MHN is a great tool used to deploy a network of honeypots on your network or on the Internet to monitor possible threats and attacks to different types of services. Using it, I realize that there are a few things lacking in MHN, one of them is that I missed using Kippo-Graph to see statistics about the attacks on ssh kippo honeypots, so i decided to add some kippo graphs on MHN, this post is intended to give an overview about how I thought this add-on and how to install it. If you need more information about MHN read this post, and read this post about a real life deployment with MHN.
Category Archives: Linux
Story of a Honeynet or How secure are your servers on the Internet?
This is going to be a quick post following up the last post about Honeypot Networks, we configured a Honeypot Network using the Amazon Elastic Compute Cloud (EC2) web service to see how easy was the deployment in a real scenario, and how effective was to gather information about attackers and attacks on the Internet.
Honeypot Networks
On this post we are going to talk about honeypots and honeypot networks, how they can be used to protect your systems. We are going to talk specifically about MHN (Modern Honey Network) a great tool to collect data from sensors and a great tool to deploy honeypots fast and easy.
How install a proxy server to anonymise your Internet Surfing
On this post we are going to install and configure a server that would help you to maintain certain degree of anonymity and privacy while surfing the web, it could also mask your ip address and cloak it, so it appears to be an ip address from another country that could help you to circumvent in some degree geolocation rules while surfing. This is not a perfect solution and it not makes you completely invisible on internet but it makes a little bit more difficult to know somethings about you while surfing. We are going to use Squid Proxy for the cache proxy, Privoxy to filter and takes some action towards the privacy and to protect you against some types of attacks and finally we are going to use Tor (The Onion Ring) to increase the anonymity.
How to upgrade GNS3 v1.0 in Ubuntu 12.04 LTS
This is going to be a quick post and we are going to upgrade the installation of GNS3 v1.0 that we installed previously to the new version, basically this will be the same procedure to upgrade gns3. If you are looking for the first installation of GNS3, please check out this post. Iy you want to upgrade your installation just continue reading.
How to install GNS3 v1.0 alpha release in Ubuntu 12.04 LTS
April 1st of 2014 was the release date of GNS3 version 1.0 alpha release, it needs a python version greater than 3.3 and a lot of libraries that are a bit of a pain to install in an Ubuntu 12.04 LTS version, because by default it uses python 2.7 and in the distribution repositories you could only find python 3.2. In Ubuntu 13.10 it is little bit easier because by default come with python version 3.3.
On this post we are going to make a step by step guide to install this version of GNS3 in Ubuntu 12.04 LTS.
Hardening Linux Ubuntu 12.04 using Bastille
On this post we are going to talk about hardening the security of your servers using a script called Bastille, this script works for different Linux Disributions and other OS, but in Ubuntu there are some problems that should be addressed after the application of the script. The IT security is a whole and should not be seen as isolated isles in an IT infrastructure, also the security should be present on every device that conform the IT infrastructure, we know that there are always the typical security devices on the network like the Firewalls, IPS, etc… obviously some of this devices could be or not be present in the infrastructure depending on how big is your network and how big is your budget, but there is a common denominator in all this and is that your security is as good as the security of your weakest device, sometimes we install a server outside of the server farm to do some test and after some time that server is put in production with a weak security leaving a hole in your security that could be breached anytime by attackers. Normally, when a Server is attacked the whole idea is to get any type of access, from there, you try to escalate your privileges and once you have privilege access to the server you begin to dig deeper on the network trying to compromise other devices (this is a very high level vision of the process). Continue reading
IT & Security Stuffs!!! 