Clik here to view.
Apache Server Hardening: Part Five
Apache User Authentication Apache also includes several ways in which you can authenticate customers using your web server such as LDAP, SecureID, and basic .htaccess, to name a few examples. To use...
View ArticlepfSense 2.1.1 Released
In case this bit of information didn’t cross your news feed, I should mention that pfSense 2.1.1 has been released. The new release resolves some security issues, and the em/igb/ixgb/ixgbe drivers have...
View ArticleClik here to view.
Apache Server Hardening: Part Six
Additional Directives Within the directive is a subdirective called Options that controls functionality for the directory structures specified in the directive. The available options are listed below....
View ArticleClik here to view.
whois and dig Commands
The whois Command The whois command is useful when trying to track down a contact for someone causing trouble on your network. This command queries the primary domain name servers and returns all the...
View ArticleClik here to view.
Nlog: A Utility for Analyzing Nmap Logs
In a previous article, we covered the Nmap utility. You can save Nmap logs in a number of formats, including plain text or machine-readable, and import them into another program. However, if these...
View ArticleClik here to view.
pfSense 2.1.2 Release Up For Testing
Unless you’ve been living in a broom closet, you probably know about the OpenSSL bug that makes users using sites whose web servers use the OpenSSL library potentially vulnerable to eavesdropping. The...
View ArticleClik here to view.
Nlog Add-Ons and Extensions
In the previous article, we discussed installing and using Nlog. In this article, we will discuss using add-ons and writing your own Nlog extensions. Nlog Add-Ons As mentioned earlier, Nlog is easily...
View ArticleClik here to view.
Uses for Nlog and Nmap
Uses for Nlog and Nmap So now you can port scan with Nmap and sort and analyze the results with Nlog. what can you do with these programs? There are, indeed, some interesting applications for port...
View ArticleClik here to view.
Useless Services
Useless Services Like a vestigial tail, there are often applications running on our machines that no longer serve any useful purpose. These services may be part of an earlier set of libraries that the...
View ArticleClik here to view.
Nessus Vulnerability Scanner: An Introduction
Introducing the Nessus Vulnerability Scanner Modern computer networks have multiple potential areas of insecurity. How do you protect all these avenues of attack? You might feel that protecting your...
View ArticleClik here to view.
Nessus Features and Capabilties
In the previous article, we introduced the Nessus vulnerability scanner. In this article, we will discuss some of the additional Nessus features. Nessus Features: Scripting Language, Integration with...
View ArticleClik here to view.
Nessus Installation: A Guide
Installing Nessus using the Debian package manager in Mint Linux. Nessus Installation and Setup In the previous article, we discussed some of the features and capabilities of Nessus 5. Here we will...
View ArticleClik here to view.
Nessus Configuration: Part One
Advanced settings in the Nessus web GUI. Nessus Configuration: Proxy and Advanced Settings The first thing you will see when you access Nessus is the login page. You must first enter the login name and...
View ArticleClik here to view.
Nessus Configuration: Part Two
The Nessus GUI configuration menu contains several configurable options. For example, this is where the maximum number of checks and hosts being scanned at one time, the resource you want nessusd to...
View ArticleClik here to view.
Vulnerability Scanning Tips
Before you start vulnerability scanning, you should take into consideration some issues. Port scanning is a fairly innocuous activity, althouh it is annoying when you see the activity showing up in...
View ArticleClik here to view.
Vulnerability Scanning: What It Won’t Fix
Security Issues That Won’t Be Fixed By Vulnerability Scanning While vulnerability testing is a valuable tool in your security arsenal, you should not think of it as a silver bullet. There are still...
View ArticlepfSense 2.1.3 Released
pfSense 2.1.3, a relatively minor upgrade from the recently-released 2.1.2, has been release. You can read about it in this blog posting at the official pfSense site. I decided to upgrade my firmware...
View ArticleClik here to view.
Arping with pfSense: Installation and Use
Arping in action under pfSense 2.1.3. Arping is a computer software tool that is used to discover hosts on a computer network, and is available as a package for pfSense. The program tests whether a...
View ArticleVideo: pfSense on a Flash Drive (Part One)
A reader e-mailed me asking the pros and cons of running pfSense from a flash drive. I wasn’t sure myself, so I got a flash drive and tried it myself. In part two, I will try to run pfSense from the...
View ArticleClik here to view.
Squid Proxy Configuration in pfSense
Installing Squid under pfSense 2.1.3. Squid is a proxy server and web cache daemon. It was originally developed as part of the Harvest project at the University of Colorado Boulder. Further work on the...
View Article