<!– /* Font Definitions */ @font-face {font-family:”Cambria Math”; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:1; mso-generic-font-family:roman; mso-font-format:other; mso-font-pitch:variable; mso-font-signature:0 0 0 0 0 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-1610611985 1073750139 0 0 159 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:”"; margin-top:0in; margin-right:0in; margin-bottom:10.0pt; margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:”Calibri”,”sans-serif”; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:”Times New Roman”; mso-bidi-theme-font:minor-bidi;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:”Times New Roman”; mso-bidi-theme-font:minor-bidi;} .MsoPapDefault {mso-style-type:export-only; margin-bottom:10.0pt; line-height:115%;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} –>

To improve the security of a Linux server, especially a web server, which is exposed to the Internet and possible worldwide hackers, it’s best to enable the server to automatically send a notification email to predefined email address anytime someone logs in as root to the host. To configure the automatic email alert notification to a default email address on each incident of root log on on the server, use the following guide.

1. Login to the server via SSH using as root ID.
2. Ensure that you’re at home directory of root. Then open up the .bash_profile for editing using pico or vi by typing one of the following commands at command shell line:

Using Pico#  pico .bash_profile
Using Nano#  nano .bash_profile
Using Vi#    vi .bash_profile

3. Scroll down to the end of the file and add the following line:

“echo ‘ALERT - echo ‘ALERT - Root Shell Access (YourserverName) :’ `date` `who` | mail -s “Alert: Root Access from `who | cut -d”(” -f2 | cut -d”)” -f1`” user@example.com” (Without the quotes)

4. Replace user@email.com with the actual email account address that you want to the root access alert notification been sent to. Note that you can change the text contains in the email alert  too. You will want to change the (YourserverName) to your actual server name or hostname.

Now logout and login again as root, you should receive an email alert at your inbox. This works on most popular flavor of Linux such as RedHat, CentOS, Ubuntu, FreeBSD , etc.

none

What is BFD (Brute Force Detection)?

BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans. BFD is available at: http://www.rfxnetworks.com/bfd.php

This guide will show you how to install and configure BFD to protect your system from brute force hack attempts.

Requirements:
- You MUST have APF Firewall Installed before installing BFD - it works with APF and requires some APF files to operate.
- Root SSH access to your server

Lets begin!
Login to your server through SSH and su to the root user.

1. cd /root/downloads or another temporary folder where you store your files.

2. wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

3. tar -xvzf bfd-current.tar.gz

4. cd bfd-0.2

5. Run the install file: ./install.sh
You will receive a message saying it has been installed

.: BFD installed
Install path: /usr/local/bfd
Config path: /usr/local/bfd/conf.bfd
Executable path: /usr/local/sbin/bfd

6. Lets edit the configuration file: pico /usr/local/bfd/conf.bfd

7. Enable brute force hack attempt alerts:
Find: ALERT_USR=”0″ CHANGE TO: ALERT_USR=”1″

Find: EMAIL_USR=”root” CHANGE TO: EMAIL_USR=”your@yourdomain.com”

Save the changes: Ctrl+X then Y

8. Prevent locking yourself out!
pico -w /usr/local/bfd/ignore.hosts and add your own trusted IPs
Eg: 192.168.1.1

Save the changes: Ctrl+X then Y

BFD uses APF’ cli insert feature
and as such will override any allow_hosts.rules entries users have in-place.
So be sure to add your trusted ip addresses to the ignore file to prevent
locking yourself out.

9. Run the program!
/usr/local/sbin/bfd -s

none

Avg, in my mind, is perhaps of the the best Antivirus software packages currently available for the windows platform. On top of that, AVG also offers a free edition of their Antivirus suite, although some features are not present (of course, it’s a free version).

That’s it, not to bad for an Antivirus solution that works. You can download the software and get more information regarding this by going to the AVG’s website - Here!

none

F-Secure Online Virus Scanner (version 3.3) is a free service. Use it to find out if your computer is infected, and disinfect your computer if needed. The product will automatically download the necessary components and virus definition databases as it is started. Useful for finding spyware, malware rootkits, and viruses.

none

Most commented