Posts Tagged ‘Security’

Users receive a “The page cannot be displayed” error message, and “Connections_refused” entries are logged in the Httperr.log file on a server that is running Windows Server 2003, Exchange 2003, and IIS 6.0

No Comments »

To work around this issue, add the EnableAggressiveMemoryUsage registry entry to the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters

Then, set the EnableAggressiveMemoryUsage registry entry to 1.

To do this, follow these steps:

  1. Click Start, click Run, type regedit in the Open box, and then click OK.
  2. Click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
  3. On the Edit menu, point to New, and then click DWORD Value.
  4. Type EnableAggressiveMemoryUsage, and then press ENTER.
  5. On the Edit menu, click Modify.
  6. In the Value data box, type 1, and then click OK.
  7. On the File menu, click Exit to exit Registry Editor.
  8. Restart the HTTP service. To do this, follow these steps:
    1. Click Start, click Run, type cmd in the Open box, and then click OK.
    2. At the command prompt, type net stop http /y, and then press ENTER.
    3. At the command prompt, type iisreset /restart, and then press ENTER.

Monitor Web Site Files With Auditd

No Comments »

 

The Linux Auditing System and auditd are a great way to monitor who and when changes are made to the files in your website. To install and configure follow these steps:

1. Install auditd and related utilities:

yum install audit

2. Make sure auditd is running:

/sbin/chkconfig --list auditd 
auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

3. Edit /etc/audit/auditd.conf and change:

action_mail_acct = [your email address]

This sets any action emails to go to your preferred address.
4. Edit /etc/audit/audit.rules and add a line like this to the bottom:

-w [path_to_website] -p wa -k [key]

So if you website is located at:
/var/www/vhosts/mysite.com/httpdocs
Then a command like:

-w /var/www/vhosts/mysite.com/httpdocs -p wa -k mysite

would setup auditing of write and attribute change requests. Events matching this rule would be tagged with the “mysite” key.

/sbin/service auditd restart

Audit logs go to:

/var/log/audit/audit.log

 


Free OpenSSH Server for Windows (WinSSH)

6 Comments »

 

"Don't tell anyone that I'm free"

“Don’t tell anyone that I’m free”

WinSSH

Update (10/July/2016): OpenSSH (7.2p2) Server for Windows (7.2p2 is latest version of OpenSSH)
OpenSSH (6.4p1) Server for Windows (Previous version of OpenSSH)

General Features:-

* Security, if you want to access your Windows Machines cmd shell with full security.
* Windows NT Service Support
* Full install about 12mb, installer under 8mb (Including Cygwin dependencies)
* Windows Command Prompt support for SSH Terminal
* SCP/SFTP server support (secure file transfer)
* Command-line clients included  Read the rest of this entry »

Stop your friends’ Facebook app from accessing YOUR private information

No Comments »

 

I thought I had carefully controlled what other people I choose to share my photos and my personal information with me on my Facebook and I was really careful about what third-party Facebook applications I allow to have access to personal details such as my birthday, my status updates, my photos, my location and educational and work history but I was WRONG until today. Read the rest of this entry »


Secure browsing, How to use SSH (encrypted tunnel) for browsing

2 Comments »

Using ssh as a proxy or encrypted tunnel to browse the web can sometimes be necessary:

  1. When you’re at some public place but need to login securely to your work place.
  2. When local access restrictions make life really difficult.

I use SSH for the security reasons. I want to make sure that my security and login information will remain secure:

ssh -D 12345 myuser@remote_ssh_server

Replace myuser with your user account and remote_ssh_server with the IP or Hostname of your server.

The above command will do all, but if you want to add more options, you can add other options like:-

-D 12345: This does the dynamic stuff and makes it behave as a SOCKS server.
-f : This will fork the process into the background after you type your password (for Linux only, on windows skip that).
-C : Turns on compression.
-q : Quiet mode. Since this is just a tunnel we can make it quiet (for Linux only, on windows skip that).
-N : Tells it no commands will be sent. (the -f will complain if we don’t specify this)

Next, set up your browser to use the proxy server. Most browsers include proxy support. For Firefox, go to Edit→Preferences→Advanced→Network→Settings, and specify that you want to use a Manual Proxy, localhost, port 12345 and SOCKS v5 (although OpenSSH supports both versions 4 and 5).

HTTP Proxy (The first input). Must be left blank and add this config to SOCKS only.

Now your browser is using a secure tunnel to your remote SSH server, Enjoy


How to Secure your Windows 7 OS

No Comments »

 

You can download a w7 security benchmark from https://benchmarks.cisecurity.org/en-us/?route=downloads.multiform.

In addition to the recommendations there you may want to:

 

1. Disable Teredo tunneling.

http://www.mydigitallife.info/how-to-disable-tcpipv6-teredo-tunneling-in-vista/.

 

2. Unbind Client for Microsoft Network and Printer and File sharing from all network adapters.

 

3. Disable Remote Desktop service.

 

4. Disable UPNP device host.

 

5. Disable ISCSI initiator.

 

6. Disable Computer Browser service.

 

7. Disable NetBios helper service.

 

8. Disable RRAS.

 

9. Disable remote registry service.

 

10. Move the firewall log from its default location and enable logging of all connections.

 

11. Enable process tracking in the local security policy.

 

12. Enable “User Account Control: Only elevate executable(s) that are signed” local security policy.

 

These are just a few things off the top of my head.
Best to run x64 version of Windows as the host.  The script kiddies are still targeting x86.

 

Of course, these recommendations are also applicable on Vista/XP OS.

 

You also may want to keep track of your BIOS, NIC and GPU firmware. 🙂
(If you know how)