Author:
erics, December 30th, 2022
Summary Use AWS CloudTrail as the basis for a simple Intrusion Detection System to monitor your AWS account for unwanted activity. Background While I follow best practices for security, it is always possible that a bad actor could obtain my credentials and gain access to my AWS account. Once access is gained, such criminals could […]
Categories: Technology Tags: Attack, AWS, Bad Actor, Cloud, CloudTrail, CloudWatch, Compromise, Crypto, DDOS, Detection, dos, howto, IDS, Intrusion, Intrusion Detection, Mining, tips, Vector
| 
No comments
Author:
erics, August 31st, 2015
Requires Python! Scalp Home https://code.google.com/p/apache-scalp/ Download Scalp: https://code.google.com/p/apache-scalp/downloads/detail?name=scalp-0.4.py Backup Link: http://www.wyzaerd.com/scalp/scalp-0.4.py Original (Broken) XML Rules File: https://dev.itratos.de/projects/php-ids/repository/raw/trunk/lib/IDS/default_filter.xml Fixed XML Rules File: http://www.wyzaerd.com/scalp/default_filter.xml To Fix the XML file: Replace: (?:all|distinct|[(!@]*)? with (?:all|distinct|[(!@]+)? and: (?i:(\%SYSTEMROOT\%)) with (?:(\%[sS][yY][sS][tT][eE][mM][rR][oO][oO][tT]\%)) Examples:
|
|
./scalp-0.4.py -f ./default_filter.xml -o ./scalp-output -l /var/log/httpd_log --html ./scalp-0.4.py -f ./default_filter.xml -o . -l /var/www/cust1/logs/access.log.1440892800 |
Current options: exhaustive: Won’t stop at the first pattern matched, but will test all the patterns tough: Will […]
Categories: How-To's, Technology Tags: Analyze, apache, Attack, Detection, hack, Hackers, howto, IDS, Intrusion, Intrusion Detection, Log, Logs, Python, Scalp, tips
| No comments
Author:
erics, July 26th, 2014
I was getting tired of using iptables to block the various hackers and bots constantly slamming my servers (the Chinese are the worst offenders by far – curse them!). I found the Apache module mod_evasive and installed it. Here are links to various articles about mod_evasive: http://www.zdziarski.com/blog/?page_id=442 https://coderwall.com/p/eouy3g http://www.crucialp.com/resources/tutorials/server-administration/flood-protection-dos-ddos-protection-apache-1.3-2.0-mod_dosevasive-avoiding-denial-of-service-attacks.php Add the Module to Apache I […]
Categories: How-To's, Technology Tags: apache, Attack, AWS, AWS Linux, CentOS, DDOS, Defend, dos, evasive, http, mod_evasive, Web
| No comments
Author:
erics, July 8th, 2014
Add the following to either your .htaccess file or to your Apache config:
|
|
<Files xmlrpc.php> Order allow,deny Deny from all </Files> |
Categories: How-To's, Technology Tags: .htaccess, Attack, Block, DDOS, dos, howto, tips, WordPress, xmlrpc
| No comments
Author:
erics, May 17th, 2013
Introduction WordPress installs globally have been taking quite a hit recently, as nefarious persons continue to attempt brute-force attacks against the WordPress login page. Based on research and experimentation, I have chosen the following approach to provide security with the lowest performance hit: require a web-server-level password for all requests to the wp-login.php file. This […]
Categories: How-To's, Technology Tags: .htaccess, admin, Amazon, Attack, AWS, Brute-force, CentOS, htpasswd, Linux, WordPress
| No comments
Author:
erics, January 20th, 2011
As a webmaster of over a decade, sometimes the load on my server spikes high. Investigation discovered that various bad guys on the Internet were probing/attacking my server on a regular basis. Step One – Be Aware Read your apache logs Actively monitor your servers. I use Nagios running on my home server. Use top […]
Categories: How-To's, Technology Tags: Attack, dos, howto, IPTables, tips
| No comments
Author:
erics, December 30th, 2010
There is no excerpt because this is a protected post.
Categories: BeeGood, Technology Tags: Attack, Denial of Service, dos, nagios
| Enter your password to view comments.
