Continuing with the last post deploying a Jail, now We’ll see how to personalize the restrictions of our jails over sysctl configuration, specifically using the directive security.jail.* for the FreeBSD Kernel. I’ll show some useful directives to configure and his
Implementation of FreeBSD Jails (Part I): Deploying a Jail
Jails are tools available for FreeBSD to enhance the security for our systems. The concept for a jail is very similar with the chroot but jails are an improvement of it. Chroot limits a process to see only a part of
Monitoring system log files with Swatch
Swatch is a software to monitor our log files, and do an action for some events. It’s an efficient way to monitor our system events like attempts to connect to our server, when systems crash or for example when a
Snort from scratch (Part III): Writing Snort rules
Continuing with the posts about Snort Snort from scratch (part II), now we have a complete installation and web interface to monitor our network alerts. One of the most important things when you maintain an IDS like Snort in a
Snort from scratch (Part II): Installing BASE & barnyard2
Continuing with the last post Snort from scratch part I now I’ll explain how to install BASE and barnyard2. BASE (Basic Analysis and Security Engine) provides a web front-end to query and analyze the alerts coming from Snort. The alerts will
XenServer HA & Live Migration
XenServer HA is a feature of citrix that provide high availability in our environment monitoring our xen servers. When we configure HA, we can specify wich virtual machines will be automatically restarted in other server if the host server where
Snort from scratch (Part I)
An IDS is a security tool, that allow us to monitor our network events searching attempts to compromise the security of our systems. It’s possible matching predefinied rules emulating the behaviour of an attack and it’s possible to deny the
Implementing Port Knocking
Port Knocking is a technique that consist in the protection of the access to a service. Initially the server presents no open ports to allow connections, with iptables configuring a default deny policy. The server passively monitor all the connection
Applying Advanced Licensing Trial in XenServer
I’ve been working lately with Citrix XenServer hypervisor and testing some functionalities. When you download a free version of XenServer normally has 30 days to test it and this version has some functionality limitations. But we can request an avaluation
Enable HTTP Strict Transport Security in Apache & Nginx
HSTS (HTTP Strict Transport Security) is a security protocol that force the use of SSL in the comunication between the web browser and the web server. This standard is recently approved (2 october 2012) by the IETF, but the first