traffic on your network and even gain direct access to your computers.

The best way to prevent such an intrusion is to use the same tools an attacker would to test the security of your WiFi password.

Read more

password attack hydra kali linux

SSH Password Testing With Hydra on Kali Linux

password attack hydra kali linux

Introduction

Hail Hydra! Okay, so we’re not talking about the Marvel villains here, but we are talking about a tool that can definitely do some damage. Hydra is a popular tool for launching brute force attacks on login credentials.

Hydra has options for attacking logins on a variety of different protocols, but in this instance, you will learn about testing the strength of your SSH passwords. SSH is present on any Linux or Unix server and is usually the primary way admins use to access and manage their systems. Sure, cPanel is a thing, but SSH is still there even when cPanel is being used.

This guide makes use of wordlists to provide Hydra with passwords to test. If you aren’t familiar with wordlists yet, go check out our Crunch guide.

Warning: Hydra is a tool for attacking. Only use it on your own systems and networks unless you have the written permission of the owner. Otherwise, it is illegal.

Read more