/security/ Archive

[Script] Block bad referrers in vestaCP

One of the nastiest problems when it comes to webserver resource and bandwidth usage is represented by the bad referrers which associate with a series of artificial queries from various hostnames that spam the crap out of the webserver and statistical logs. Because the accuracy of the statistical traffic reports is highly influenced by such

[Case Study] Hacking the funnels (part 2)

I’ve already covered a lot of stuff through the previous post, however there’s some stuff left to take into consideration. Stuff that’s commercial but offered for free elsewhere. First and foremost, if you do proper research you can get paid items for free. Let’s take the Lumieres theme for example which can be obtained here

A few things about (in)security

A lot of folks have been praising a series of newly released apps and tools as well as online platforms and used words such as “secure” to describe them and reference them as bulletproof against eavesdropping. However all of them are meant to give a false feeling of security because every single app or platform is

SSH honeypot on Debian with Kippo

I had an idle cloud server from Cloudatcost.com and I decided at some point to setup a honeypot on it. So I started with SSH and found this tutorial on Kippo which is outdated and because it’s only partly useful I’ve decided to write my own installation tutorial for those willing to install Kippo on

IP blocks have become useless

I keep seeing posts on forums and also getting support requests that reference adding manual IP blocks although doing so is obsolete and useless. Ever since the botnets started to be a thing and the IP allocation space increased just to be nearly maxed out today it was pretty clear that blocking IP’s by hand