How to filter, split or merge pcap files on Linux

If you are a network admin who is involved in testing an intrusion detection system or network access control policy, you may often rely on offline analysis using collected packet dumps. When it comes to storing packet dumps, libpcap’s packet dump format (pcap format) is the most widely used by many open-source packet sniffing and […]
Continue reading…

 

How to block unwanted IP addresses on Linux efficiently

You may want to block IP addresses on your Linux box under various circumstances. For example, as an end user you may want to protect yourself from known spyware or tracker IP addresses. Or when you are running P2P software, you may want to filter out connections from networks associated with anti-P2P activity. If you […]
Continue reading…

 

How to encrypt files and directories with eCryptFS on Linux

You do not have to be a criminal or work for the CIA to use encryption. You simply don’t want anybody to spy on your financial data, family pictures, unpublished manuscripts, or secret notes where you have jotted down startup ideas which you think can make you super rich. I have heard people telling me […]
Continue reading…

 

How to download an ISO image with BitTorrent fast and safely from the command line

If you are one of those guys who have urge to try out every new (or even beta) release of Linux distribution to satisfy your curiosity and stay up-to-date, you will need to deal with the hassle of downloading big ISO images every now and then. ISO providers typically put up .torrent file of their […]
Continue reading…

 

How to verify the authenticity and integrity of a downloaded file on Linux

When you download a file (e.g., an installer, an ISO image, or a compressed archive) from the web, the file can be corrupted under a variety of error conditions, e.g., due to transmission errors on the wire, interrupted download, faulty storage hardware, file system errors, etc. Such failure cases aside, a file can also be […]
Continue reading…

 

How to monitor and troubleshoot a Linux server using sysdig

What is the first thing that comes to mind when you need to track system calls made and received by a process? You’ll probably think of strace, and you are right. What tool would you use to monitor raw network traffic from the command line? If you thought about tcpdump, you made an excellent choice […]
Continue reading…

 

How to configure a host intrusion detection system on CentOS

One of the first safety measures that any sysadmin may want to implement in their production servers is a mechanism to detect file tampering – not only the content of files, but also their attributes. AIDE (short for “Advanced Intrusion Detection Environment”) is an open source host-based intrusion detection system. AIDE checks the integrity of […]
Continue reading…

 

How to harden Apache web server with mod_security and mod_evasive on CentOS

Web server security is a vast subject, and different people have different preferences and opinions as to what the best tools and techniques are to harden a particular web server. With Apache web server, a great majority of experts -if not all- agree that mod_security and mod_evasive are two very important modules that can protect […]
Continue reading…

 

How to create a cloud-based encrypted file system on Linux

Commercial cloud storage services such as Amazon S3 and Google Cloud Storage offer highly available, scalable, infinite-capacity object store at affordable costs. To accelerate wide adoption of their cloud offerings, these providers are fostering rich developer ecosystems around their products based on well-defined APIs and SDKs. Cloud-backed file systems are one popular by-product of such […]
Continue reading…