Secure Shell Technology or SSH is a network communication protocol that permits two systems to securely communicate in an unsecured network. This cryptographic protocol is also utilized for command–line executables or remote login programs such as terminal applications. Users who want to use SSH for connecting to other remote systems must have SSH configured on …
This article provides a guide for how to install Snort on Ubuntu 20.04 (Focal Fossa). Snort is a lightweight, open source network intrusion prevention system for running a network intrusion detection system (NIDS). Snort is used to monitor the packet data sent / received over a specific network interface. Network intrusion detection systems can intercept …
Set Ant Media Server Firewall Rules Use the following rules for Ant Media Server Firewall Configuration: 1 2 3 4 5 6 7 8 ufw allow ssh ufw allow http ufw allow https ufw allow 1935/tcp ufw allow 5080/tcp ufw allow 5443/tcp ufw allow 5000:65000/udp enable ufw After enabling, you will have following status 1 …
Note: This article is not to deprecate any of the findings and achievements of Alex Birsan. He did great work exploiting specific vulnerabilities and patterns. It is to present the RubyGems side of the story and to reassure you. We actively work to provide a healthy and safe ecosystem for our users. After reading the …
RubyGems dependency confusion attack side of things Read More »
Introduction On the 7th and 13th of December, there were two malicious packages uploaded to RubyGems. Here’s the postmortem and analysis of the packages’ content. Diffend.io platform that I run closely cooperates with the RubyGems team, providing immediate insights into any gems that have “weird” characteristics. Thanks to that, the gems were yanked relatively fast. …
I’m incredibly excited to announce a security platform for managing Ruby gems dependencies: diffend.io. This platform is a result of my involvement in Ruby security matters for years. It all started in early 2018 with a tool to review gems versions diffs. While working on it, I’ve noticed that there’s much more that needs to …
Diffend – OSS supply chain security and management platform for Ruby Read More »
Using Ruby gems is safe, right? We’re a nice community of friendly beings that act towards the same goal: making Ruby better. But is that true? Can we just blindly use libraries, without making sure, that they are what they are supposed to be? Learn how you can take over a gem, what you can …
How to take over a Ruby gem and what to do with it / RubyKaigi 2019 presentation Read More »
Install and Configure CSF ConfigServer Firewall About CSF Firewall ConfigServer Security and Firewall, also known as CSF, is an opensource software firewall application. It is working based on iptables. Firewall configuration script created to provide better security for your server while giving you an easy to use, advanced interface for managing your firewall settings. CSF configures …
Protecting Apache Server From Denial-of-Service Attacks Denial-of-Service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. A distributed denial-of-service (DDoS) is where the attack source is more than one–and often …
Protecting Apache Server From Denial-of-Service Attacks Read More »
Who should read this? This tutorial is for novice to intermediate linux users who want to go beyond basic password security. Security professionals recommend using ssh keys to make authentication into ssh sessions faster, easier and more secure. As passwords become longer and more complex they become more difficult to use and manage. Key based …
