Category: Security

Sep/11

Remove WordPress Default Admin Account

Filed Under Security, WordPress at 5th September 2011 17:19 by Danny

A good security tip is to remove the default “admin” account that is installed by default. Before doing so create a new user who also has the role Administrator. When deleting an account such as the admin one, WordPress can … Continue reading →

Aug/11

Remove Ubuntu Keyring Password

Filed Under Linux, Security at 24th August 2011 10:20 by Danny

Tags: passwords, seahorse, Ubuntu

I often access Linux remotely but since 10.04 I have been encountering issues with the remote desktop. After a reboot, in order to gain remote desktop connection it would always prompt for a password. In situations where it reboots and … Continue reading →

Jul/11

Ubuntu 10.04 Firewall (UFW) Basics

Filed Under Linux, Networking, Security at 3rd July 2011 0:01 by Danny

Tags: firewall, gufw, GUI, iptables, ports, protocols, ssh, Ubuntu, UDP, ufw

Overview UFW or Uncomplicated FireWall is a basic software solution for protecting against network intrusions. It’s basic in the form that it’s a wrapper around the more powerful and complex iptables and therefore makes some assumptions such as rate limits. … Continue reading →

Jun/11

Apache 2 Hardening Tips

Filed Under Linux, Security, Web Server at 26th June 2011 0:01 by Danny

Tags: apache, DDOS, Security, server, Ubuntu

Below are some of the tricks I use or found useful to try to mitigate unwanted attention. Whilst this is not a definitive guide these are simple quick things that can be done. This was written for Ubuntu but it … Continue reading →

Jun/11

Check For Rootkits In Ubuntu

Filed Under Linux, Security, Software at 18th June 2011 0:01 by Danny

Tags: chkrootkit, Rootkits, Ubuntu

There’s a nice pre-made script which checks your Ubuntu system for Rootkits. Whilst it’s by no means exhaust way of finding out if your system is infected it makes it real simply and easy to do. First thing to do … Continue reading →

May/11

WiTopia VPN Service Review

Filed Under Networking, Security at 25th May 2011 0:01 by Danny

Tags: Android, gateways, IPSec, MacBook, OpenVPN, PPTP, VPN, WiTopia

I have always wanted to get a VPN server running at home so that I can tunnel back into the network remotely and also to protect myself on public hot spots. The former was more complicated than I thought and … Continue reading →

May/11

Web Server Basic Authentication = Weak

Filed Under energy@home, Security, Web Server, Website at 15th May 2011 11:40 by Danny

Tags: ajax, Authentication, energy@home, firebug, Firefox, firesheep, Google, GWT, HTTPS, man in the middle

I’d like to point out that I knew Basic Authentication in web servers were not bullet proof but in fact the total opposite (pointed out in the energy@home documents). This was hammered home when I was inspired to do some … Continue reading →

Jan/10

Enable SFTP On VSFTPD In Ubuntu

Filed Under Linux, Security at 31st January 2010 0:01 by Danny

Tags: dsa, ftp server, rsa, security certificates, SFTP, ssl, Ubuntu, VSFTPD

Enabling SFTP is very easy and makes FTP protocol a lot more secure than traditional FTP because passwords are not sent in plain text which is susceptible to a lot of things such as packet sniffers, man-in-the-middle, etc. Assuming VSFTPD … Continue reading →