In a previous post I did an analysis of HTTP headers returned by Belgian websites. The list of websites was based on an old Alexa datafile and more or less reflected the most ‘popular’ Belgian websites. I now trimmed these domains to their top domain only (so www.site.be and alpha.site.be became site.be) and decided to check what type of MX records are defined for the different domains.
MX records are DNS records that specify a … Read more.
This is the second part in the analysis of the content of HTTP headers returned from Belgian websites. The first part describes what HTTP headers are and analyses the results of the network requests.
Disclosing HTTP headers is not going to make your site more vulnerable nor is not disclosing them going to make your site more secure. But by leaking version information you basically give away your level of patch management, making it easier … Read more.
This analysis on HTTP headers is separated into two different blog posts :
describing what HTTP headers are and analyzing the results of the network requests analyzing the content of HTTP headers
The separation in two parts follows the logical sequence of events that I had to do to complete the investigation. First I had to map the network and interpret these results and then dive deeper in the returned HTTP header results.
Note that … Read more.
Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location (from https://www.torproject.org/).
There are Tor Bundles that you can install but you can also chain Tor through a proxy.
I’ll use an Ubuntu 1214 vmware machine to proxy my traffic. … Read more.
Dionaea is a low-interaction honeypot. It is one of the honeypots that can be deployed through the Modern Honey Network. Next to the MHN dashboard I also wanted some specific data on the Dionaea honeypot. That is where DionaeaFR kicks in.
The installation is described in detail on the github page and on http://bruteforce.gr/visualizing-dionaeas-results-with-dionaeafr.html.
I had to add some extra packages and settings on a Ubuntu 12.04.4 LTS system. Below is the full … Read more.
After Heartbleed I wrote a small python script to have an automatic check of certification expiration date. The script is hosted on Github.
Next to SSL certificates there are also GPG keys that can (but do not have to) have an expiration date. If you manage a lot of (personal or shared) keys it can become difficult to keep track of expired or soon to be expired keys.
So I wrote a similar python script … Read more.
I have iptables on a couple of different Linux hosts. There are a number of tools that allow you to centralize the logs of different hosts (and services) but they often focus on some form of alert management. I need something that allows me to gather the logs from different hosts, put them all in one central database and then generate some statistics on this data.
Iptables logs to the local syslogger but ulogd allows … Read more.
Jump to Update 10-Apr-2014
Jump to Update 11-Apr-2014
Jump to Update 12-Apr-2014
Jump to Update 24-Apr-2014
Unless you’ve been hiding under a rock you must have heard about the OpenSSL heartbleed vulnerability CVE-2014-0160.
Software using or linked against OpenSSL 1.0.1 through 1.0.1f (inclusive) is vulnerable. This post focuses on what you have to do and how you can detect it. This post is not on what the vulnerability is about.
It is important … Read more.
ModSecurity is an embeddable web application firewall or WAF. It can be installed as part of your existing web server infrastructure.
ModSecurity is available as a package for different Linux distributions but these versions are often outdated. I installed ModSecurity from source on Ubuntu 12.0.4 LTS.
Start by downloading the source tarball from the ModSecurity website. The full code is available via GitHub and the links to the tarballs are available from the home page.
… Read more.
Shells control how you interact with your computer systems. I always switch between the Bourne shell (sh), Korn shell (ksh) and Bourne-Again shell (bash) but there are numerous others.
There are three types of shells
a login shell; an interactive shell; a non-interactive shell.
The type of shell defines what set of features you can use. Choosing the type of shell is important to achieve your goal(s).
A login shell is the shell that is … Read more.
Graphs made with cudeso posts stats
By continuing to use the site, you agree to the use of cookies. more information
An HTTP cookie, is a small piece of text sent from a website and stored in your web browser. Cookies are a reliable mechanism for websites to remember your preferences and improve your browsing experience.
If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.