How to secure BGP sessions using authentication on Quagga

The BGP protocol runs over TCP, and as such, it inherits all the vulnerabilities of a TCP connection. For example, within a BGP session, an attacker may impersonate a legitimate BGP neighbor, and convince the BGP routers on the other end to share their routing information with the attacker. The problem occurs when the attacker […]
Continue reading…

 

How to secure SSH login with one-time passwords on Linux

As someone says, security is a not a product, but a process. While SSH protocol itself is cryptographically secure by design, someone can wreak havoc on your SSH service if it is not administered properly, be it weak passwords, compromised keys or outdated SSH client. As far as SSH authentication is concerned, public key authentication […]
Continue reading…

 

How to make remote incremental backup of LUKS-encrypted disk/partition

Some of us have our hard drives at home or on a VPS encrypted by Linux Unified Key Setup (LUKS) for security reasons, and these drives can quickly grow to tens or hundreds of GBs in size. So while we enjoy the security of our LUKS device, we may start to think about a possible […]
Continue reading…

 

How to configure fail2ban to protect Apache HTTP server

An Apache HTTP server in production environments can be under attack in various different ways. Attackers may attempt to gain access to unauthorized or forbidden directories by using brute-force attacks or executing evil scripts. Some malicious bots may scan your websites for any security vulnerability, or collect email addresses or web forms to send spams […]
Continue reading…

 

How to filter, split or merge pcap files on Linux

If you are a network admin who is involved in testing an intrusion detection system or network access control policy, you may often rely on offline analysis using collected packet dumps. When it comes to storing packet dumps, libpcap’s packet dump format (pcap format) is the most widely used by many open-source packet sniffing and […]
Continue reading…

 

How to block unwanted IP addresses on Linux efficiently

You may want to block IP addresses on your Linux box under various circumstances. For example, as an end user you may want to protect yourself from known spyware or tracker IP addresses. Or when you are running P2P software, you may want to filter out connections from networks associated with anti-P2P activity. If you […]
Continue reading…

 

How to encrypt files and directories with eCryptFS on Linux

You do not have to be a criminal or work for the CIA to use encryption. You simply don’t want anybody to spy on your financial data, family pictures, unpublished manuscripts, or secret notes where you have jotted down startup ideas which you think can make you super rich. I have heard people telling me […]
Continue reading…

 

How to download an ISO image with BitTorrent fast and safely from the command line

If you are one of those guys who have urge to try out every new (or even beta) release of Linux distribution to satisfy your curiosity and stay up-to-date, you will need to deal with the hassle of downloading big ISO images every now and then. ISO providers typically put up .torrent file of their […]
Continue reading…

 

How to verify the authenticity and integrity of a downloaded file on Linux

When you download a file (e.g., an installer, an ISO image, or a compressed archive) from the web, the file can be corrupted under a variety of error conditions, e.g., due to transmission errors on the wire, interrupted download, faulty storage hardware, file system errors, etc. Such failure cases aside, a file can also be […]
Continue reading…

 

How to monitor and troubleshoot a Linux server using sysdig

What is the first thing that comes to mind when you need to track system calls made and received by a process? You’ll probably think of strace, and you are right. What tool would you use to monitor raw network traffic from the command line? If you thought about tcpdump, you made an excellent choice […]
Continue reading…