Nmap Port Scanner – Introduction

Network scanners, such as Nmap (http://www.insecure.org/nmap/) or Nessus (http://
http://www.nessus.org), can scan for open ports on the local computer or on other computers. The
more sophisticated scanners, including Nessus, check for known vulnerabilities, so they can
tell you whether a server may be compromised should you decide to leave it running.

 

Nmap is capable of performing a basic check for open ports. Pass the -sT parameter and
the name of the target system to it, as shown here:

ami@amios:~$ nmap -sT google.com

Starting Nmap 6.00 ( http://nmap.org ) at 2014-03-01 12:40 UTC
Nmap scan report for google.com (74.125.136.102)
Host is up (0.0045s latency).
Other addresses for google.com (not scanned): 74.125.136.113 74.125.136.101 74.125.136.100 74.125.136.139 74.125.136.138
rDNS record for 74.125.136.102: ea-in-f102.1e100.net
Not shown: 998 filtered ports
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 4.96 seconds

This output shows you 2 open port 80 (http) and 443 (https). You can use nmap to scan your server itself and then see if there are services running which does not support to be there.

When you use a network scanner, you should consider the fact that the ports you see
from your test system may not be the same as those that might be visible to an attacker.
This issue is particularly important if you’re testing a system that resides behind a fi rewall
from another system that’s behind the same firewall.

 

On the other hand, a
cracker on your local network would most likely have access similar to your own, so you
shouldn’t be complacent because you use a fi rewall. Nonetheless, fi rewalls can be important
tools for hiding servers without shutting them down.

 

You can use a stand-alone Linux boot CD-ROM to perform security
checks on a network. Tools intended for this purpose, such as BackTrack
(http://www.backtrack-linux.org), provide easy access to Nmap and
other network security tools, enabling quick checks of network security
even if no computer on that network regularly runs Linux.

The latest current version is Kali Linux

 

 

 

security

Secure Server – Hardening Tips & Tricks. Make your server more secure.

Server Hardening Tips & Tricks:

Found it on the net but let’s make it better. Post your COMMENTS!

 

Is that really all ?

Every server security conscious organization will have their own methods for maintaining adequate system and network security. Often you will find that server hardening consultants can bring your security efforts up a notch with their specialized expertise.

Some common server hardening tips & tricks include:

– Use Data Encryption for your Communications
– Avoid using insecure protocols that send your information or passwords in plain text.
– Minimize unnecessary software on your servers.
– Disable Unwanted SUID and SGID Binaries
– Keep your operating system up to date, especially security patches.
– Using security extensions is a plus.
– When using Linux, SELinux should be considered. Linux server hardening is a primary focus for the web hosting industry, however in web hosting SELinux is probably not a good option as it often causes issues when the server is used for web hosting purposes.
– User Accounts should have very strong passwords
– Change passwords on a regular basis and do not reuse them
– Lock accounts after too many login failures. Often these login failures are illegitimate attempts to gain access to your system.
– Do not permit empty passwords.
– SSH Hardening
— Change the port from default to a non standard one
— Disable direct root logins. Switch to root from a lower level account only when necessary.
– Unnecessary services should be disabled. Disable all instances of IRC – BitchX, bnc, eggdrop, generic-sniffers, guardservices, ircd, psyBNC, ptlink.
– Securing /tmp /var/tmp /dev/shm
– Hide BIND DNS Sever Version and Apache version
– Hardening sysctl.conf
– Server hardenining by installing Root Kit Hunter and ChrootKit hunter.
– Minimize open network ports to be only what is needed for your specific circumstances.
– Configure the system firewall (Iptables) or get a software installed like CSF or APF. Proper setup of a firewall itself can prevent many attacks.
– Consider also using a hardware firewall
– Separate partitions in ways that make your system more secure.
– Disable unwanted binaries
– Maintain server logs; mirror logs to a separate log server
– Install Logwatch and review logwatch emails daily. Investigate any suspicious activity on your server.
– Use brute force and intrusion detection systems
– Install Linux Socket Monitor – Detects/alerts when new sockets are created on your system, often revealing hacker activity
– Install Mod_security as Webserver Hardening
– Hardening the Php installation
– Limit user accounts to accessing only what they need. Increased access should only be on an as-needed basis.
– Maintain proper backups
– Don’t forget about physical server security

Upgrading WordPress – This is usually due to inconsistent file permissions.: wp-admin/includes/update-core.php

Error in WordPress can very ennoying and they can be fixed as follow:

This may happenned whey you are trying to use the auto update button to upgrade to WordPress to the lastest version 3.8.1 (01/02/2014).

eg. Exampe of the error – This is usually due to inconsistent file permissions.: wp-admin/includes/update-core.php

Sometimes the solution is very simple.

