Today is “World Password Day.”

Today is “World Password Day.”

In case you hadn’t heard, today is “World Password Day.” This would be a good time to go out and change your passwords. Need help on picking a new password? Head out to https://passwordday.org/ where Betty White provides best practices for cybersecurity. If you do not think Betty provided everything you need, head over to XKCD where they have one of the best comics around for choosing a secure

Read More

Protecting Your Online Identity

Have you had your online identity stolen? Had your Twitter or Facebook account compromised? Do you use the same username and password across multiple sites on the Internet? Every day, hackers are exposing weak security practices of not only company websites but also attacking online identities putting you at risk. Having to remember multiple credentials which can require separate usernames, separate passwords, and the websites used for those credentials

Read More

Creating a Blackhole DNS with Bind 9

​Malware can be delivered many different ways from either advertisements (remember the NY Times malicous ads?) to hacked websites that contain malicious code.  One technique designed to help curb these infections is through the use of DNS blackhole.  This technique will redirect your internal users to an internal website to block their access.  To do so, first install Bind on your Linux server.  Then edit your named.conf file which should

Read More

Part 2: Adding the firewall rules

In part two of this series we’re going to discuss adding firewall rules to the router.  Everyone knows that adding ingress (or incoming) firewall rules is important to securing your network.  However, the same can be said for adding egress rules for traffic leaving your network.  For instance, aside from an email server, no client should ever send traffic to the Internet via TCP port 25.  If you see

Read More

Setting up NAT with CentOS/Red Hat 6

​This will be part 1 in a series of configuring CentOS/Red Hat 6 as a secured firewall. Though I am a huge fan of pfSense (which can be found here pfSense), I wanted to build my own from scratch. So, the first part of this series will consist of setting up PAT (or NAT overload for the Cisco geeks) on Linux. The first step is to configure the network cards. 

Read More

RHEL/CentOS Server Security

As a part of the sys admin’s job, it is important to take a few extra minutes to go through and properly secure a newly installed Linux server. These steps include enabling SELinux on the machine, configuring the firewall, and setting user permissions. There are however additional steps one should take in order to secure their server. One would be to tune and secure kernel parameters, set limits on

Read More

GPG Keys

​GnuPG is used to encrypt and sign email messages and files. First you need to create the GPG key: Generating Keys ———————————————————– $ gpg –gen-key ———————————————————– Select option 5 for RSA and then type the encryption level. ———————————————————– Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) Your selection? 5 RSA keys may be between 1024 and 4096 bits

Read More