security

How to make the most of OpenSSH - Tips & Tricks

How to make the most of OpenSSH

by

OpenSSH is a network connectivity and remote login tool that securely encrypts all traffic, originally developed by OpenBSD developers for use in their operating system. Considering the OpenBSD developers’ primary focus on security, it is no surprise that OpenSSH quickly became the standard remote login implementation for all Linux and Unix operating systems. OpenSSH uses a client server model with the ssh command providing client functionality and sshd providing server functionality.

Read more

SSH login to RHEL 7 server without password

by

In order to login to RHEL7 Linux server we first need to exchange public keys between server and client machine. To do that we can use ssh-copy-id command. 

$ ssh-copy-id user@rhel-server
The authenticity of host 'rhel-server (rhel-server)' can't be established.
ECDSA key fingerprint is 21:4d:71:f6:ef:1f:c1:f7:a9:d9:81:4d:9d:34:4d:a9.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
user@rhel-server's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'user@rhel-server'"
and check to make sure that only the key(s) you wanted were added.

Read more

VeraCrypt on Kali Linux.

How to install VeraCrypt on Kali Linux

by

For years, TrueCrypt was the gold standard in encrypting drives across platforms. TrueCrypt is gone now, but VeraCrypt is carrying on its legacy. It looks and works a lot like TrueCrypt did, and it’s compatible with TrueCrypt partitions.

Even though VeraCrypt isn’t available in Kali’s repositories, but that doesn’t mean that it’s difficult to install. You can download the VeraCrypt installer right from the developers and use it to get set up on Kali.

In this tutorial you will learn:

  • How to Download and Unpack The Tarball.
  • How to Run the VeraCrypt Install Script.

Read more

burp web penetration testing guide

Learn Burp Suite on Kali Linux: Part 1

by

burp web penetration testing guideWhen it comes to testing the security of web applications, you’d have a hard time finding a set of tools better than Burp Suite from Portswigger web security. It allows you to intercept and monitor web traffic along with detailed information about the requests and responses to and from a server.

There are way too many features in Burp Suite to cover in just one guide, so this one will be broken down into four parts. This first part will cover setting up Burp Suite and using it as a proxy for Firefox. The second one will cover how to gather information and use the Burp Suite proxy. The third part goes into a realistic testing scenario using information gathered through the Burp Suite proxy. The fourth guide will cover many of the other features that Burp Suite has to offer.

Read more

Install Intel wireless firmware on Debian 7 wheezy

by

If you have not installed wireless firmware to support your wireless network card during Debian wheezy installation you can do so later by enabling debian’s non-free repository. Here is how you do it. First open your /etc/apt/sources.list file and change line ( your repository mirror may be different ):

from:

deb http://http.debian.net/debian/ wheezy main

to:

deb http://http.debian.net/debian/ wheezy main non-free

Once done update packages list with a command:

# apt-get update

Read more

How to monitor file integrity on Linux using Osquery

How to monitor file integrity on Linux using Osquery

by

The basic concept involved with the use of the osquery application is the “tabular abstraction” of many aspects of the operating system, such as processes, users, etc. The data is stored in tables which can be queried using SQL syntax, directly via the osqueryi shell, or via the osqueryd daemon.

In this tutorial we will see how to install the application, how to run basic queries, and how to use FIM (File Integrity Monitoring) as part of your Linux system administration job.

In this tutorial you will learn:

  • How to install osquery
  • How to list the available tables
  • How to perform queries from the osqueryi shell
  • How to use the osqueryd daemon to monitor file integrity

Read more

How to Open/Allow incoming firewall port on Ubuntu 18.04 Bionic Beaver Linux

by

Objective

The objective of this article is to serve as a quick reference guide on how to allow incoming traffic on any TCP or UDP port using Ubuntu 18.04 Bionic Beaver Linux with UFW firewall.

Operating System and Software Versions

  • Operating System: – Ubuntu 18.04 Bionic Beaver Linux

Requirements

Privileged access to your Ubuntu System as root or via sudo command is required.

Conventions

Read more