security Archive

SSH honeypot on Debian with Kippo

I had an idle cloud server from Cloudatcost.com and I decided at some point to setup a honeypot on it. So I started with SSH and found this tutorial on Kippo which is outdated and because it’s only partly useful I’ve decided to write my own installation tutorial for those willing to install Kippo on

IP blocks have become useless

I keep seeing posts on forums and also getting support requests that reference adding manual IP blocks although doing so is obsolete and useless. Ever since the botnets started to be a thing and the IP allocation space increased just to be nearly maxed out today it was pretty clear that blocking IP’s by hand

Basic security tips for Sentora

It’s pretty common for people to consider Sentora as an insecure control panel just based on the fact that it runs on port 80 while other panels run a separate webserver and thus use a different port. However, running a separate webserver for the control panel only has it’s cost and that cost is taken

DDoS protection or ransom payment?

I followed an ad earlier today which was referencing some sort of DDoS protection as I was curious to see what solutions could one offer that would help prevent major DDoS attacks like the record one that got Brian Krebs kicked of Akamai for taking around 620 Gb/s, especially since some believe that someone is systematically

When people are stupid enough…

Today the folks over at Namecheap announced a new .com domain giveaway on Facebook. The requirements were to like their post, comment with your username (!? yes, your username, public) and then share the post. When I first read their requirements I was like “wtf? are they really that retarded?” and apparently they are: Those