NetTipsDB

The main tips to remain protected is to make sure all software you have are updated and always keep to the latest version. This is the main issue, patch management. It becomes a global problem for any IT department or organization, to maintain this versions to the latest. For home user, you will find this [...]

I found this cool plugin for cPanel, which will provide additional feature for cPanel, for you to monitor certain log files located in /var/log/. However, this is just a very simple tool to view latest enrty in the log file, and to rotate those files individually. Please refer to their official page at http://www.logview.org/. They [...]

Saher-team provided a good tips on how to alert you by email, on any occurrence of ssh login for certain user. It is simple, by utilizing .bashrc file which is there by default in bash environment. Edit the .bashrc file in the intended user’s home directory to be monitored. vim /root/.bashrc. And add the following [...]

I met a new friend today, ELS (Easy Linux Security), which will help you in securing your linux host installation in certain aspect. These are the list of features of ELS, how it can help you. (Retrieved from their original page, http://servermonkeys.com/els.php) Install RKHunter Install RKHunter Cronjob which emails a user-set email address nightly Install/update [...]

Have you ever encounter your site have been compromised, and you found some weird file being uploaded into your hosting account? Thats what the first thing the attacker would want to do on a web attack, to upload a webshell. Webshell is some kind of web-based backdoor, usually protected by a password, and allow the [...]

There’s a lot of attack going on on the web as we speak now. Without any invitation or any vulnerability exist on your web-apps, you will still see some attempt to hack into your site in apache log files. It doesn’t matter if you’re vulnerable or not, they will still come and try. Some of [...]

Server logs are very useful, only when you need it. And you never know when you might need them. You don’t want your application to white log file, and you’ll forgot about it until you run out of disk space. I’ve once encounter a log file thats 2GB in size. What you want to do [...]

I cannot deny that ProjectHoneypot is really cool. It will track automated web bots, collect all the data of the bot that it can, even any POST data that the bot will send in any forms. The project participation involve you to put links to a code, hosted on your site’s server. The link will [...]

I bump into a problem when I need to filter my application to be accessed from certain IP only. So, some googling around, i found s simple code to do this. $targetAddr = “192.168.1..*”; if (ereg($targetAddr, $_SERVER['REMOTE_ADDR'])) { echo “”; } else { die(“Sorry. Not allowed from your IP.”); } This simple script will allow [...]

I’ve googled around, and found a few articles that might help solving a few problem that you most probably encounter if you’re hosting your own server on the internet, that are DOS and brute force attack. In this particular example, we will use iptables, to block Denial-of-Service and brute force attack. IPtables have a special [...]