Larmeir.com

How To Install Fail2Ban Bruteforce Protection On CentOS 7

How To Install Fail2Ban Bruteforce Protection On CentOS 7

Fail2Ban is a great service for detecting and blocking brute force attacks when SFTP/SSH needs to be exposed to the WAN. This tutorial will run through a quick install of this service as well as a base configuration for a 1 hour block. Install the EPEL repository: yum install epel-release Install Fail2Ban: yum install fail2ban Enable the Fail2Ban service at boot: systemctl enable fail2ban Create […]

Read Me Leave comment

Nginxmodsec – Automation Script

Nginxmodsec – Automation Script

Due to some after hours projects I ran into the need to automate the installation of Nginx and mod_security. The end result is a BASH script I call nginxmodsec.sh. Below is an example of the script source but I recommend fetching the latest version off of my github since it’s still being actively developed: #!/bin/bash ############################## # Dustin Larmeir 10/23/2016 # # Nginx w/Mod_Security Build […]

Read Me Leave comment

Deploying Security Onion For NIDS In VMware

Deploying Security Onion For NIDS In VMware

Introduction Security Onion is a very robust, open source, Linux distribution project that provides NIDS (Network Intrusion Detection Systems) as well as HIDS (Host Intrusion Detection Systems)  capabilities. For the purpose of this tutorial we will explore deploying Security Onion for NIDS on a VMware ESXi environment. By the end of this post you should have a basic understanding of the installation process. This specific […]

Read Me Leave comment

A few mod_security tips

A few mod_security tips

Introduction The mod_security WAF is an open source web application firewall platform that highly tunable, scalable, and battle tested. WAFs are a requirement for various regulatory compliance frameworks and they are also a crucial part of a defense-in-depth strategy with the goal being to drive up the skill level of the attacker and block automated bot attacks. While mod_security was not designed to protect a larger […]

Read Me Leave comment

Restricting wp-admin by IP through CloudFlare’s Proxy

Restricting wp-admin by IP through CloudFlare’s Proxy

I’m a firm believer in the concept of “if you don’t need to expose it you shouldn’t.” When I think of WordPress’s admin interface that is exactly what comes to my mind so I always lock them down. I use CloudFlare for most of my WordPress deployments since it helps with SSL offloading, some basic bot blocking, and has a robust CDN capability. One of […]

Read Me Leave comment

Ubuntu 14.04 Apache Hardening Script 1.0

I’m always automating things for myself because I hate performing repetitive tasks over and over again. With that, I present to you a very basic Apache hardening script that you can run on a fresh install of Ubuntu 14.04 LTS. In a nut shell it does the following: Prints information about the server. Disables the Directory Indexing Module Disables Mod Status Adjusts Server Tokens to […]

Read Me Leave comment

Quick Ping Packetloss Script

This is not my finest work but I needed to put a ping packet loss test script together in a pinch that would log the result and run until I stopped it. Here’s what I came up with: #!/bin/bash # Very Basic Ping Script # Enter the domain to be monitored here domain=somedomain.com while : do # Line Separation echo “###############################”>>ping.log; # Date Stamp Log […]

Read Me Leave comment

Toshiba Satellite C55D-B510 Hard Drive Upgrade

 The Toshiba Satellite C55D-B510 is a low price system that runs great as an entry level laptop. A friend of mine recently purchased one for school and asked me to take a look at why it was performing super slow. After investigating further aside from the bloatware issues, the laptop had a 5400 RPM Toshiba drive in it. I was unpleasantly surprised to find that this […]

Read Me Leave comment

Macrium Reflect – A Great Tool For Managing Disks and Backups

I have recently needed to perform a few disk migrations via clones and I always need a solid backup solution for my Windows desktop machines. Macrium reflect always gets the job done! The free version located here is a very feature rich offering and I could easily see myself paying for the full product license. A few successful projects I have completed with this software […]

Read Me Leave comment

Enabling Promiscuous Mode For A Vswitch On Vsphere 6

I run a VMWare based infrastructure for my personal hosting projects and love it because of the Vswitch capabilities. Since I am a firm believer in following security best practices on these type of deployment I have a NIDS service in path that is collecting information about threats that are being leveraged against my public facing services. To facilitate the monitoring of the traffic with […]

Read Me Leave comment