Mimikatz is a tool created by the French developer, Benjamin Delpy used to gather credentials and can carry out a range of operations connected with penetration testing. Its creation stems from a noted vulnerability of the Windows system function called WDigest. WDigest is designed to allow larger Windows-based network users to establish credentials in multiple applications on a LAN or WAN. This feature stores authentication credentials in memory and allows for their automatic reuse so users only have to enter their login details once.
OpenSSH is an open-source utility developed by The OpenBSD Project. SSH stands for “Secure SHell.” This service encrypts traffic on both ends, eliminating security risks from hackers or eavesdroppers. It can be used for remote operations like file transfers and offers key-based passwordless authentication. In this tutorial, we will demonstrate how to harness the power of SSH’s on your Windows server to send basic remote commands and transfer files using password authentication.
OpenSSL is a free and open-source software cryptography library that provides cryptographic functionality to applications to ensure secure internet communication. It is widely used on many server applications, and it is available for most Unix-like operating systems (including Solaris, Linux, Mac OS X, the four open-source BSD operating systems), OpenVMS and Microsoft Windows.
Ubuntu 16.04 LTS provides you the ability to add a user for anyone who plans on accessing your server. Creating a user is a basic setup but an important and critical one for your server security. In this tutorial, we will create a user and grant administrative access, known as root, to your trusted user.
SNMP, or Simple Network Management Protocol, is widely used to communicate with and monitor network devices, servers, and more, all via IP. In the previous article, we installed an SNMP agent on a CentOS 6.5 server. This agent allows for the collection of data from our server and makes the information available to a remote SNMP manager. To add a little security, we’ll now change the port that SNMP listens on.
When reviewing your servers security, it is critical for businesses to ensure that while building new sections of your website, that we do not leave it unsecured or visible to users while it is being built. With this in mind, there are several ways for you to “lock” a folder or domain while it is being developed. This will safeguard a folder or an entire site using the security feature built into IIS and Plesk called password protection. In today’s article we will see how easy it is to restrict access to a site or a folder.
Git-secret is a bash tool that is used to store your private files and information inside of a git repo on your server. The git-secret tool allows us to encrypt sensitive files that are stored inside a secure, encrypted repository. In this article, we will be examining the process of installing and working with git-secret on an 18.04 Ubuntu Server.
Lynis is a well known, seasoned security tool for Linux based systems (including macOS and/or other Unix-based operating systems. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open-source software with the GPL license and available since 2007.