There are a number of ways you can restrict access to your VPS. Passwords (specifically, good passwords) is the most basic method. Restricting access to ssh keys only is better. You can use Google Authenticator to require a short-lived number as a second factor of authentication. You could also setup a VPN so that only […]
How to Audit Every Command Run on Your Linux System
Periodically I’ve had auditors come to me and say “can you tell me what this user on this system did between such-and-such dates/times” and my answer is usually no. By default, Linux systems don’t log this info. But they can. In this tutorial, I’ll show you how to use auditd, which is a daemon you […]
The Syniverse Hack: Why Using SMS for 2FA is a Bad Idea
2FA, at&T, cell phones, hacking, Security, sprint, syniverse, tmobile, verizon 
October 5, 2021 @ 7:31 pm, by raindog308Security gurus have suggested for years that relying on SMS for two-factor authentication is a bad idea. Reasons include Your phone may be stolen Many people allow SMS messages to be displayed on lock screens Your phone can be SIM-cloned People inside your phone carrier may have access to your text messages But here’s a […]
Microsoft Says Passwords are Passé
2FA, authenticator, microsoft, passwords, Security, two factor September 18, 2021 @ 12:00 pm, by raindog308Are passwords a dying breed? In a blog post published September 15, Microsoft Vice President of Security, Compliance, and Identity Vasu Jakkal entitled “The passwordless future is here for your Microsoft account” (yes, with bad capitalization, just like that), Microsoft announced that you could “completely remove the password from your Microsoft account”. He continued: “Use […]
Easy Operating System Detection with nmap
Recently I was doing some discovery at work of some systems we inherited. I didn’t yet have access but wanted to determine what type of OS was involved so I could coordinate with the proper teams. You can often guess just by determining what ports are open, but the most efficient tool is the venerable […]
T-Mobile Leaks Almost 50 Million People’s SSNs and Driver’s Licenses
T-Mobile announced on Wednesday that a “a bad actor had compromised T-Mobile systems”: “Some of the data accessed did include customers’ first and last names, date of birth, SSN, and driver’s license/ID information for a subset of current and former postpay customers and prospective T-Mobile customers. “Our preliminary analysis is that approximately 7.8 million current […]
Report Reveals cPanel/WHM Suffers “Multiple Vulnerabilities”
Security research firm Fortbridge has released a report claiming to have discovered “multiple vulnerabilities in cPanel/WHM”. The report states: “Our team has found multiple vulnerabilities in cPanel/WHM during a black-box pentest, the most important one being a privilege escalation via stored XSS. Whilst disclosing these bugs to the cPanel/WHM team, we discovered the pentested cPanel […]
Get Notified via Email Whenever Someone Logs In To Your VPS
In this tutorial we’ll show you how to configure your VPS so that every time someone logs in, you receive an email alerting you to this fact. This is kind of a “lowend intrusion detection system” though it may have other uses. For example, if you need to audit what staff are doing or if […]
How to Stiff-Arm Brutes and Protect Your Server with Fail2Ban
Bruce force attacks are attempts to guess common passwords by repeatedly trying to login to your server. SSH is the most common target but FTP, IMAP, POP3, and other password-based systems can be targeted. While you, as perhaps a more sophisticated user, may choose strong passwords, your users may not. Shared hosting servers with thousands […]
Comment Free For All: Hacking in the Movies
I once watched an episode of Law & Order with a friend who is an attorney. From the moment the action switched from the police to the prosecutors, he was tied up in knots, shouting at the screen all the inaccuracies in the way the courtroom proceedings were portrayed. I feel the same way about […]