Run the following command

ps aux | grep apache (if you run the apache server) WordPress require that the owner of the files is equil to the user who runs the web server eg apache.
in this case my user is

root@amios:/home/wordpress/public_html# ps aux | grep apacche
root 28868 0.0 0.1 9392 896 pts/0 S+ 16:54 0:00 grep –color=auto apacche
root@amios:/home/wordpress/public_html# ps aux | grep apache
root 7368 0.0 2.9 298460 14836 ? Ss Jan22 0:55 /usr/sbin/apache2 -k start
www-data 28840 0.0 1.7 298616 8660 ? S 16:53 0:00 /usr/sbin/apache2 -k start
www-data 28841 1.1 7.6 328132 38624 ? S 16:53 0:01 /usr/sbin/apache2 -k start
www-data 28842 0.0 1.7 298616 8660 ? S 16:53 0:00 /usr/sbin/apache2 -k start
www-data 28843 0.0 1.7 298616 8660 ? S 16:53 0:00 /usr/sbin/apache2 -k start
www-data 28844 0.0 1.7 298616 8660 ? S 16:53 0:00 /usr/sbin/apache2 -k start
www-data 28846 0.0 1.7 298616 8660 ? S 16:53 0:00 /usr/sbin/apache2 -k start
www-data 28850 0.0 1.7 298616 8660 ? S 16:53 0:00 /usr/sbin/apache2 -k start
www-data 28852 3.4 7.5 326708 37904 ? S 16:53 0:02 /usr/sbin/apache2 -k start
www-data 28853 0.0 1.7 298616 8660 ? S 16:53 0:00 /usr/sbin/apache2 -k start
www-data 28862 0.0 1.7 298616 8660 ? S 16:54 0:00 /usr/sbin/apache2 -k start
root 28870 0.0 0.1 9392 892 pts/0 S+ 16:54 0:00 grep –color=auto apache

then run the following command on your wordpress installation
You are changing the user who owns the wordpress installation to

root@amios:/home/wordpress/public_html# chown -R www-data /home/wordpress/

then you can upgrade your wordpress and change the user back if you prefer.

Enjoy!

Web Penetration Training Just Got better

It’s so good that i just need to recommended it.

Interested in getting a job in security industry? This is the place to start

https://pentesterlab.com/

Learn Web Penetration Testing: The Right Way.

PentesterLab is an easy and great way to learn penetration testing.
PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities.

Bootcamp

Bootcamp provides a learning path to get into security and especially web penetration testing.

This course is a list of things to read and do, no solutions are provided since it is, in my opinion, the best and only way to learn. If you don’t manage to get one of the items done, just try harder, spend more time googling and find the solution. Finding something by yourself is the best way to learn.

Skills Required for – Network Security Engineer Job – at RackSpace

Network Security Engineer Job

Date: Jul 30, 2013

Location: Hayes, GB

Job Details

Network Security Engineer – ADNETSEC

This details all the information about the job posting. To submit your resume, click on the ‘Submit your Resume to this Job’ button.

Show Instructions
Job TitleNetwork Security Engineer
Category Data Center Operations & Engineering

Requisition Code

ADNETSEC
Location UK – Hayes – Hyde Park Hayes Hayes, UK
Education Technical/Specialised Training
Job Type Full-time
Shift/Hours
Travel Required 0
Job Description

Looking for a new challenge and a rewarding career? Then, this could be an excellent opportunity for you with one of Europe’s “Top 100” companies to work for as a Network Security Engineer. If you would like to be part of a vibrant working culture, and feel you possess the skills and qualities we are looking for, send your CV in today for consideration!

The Network Security team is responsible for ensuring the confidentiality, availability and integrity of our customers’ critical infrastructure whilst providing industry leading Fanatical Support to both the customers and other segments of the business.The Network Security Engineer will be responsible for the EMEA customer base comprising in excess of 4000 customers employing a mixture of firewalled and load balanced solutions, some incorporating DR and HA solutions.

The Network Security Engineer will provide fanatical support to our customers and colleagues to ensure that new solutions are online within an agreed timescale and that new customer requests are dealt with quickly and efficiently. They will primarily be responsible for new device deployment and front line support, including customer calls, ticket requests and advice to other internal departments.

Job Requirements

Desired Skills & Experience

Technical

– Apply technical knowledge associated with the various devices and technologies used at Rackspace, which include but are not limited to Cisco ASA/PIX and CSS loadbalancers, VPN, DNS, Routing/Switching and IP’ing/Subnetting.
– Strong awareness of subnetting and CIDR
– Good knowledge of DNS (A records, CNAMES, MX records, Authority Section, TTL values.)
– Switching (Vlans, STP, trunking etc) and general networking
– Needs good understanding of IP routing, TCP/IP ports and services, different levels of the OSI model and exposure to operating systems (Windows server and Linux)
– Will also benefit from basic knowledge of firewalls (Pix/ASA), VPN, access lists and loadbalancing (CSS, F5, webmux)
– Can work in a mixed environment using GUI and command line operating systems
– CCNA essential/CCNA Security beneficial

Non-technical

– Will have the capability to work under pressure and prioritise tasks
– Commitment to see each request/issue through to completion, but can also identify when escalation is required.
– Possess the ability to both record and follow detailed instructions
– Ability and desire to work within a Team Driven environment and be responsible enough to work unsupervised
– Will have the desire to promote themselves and their team within the organization through working proactively with other departments to improve work processes and build relationships

#LI-SJ1
Skills
Type of Job(-US Only) 0

Job Segments: Network Security, Network, Security, Engineer, Network Engineer, Technology, Engineering