Linux provides many tools that can arm a system administrator harden a system, making it less of a target. This section talks about tools and techniques that can be used to protect your systems, services and data.

Life With Systemd

Blocking SSH Brute Force Attempts

Linux shell access is a very popular target. SSH can provide egress into a system with a weak password. Once shell access is obtained, it is only a matter of finding some local system exploit to escalate privileges and own the system.

If you ever see these entries in your /var/log/auth or /var/log/secure depending on your Linux distribution the you are the victim of a SSH brute force attack.

IPTables Port Redirection

IPTables is a powerful tool that can be used for a variety of network based tasks. In this example, I will show you how you can redirect TCP traffic destined for host and port on one system to another host and port on a completely different system. You may be wondering about the utility of this feature and I am going to tell you that there is a lot. Let's say you have moved a web server to another host, but the current host remains in place. You want to send all the traffic from the old server to the new server.

Creating a Certificate of Authority and Signing Certificates with OpenSSL

OpenSSL is a suite of libraries and tools that supports Secure Socket Layer (SSL) and Transport Layer Security (TLS). This document describes how to use OpenSSL to create a self signed certificate using your own Certificate of Authority (CA). OpenSSL is

Search form