RSS Blog OpenKod

  • How to Implement ModSecurity OWASP Core Rule Set in Nginx 25th August 2017
    If you were securing Nginx with Mod Security then you would like to have OWASP core rule set (CRS) activated to protect from following threats. HTTP protocol violation protection Common web attacks Bots, crawlers, malicious activity protection Trojan protection Information leakage protection Cross Site Scripting attacks SQL injection attacks Do you agree? In my previous post, […]
    hasan
  • Nginx Reverse Proxy 25th August 2017
    /etc/nginx/sites-enabled/default server {     listen 80;     server_name www.google.com;       location / {         proxy_pass http://10.20.0.10;         proxy_set_header Host $host;         proxy_set_header X-Real-IP $remote_addr;         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;         proxy_set_header X-Forwarded-Proto $scheme;     }   […]
    hasan
  • udpreplay 4th July 2017
    Overview udpreplay is a simple application for forwarding UDP stateless traffic. The application is a gopiper pipeline, so gopiper is required. Running gopiper --pipe udpreplay.lua Using Docker docker run -e DEVICE='eth0' -e ADDRESS_LIST='192.168.1.1' openkod/udpreplay Requirements gopiper is required to run the application. Also the pcap gopiper component and multiudp gopiper component are required. Configuration You can configure the application using environment variables: Environment […]
    hasan
  • How to push Snort, Bro, YAF log to Metron 20th June 2017
    Install the Metron Bro plugin into your Bro install. This will push the Bro output into Kafka so that Metron can consume it. https://github.com/apache/metron/tree/master/metron-sensors/bro-plugin-kafka You can use the Ansible deployment steps as instructions for one, simple way to pipe YAF and Snort output into Kafka. This is only suitable for small scale testing. https://github.com/apache/metron/tree/master/metron-deployment/roles/yaf https://github.com/apache/metron/tree/master/metron-deployment/roles/snort […]
    hasan
  • Squid and Squid 5th April 2017
    It’s all about squid Problem : [email protected]:/etc# tail -f /var/log/syslogSep 23 23:33:16 proxy kernel: [14772.979413] TCP: too many of orphaned sockets Solution : http://blog.tsunanet.net/2011/03/out-of-socket-memory.html Tunning settings in sysctl.conf http://www.frozentux.net/ipsysctl-tutorial/ipsysctl-tutorial.html#AEN412 TCP Tunning http://web.archive.org/web/20111225052722/http://fasterdata.es.net/fasterdata/host-tuning/linux/ Reload file /etc/sysctl.conf after editing without restart the server [email protected]:/etc# sysctl -p http://xmodulo.com/2012/04/how-to-reload-sysctlconf.html      
    hasan
  • Multiple Vulnerabilities in Drupal Could Allow for Remote Code Execution 20th March 2017
    MS-ISAC ADVISORY NUMBER:2017-028 DATE(S) ISSUED:03/16/2017 SUBJECT:Multiple Vulnerabilities in Drupal Could Allow for Remote Code Execution OVERVIEW: Multiple vulnerabilities have been discovered in Drupal core module, the most severe of which could allow for remote code execution. Drupal is an open source content management system (CMS) written in PHP. Successful exploitation of the most severe of […]
    hasan
  • Microsoft Security Advisory 4010983 15th March 2017
    Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of Service   Published: January 27, 2017 Version: 1.0 Executive Summary   Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.1.0. This advisory also provides guidance on what developers can do to update their applications […]
    hasan
  • Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service Vulnerability 14th March 2017
    Cisco IOS for Catalyst 2960X and 3750X Switches Denial of Service Vulnerability Medium Advisory ID:  cisco-sa-20170118-catalyst First Published:  2017 January 18 16:00  GMT Last Updated:   2017 March 3 14:08  GMT Version 1.1:  Final Workarounds:  Yes Cisco Bug IDs: CSCva72252 CVSS Score: Base 4.7, Temporal 4.7 CVE-2017-3803 CWE-399    Download CVRF    Download PDF    Email   Summary A vulnerability in the Cisco IOS Software forwarding queue of […]
    hasan
  • Setting up IPv6 in OpenWRT Barrier Breaker for TM Unifi 19th May 2016
    Create new interface for IPv6Network-Interface-Add New Interface..Match below setting   https://advanxer.com/blog/2015/11/setting-up-ipv6-in-openwrt-barrier-bre...
    hasan
  • How to Configure Proxy Settings Using Group Policy Management 24th March 2016
      This snap-in is not available by default; you must download it from Microsoft or use the Active Directory Users and Computers method. Using the Microsoft Group Policy Management Tool Create a New Group Policy Object (GPO) In the Group Policy Management window, under Domains, right-click the domain name. Select Create and Link a GPO Here. The New GPO window appears. […]
    hasan