Clik here to view.
Denial of Service (DoS) Attacks
Denial of Service (DoS) attacks are undertaken with the express purpose of preventing users from accessing and using a service they should otherwise be able to access. such attacks make malicious use...
View ArticleClik here to view.
Distributed Denial of Service (DDoS) Attacks
In the previous article, we discussed denial of service (DoS) attacks. These attacks involve the use of a single client to launch an attack on a system or service. Distributed denial of service (DDoS)...
View ArticleClik here to view.
Back Door Attacks
Back Orifice in action. Back door attacks utilize programs that provide a mechanism for entering a system without going through the usual authentication process. This can either take the form of hidden...
View ArticleClik here to view.
Phishing: Common Variations
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details be masquerading as a trustworthy entity in electronic communications. Communications...
View ArticleClik here to view.
IP Spoofing and Defenses
IP address spoofing is the creation of IP packets with a source IP address with the purpose of concealing the identity of the sender or impersonating another computer system. The basis of spoofing...
View ArticleClik here to view.
Man-in-the-Middle Attacks
Man-in-the-middle attacks are perhaps one of the more complex and sophisticated forms of security breaching approaches. As the name implies, such an attack involves the surreptitious placement of a...
View ArticleClik here to view.
Replay Attacks and Possible Countermeasures
Replay attacks are a variation on the man-in-the-middle theme. In a replay attack an agent is once again placed within the client/server line of communication. In the case of a replay attack, however,...
View ArticleClik here to view.
TCP/IP Hijacking
TCP/IP hijacking is a technique that uses spoofed packets to take over a connection between a victim and a host machine. It is similar to a man-in-the-middle attack, except that the rogue agent sends a...
View ArticleClik here to view.
Software Exploits
A software exploit is a piece of software or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur. Software...
View ArticleClik here to view.
Securing Ports and Services
A computer system that is not connected to a network is a rarity. While this provides some flexibility in terms of remote services, data and information that are available, it also brings considerable...
View ArticleClik here to view.
Unbound DNS
Configuring Unbound DNS in pfSense. Unbound DNS is a validating, recursive and caching DNS server software product. The C implementation of Unbound is developed and maintained by NLnet Labs, and is...
View ArticleUnbound DNS: Additional Settings
In the previous article, we introduced Unbound and covered some of the most common settings. In this article, we will cover some additional settings. Under Services -> Unbound DNS, the “Unbound DNS...
View ArticleClik here to view.
Network Traffic Monitoring with vnStat
Configuring settings with vnStat under pfSense. vnStat is a console-based program for network traffic monitoring in Linux and BSD. It keeps a log of hourly, daily, and monthly network traffic for the...
View ArticleClik here to view.
VPN Tunneling with tinc
The Config tab in tinc in pfSense. tinc is a Virtual Private Network (VPN) daemon that uses VPN tunneling and encryption to create a secure private network between hosts on the Internet. Because the...
View ArticlepfSense 2.1.5 Released
If you’re on the pfSense mailing list, you probably know this already, but pfSense 2.1.5 has been released. It is primarily a security update (including a fix to OpenSSL), but if you want to see a full...
View ArticleClik here to view.
Suricata Intrusion Detection System: Part One
The global settings tab in Suricata. Suricata is an open source-based intrusion detection system (IDS). There are several advantages to running Suricata. [1] It is multi-threaded, so you can run one...
View ArticleClik here to view.
August 2014 Amazon Affiliate Purchases
Here’s some of the products that people have purchased through my Amazon affiliate links: Allstar ALL90040 Red Anodized 1/4″ Mounting Hole In-Line Oil Temperature 10AN Male 1/2 NPT Female Tee Fitting...
View ArticleClik here to view.
Suricata Intrusion Detection System: Part Two
Defining a pass list in Suricata. In the first article about Suricata, we covered basic installation as well as global settings. In this article, we will continue our look at configuration. In Global...
View ArticleClik here to view.
Suricata Intrusion Detection System: Part Three
Interface settings in Suricata. In the previous article, we covered some additional Suricata configuration details, including downloading rules and setting up your first Suricata interface. In this...
View ArticleClik here to view.
Suricata Intrusion Detection: Part Four
Configuring app parser settings in Suricata. In the previous articles on Suricata, we covered installation, configuring global settings and pass lists, and began looking at setting up an interface. In...
View Article