This tutorial shows how to install and configure BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS) on a Debian Sarge system. BASE provides a web front-end to query and analyze the alerts coming from a Snort IDS system. With BASE you can perform analysis of intrusions that Snort has detected [...]

Spam is a nuisance, and as bloggers, we have all experienced a flood of spam every now and then. Not only is it a pain, but it can slow down your blog and use up your resources. In this post we’ll look at ten ways to combat spam. 1. Install Akismet This is the simple [...]

First of all , login to root account : Open the file “php.ini” by nano editor nano /usr/local/lib/php.ini Find the word “safe_mode” [ Ctrl + W and type "safe_mode" ] Change Off to On [ "safe_mode = Off" to "safe_mode = On" ] Find “disabled_functions” [ Ctrl + W and type "disabled_functions" ] and add [...]

Linux comes with a host based firewall called Netfilter. According to the official project site: netfilter is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the [...]

Question: How do I detect a DDOS (Distributed denial of service) / DOS attack on a Windows Server 2003 / 2000 / 2008? Can I use Linux netstat command syntax to detect DDoS attacks? Answer:A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. [...]

PHP’s default configuration file, php.ini (usually found in /etc/php.ini on most Linux systems) contains a host of functionality that can be used to help secure your web applications. Unfortunately many PHP users and administrators are unfamiliar with the various options that are available with php.ini and leave the file in it’s stock configuration. By utilizing [...]

I admin ecom website and a lot of bogus traffic comes from countries that do not offer much in commercial value. How do I just configure Apache or iptables to just refuse connections to certain countries? You can block traffic at both Apache or iptables level. I recommend iptables to save some resources. First, you [...]

If you receive the following error on restating iptables on a VPS: error message: from firewall software ~ iptables: Unknown error 4294967295 you need to make sure the required iptable modules are loaded in the host server kernel. You have to use modprobe to load the following modules in the kernel: modprobe ipt_MASQUERADE modprobe ipt_helper [...]

A file integrity scanner is something you need to have.  Imagine a hacker placing a backdoor on your web site, or changing your order form to email him a copy of everyone’s credit card while leaving it appear to be functionally normally. By setting up daily reporting, this notifies you within, at most, 24 hours [...]

iptables -I INPUT -m hashlimit -m tcp -p tcp –dport 23032 –hashlimit 1/min –hashlimit-mode srcip –hashlimit-name ssh -m state –state NEW -j ACCEPT This rule limits one connection to the SSH port from one IP address per minute. hashlimit match options –hashlimit-upto max average match rate [Packets per second unless followed by /sec /minute /hour [...]