Categories

A sample text widget

Etiam pulvinar consectetur dolor sed malesuada. Ut convallis euismod dolor nec pretium. Nunc ut tristique massa.

Nam sodales mi vitae dolor ullamcorper et vulputate enim accumsan. Morbi orci magna, tincidunt vitae molestie nec, molestie at mi. Nulla nulla lorem, suscipit in posuere in, interdum non magna.

Firewall Builder with multiple ISP connections howto

Tweet

I’ve been using Firewall Builder to manage Linux (CentOS) firewalls for a while. It’s an excellent tool for middle-sized organizations.

I was a happy sysadmin with my single-ISP fwbuilder configuration. Everything was simple, everything worked out of the box. One day, a PPPoE connection came by. I thought there was a simple solution . . . → Read More: Firewall Builder with multiple ISP connections howto

Selectively allow SSH for users in VMware ESXi

Tweet

In another post, I explained how to disable root ssh login and allow regular users to login to the ESXi. It is also possible to selectively allow SSH for a particular set of users.

Create the security map

We need to create a map file to specify how to authenticate (or deny) users.

. . . → Read More: Selectively allow SSH for users in VMware ESXi

SSH with non-root users in VMware ESXi

Tweet

The default configuration in VMware ESXi 4.1 allows ssh login only for root. On the other hand, preventing root ssh login is part of any OS hardening checklist. In this article, I will explain how to access an ESXi server with non-root users and how to prevent root ssh login.

I’ll show how . . . → Read More: SSH with non-root users in VMware ESXi

MS Windows 2008 password recovery

Tweet

Recently, I had to login as the local Administrator in a MS Windows 2008 server. Guess what: nobody knew the local Administrator password. This happens pretty often when a MS Windows host is part of a Windows domain because administrators usually login as the domain Administrator and rarely use the local admin user.

. . . → Read More: MS Windows 2008 password recovery

PasswordSafe in Ubuntu 10.04 Linux 64 bits

Tweet

How many passwords and user names do you need to remember? PasswordSafe is a great piece of software that allows you to safely and easily create a secured and encrypted user name/password list. With Password Safe all you have to do is create and remember a single “Master Password” of your choice in . . . → Read More: PasswordSafe in Ubuntu 10.04 Linux 64 bits

Howto remove JS/Wonka trojan from WordPress

Tweet

My friend Pablo Moleri told me that his McAfee antivirus found the JS/Wonka trojan in my WordPress blog. This trojan consists of a special javascript code that may be used as a means to load other malicious scripts and exploit trojans.

Javascript code in WordPress can be found either in files or in . . . → Read More: Howto remove JS/Wonka trojan from WordPress

Teaching social engineering 101 to users

Tweet

Even though anti-phishing and other filtering tools keep evolving, most attack vectors for Social Engineering are still effective: phone calls, apparently accidental conversations with friendly strangers… Also the use of pendrives that people find on the street in front of their workplace. Those pendrives may contain viruses or any other malware to get . . . → Read More: Teaching social engineering 101 to users