Tuesday, November 22, 2016

Secure Apache from Clickjacking

open Terminal
use below command

curl -I http://localhost/ or http://serverIP/

check, is it showing any lines with X-Frame options or not if not follow the steps below

Open httpd.conf and append one line at the bottom of the file.

Header always append X-Frame-Options SAMEORIGIN
             
or you can append the below line

Header always append X-Frame-Options DENY

now save and close the file

To verify the syntax error run the below command

httpd -t it will show SYNTAX OK

now restart the service of apache/httpd

Wednesday, November 2, 2016

Install CSF (firewall) on any Linux




below are the steps to install the firewall named ConfigServer Security & Firewall which can be installed on any flavor of Linux. I have installed it on CentOS 7.

cd /usr/local/src

rm -fv csf.tgz

Download the package using
wget https://download.configserver.com/csf.tgz

extract it
tar -xzf csf.tgz

change directory
cd csf

install it
sh install.sh

To test if CSF will work in the server can be found by running,
perl /usr/local/csf/bin/csftest.pl

befor executing above command please check once is your system having perl installed or not
using command : perl -v

if not installed install it using below command
yum install perl

Now, open
vi /etc/csf/csf.conf

Edit the Testing Flag
TESTING = "0"

now run below command to start csf
csf -r
/etc/init.d/csf restart   or
systemctl restart csf


some basic command which can be useful

to block IP with CSF
csf -d (Ip Address)

to allow IP with CSF
csf -a (Ip Address)

unblock an IP with CSF
csf -dr (Ip Address)

unblock temporarily blocked IP
csf -tr (Ip Address)

csf -s – Start firewall rules

csf -f – Flush/stop firewall rules

csf -r – Restart firewall rules

csf -x – Disable CSF

csf -e – Enable CSF

csf -c – Check for updates

csf -h – Show help screen

Tuesday, September 27, 2016

Increase Swap Size in Linux

The free -m command shows that the swap memory in your current server.

We can increase 4GB of swap size now.

Create Swap file using below command

touch /swapfile

Use the following command to create 4GB of swap file.

# dd if=/dev/zero of=/swapfile bs=1M count=4096
# mkswap /swapfile

Now the swap file is created.

activate /swapfile file swap space now.
# swapon /swapfile

Add entry on /etc/fstab file to activate after Linux system reboot.

# vi /etc/fstab
/swapfile swap    swap    defaults        0 0

save and close the file.

Now check your swap space now.

# free -m

In order to delete swap.

Run “swapoff /swapfile” command
Remove the entry from /etc/fstab file
Remove /swapfile  file (using rm command)
 

Monday, September 19, 2016

FASTNETMON DDOS ANALYZER TOOL

Install FastNetMon Tool on CentOS 6,7 and Debian 6,7,8 and Ubuntu,Fedora and Gentoo
FastNetMon Tool is DDoS monitoring tool. You can Download & Install using below steps :
(1) cd /tmp
(2) mkdir fastnetmon
(3) cd fastnetmon
(4)wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/fastnetmon_install.pl -Ofastnetmon_install.pl
(5) intall it using command : perl fastnetmon_install.pl
If you are trying using other user than root try to install using :
sudo perl fastnetmon_install.pl

while installing it will track information about the computer/server where you are installing are like cpu,distro,os type. if you dont want to share those information try install it with below command :
perl fastnetmon_install.pl –do-not-track-me
or
sudo perl fastnetmon_install.pl –do-not-track-me

as installtion completes follow below steps

(1) wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/notify_about_attack.sh -O/usr/local/bin/notify_about_attack.sh
(2) chmod 755 /usr/local/bin/notify_about_attack.sh
open above file in editor and add the mail id where you want to get mails for attack notifications.
(3) vi /usr/local/bin/notify_about_attack.sh
add mail id at “email_notify”
(4) run the service of fastnetmon using command : systemctl start fastnetmon.service

To enable fastnetmon on server startup use below
/opt/fastnetmon/fastnetmon –daemonize

Note : If something goes wrong, please check logs: tail -f /var/log/fastnetmon.log