Encrypting files in Linux with mcrypt

By default Linux systems do not ship with the mcrypt utility. At least not CentOS or Ubuntu that is. In Ubuntu installing mycrypt is just a matter of running the following command: apt-get install mcrypt In CentOS 5.5 mycrypt is not included in the distribution’s repositories because when I ran yum install mcrypt it installed […]

Nitko2 web server assessment

I decided to run a vulnerability scan on my fully patch Cent0S 5.2 rubyninja.net Apache web server using Nitko and learned quite a bit on the vulnerabilities found. 1st vulnerability found: My webalizer statistics were being displayed without any restriction. Fix: Enable .htaccess password protection and limited to permit local IP access. 2nd vulnerability found: […]

MS rant

It was sure nice hearing Steve Gibson’s rant agaisnt Windows on the latest Security Now Episode 192. The best part, and it totally made my day when he said that tools like Visual Basic .Net are designed so that monkeys could write application for Windows. http://twit.tv/sn192

OpenSSH

Well, instead of spending Saturday night wasting my time at the mall or at that place people call movie theaters, I got a chance to play around with OpenSSH more in depth. I use ssh to log into my server practically every single day, but I really wasn’t aware all of its actual capabilities. After […]

OpenVPN

I got a headache from tying to set up and get up and running OpenVPN. I’ve been trying to setup a local VPN server in my Linux box, but its overwhelming of all the crap I have to do to get this thing working. Creating the keys, editing multiple configuration files, and building my own […]