Creating a Blackhole DNS with Bind 9

​Malware can be delivered many different ways from either advertisements (remember the NY Times malicous ads?) to hacked websites that contain malicious code.  One technique designed to help curb these infections is through the use of DNS blackhole.  This technique will redirect your internal users to an internal website to block their access.  To do so, first install Bind on your Linux server.  Then edit your named.conf file which should

Read More

PyMyDB Backup 0.5.1

The first version of PyMyDB Backup has been released and is based on Python 2.4.3. This is a Python script that will back up your MySQL databases, calculate the size of the backed up files, tarball and compress the contents, then email the results. To use:     Download the EPEL RPM which can be found at: http://download.fedora.redhat.com/pub/epel/ Install pymydb-0.5.1-1.noarch.rpm which can be found at: GitHub This script creates the necessary

Read More

Part 2: Adding the firewall rules

In part two of this series we’re going to discuss adding firewall rules to the router.  Everyone knows that adding ingress (or incoming) firewall rules is important to securing your network.  However, the same can be said for adding egress rules for traffic leaving your network.  For instance, aside from an email server, no client should ever send traffic to the Internet via TCP port 25.  If you see

Read More

Setting up NAT with CentOS/Red Hat 6

​This will be part 1 in a series of configuring CentOS/Red Hat 6 as a secured firewall. Though I am a huge fan of pfSense (which can be found here pfSense), I wanted to build my own from scratch. So, the first part of this series will consist of setting up PAT (or NAT overload for the Cisco geeks) on Linux. The first step is to configure the network cards. 

Read More

GPG Keys

​GnuPG is used to encrypt and sign email messages and files. First you need to create the GPG key: Generating Keys ———————————————————– $ gpg –gen-key ———————————————————– Select option 5 for RSA and then type the encryption level. ———————————————————– Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only) Your selection? 5 RSA keys may be between 1024 and 4096 bits

Read More