Bash script that blocks web server (apache/nginx/litespeed) scanners. It checks the 400-408 errors or any other in the log you will choose to scan and extracts IP addresses of scanners which are trying to scan a web server and adds IP addresses to the ipset which drops the connection.Continue reading “Bash script that blocks web server (apache/nginx/litespeed) scanners.”
Based on a best-selling book by New York Times national security correspondent David E. Sanger, The Perfect Weapon explores the rise of cyber conflict as the primary way nations now compete with and sabotage one another.
Directed by Emmy-winning filmmaker John Maggio (Panic: The Untold Story of the 2008 Financial Crisis) and featuring interviews with top military, intelligence, and political officials on the frontlines of cyberterrorism, the documentary brings to light the combatants and innocent victims caught in the crosshairs of a hidden war that has been going on for decades — a war that America started, but has no idea how to finish.
Traveling from the deserts of Iran and Las Vegas to the back alleys of Beijing and Moscow, the film chronicles America’s pursuit of enemies who have plotted against its institutions, its economy, and its democracy. A never-before-seen look inside the secret world of spies, hackers, and scammers in the lead-up to the 2020 U.S. elections, for which fear of cyberattacks has mounted to an all-time high, The Perfect Weapon is a timely reflection on the ultimate price — and potential “victors” — of this high-stakes conflict.
I’m trying to gather the knowledge related to logwatch, but there is a lot of learning to understand kernel error codes.
I will update this post with what I find and what I will learn. So far, I will try to present what I understand so far in a simple way.Continue reading “logwatch auditd analysis”
If you have any kind of server connected to the Internet, you are no doubt aware that no matter how small or unimportant it might seem, it is frequently probed, tested or subject to various attempts at abuse. These attacks come from so many malicious hosts that it is impossible to keep track by hand. So I started looking for a way to implement an automated blocklist to use with iptables and firewalld which I use on my servers.Continue reading “Using blocklist with iptables and firewalld”
Article shows how to solve the issue with missing swap and plymouthd sigrtmin error, when swap is not created as LVM, but as a standard swap.Continue reading “The system does not find the root partition, installed on lvm.”
The tutorial is for Red Hat family server distributions like CentOS 7.x, Red Hat 7.x, Fedora29 or newer (current version is 32), etc.
For Debian family server distributions like (Debian, Ubuntu etc.) I recommend to read this article: How To Setup Telegraf InfluxDB and Grafana on Linux, however it does not contain the own domain and fail2ban setup.Continue reading “How to setup and secure Telegraf, InfluxDB and Grafana on Linux”
To monitor system behavior, you need to start by creating a baseline that represents normal system behavior. You can do this using a tool like the sar command. You can then use tools such as netstat, iostat, lsof, w and uptime to monitor system behavior, comparing the results to the baseline to determine whether the system is experiencing problems.Continue reading “Measuring System I/O”
Capacity planning involves predicting what the capacity requirements for a system will be in future, and planning how to meet these requirements. Monitoring system resource use is important for capacity planning, because it establishes whether existing resource use is approaching capacity limits.
In Linux you can use a range of tools to monitor system resource use. These include the top, ps, pstree, vmstat, sar and free commands.Continue reading “Linux Resources usage monitoring”
Below there is a better explanation from Eric Melo. Thanks Eric for this video!