How to Verify A Connection is Secure Using OpenSSL

Reading Time: 11 minutes

What is OpenSSL?

OpenSSL is a free and open-source software cryptography library that provides cryptographic functionality to applications to ensure secure internet communication. It is widely used on many server applications, and it is available for most Unix-like operating systems (including Solaris, Linux, Mac OS X, the four open-source BSD operating systems), OpenVMS and Microsoft Windows.

Continue reading “How to Verify A Connection is Secure Using OpenSSL”

How to Add a User and Grant Root Privileges on Ubuntu 16.04

Reading Time: 2 minutes

Ubuntu 16.04 LTS provides you the ability to add a user for anyone who plans on accessing your server.  Creating a user is a basic setup but an important and critical one for your server security. In this tutorial, we will create a user and grant administrative access, known as root, to your trusted user.

Continue reading “How to Add a User and Grant Root Privileges on Ubuntu 16.04”

How To Change the SNMP Port on CentOS

Reading Time: 2 minutes

Introduction

SNMP, or Simple Network Management Protocol, is widely used to communicate with and monitor network devices, servers, and more, all via IP. In the previous article, we installed an SNMP agent on a CentOS 6.5 server. This agent allows for the collection of data from our server and makes the information available to a remote SNMP manager. To add a little security, we’ll now change the port that SNMP listens on.

Continue reading “How To Change the SNMP Port on CentOS”

How to Password Protect Folders in IIS and Plesk

Reading Time: 5 minutes

Introduction

When reviewing your servers security, it is critical for businesses to ensure that while building new sections of your website, that we do not leave it unsecured or visible to users while it is being built. With this in mind, there are several ways for you to “lock” a folder or domain while it is being developed. This will safeguard a folder or an entire site using the security feature built into IIS and Plesk called password protection. In today’s article we will see how easy it is to restrict access to a site or a folder.

Continue reading “How to Password Protect Folders in IIS and Plesk”

How to Install and Use Git-Secret

Reading Time: 3 minutes

What is Git-Secret?

Git-secret is a bash tool that is used to store your private files and information inside of a git repo on your server. The git-secret tool allows us to encrypt sensitive files that are stored inside a secure, encrypted repository. In this article, we will be examining the process of installing and working with git-secret on an 18.04 Ubuntu Server.

Continue reading “How to Install and Use Git-Secret”

Lynis: A Security Auditing Tool For Linux

Reading Time: 20 minutes

What is Lynis?

Lynis is a well known, seasoned security tool for Linux based systems (including macOS and/or other Unix-based operating systems. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open-source software with the GPL license and available since 2007.

Continue reading “Lynis: A Security Auditing Tool For Linux”

How Do I Use GPG?

Reading Time: 10 minutes

What is GPG?

GnuPG (or Gnu Privacy Guard) is an adaptation of an earlier encryption standard known as PGP (or Pretty Good Privacy). GPG uses the method of “public” and “private” keys for the encryption and signing of messages or data.

In this article, we’re going to be discussing the following topics: 

  • Why is GPG needed?
  • How Does Public Key Encryption Work?
  • How do I Setup GPG Keys?
  • How do I Find Other Users’ Public Keys?
  • How do I Make My Public Key Available To Others?
  • How do I Encrypt and Decrypt Messages with GPG?
Continue reading “How Do I Use GPG?”

Install Fail2Ban On CentOS 7

Reading Time: 3 minutes

What Is Fail2Ban?

Fail2ban is an open-source software that actively scans the servers log files in real-time for any brute force login attempts, and if found, summarily blocks the attack using the servers firewall software (firewalld or iptables). Fail2Ban runs as a background process and continuously scans the log files for unusual login patterns and security breach attempts.

Continue reading “Install Fail2Ban On CentOS 7”

Top 15 Server Security Practices for 2020

Reading Time: 16 minutes

In this article, we will denote the security best practices for 2020 and beyond. Because security is such a challenging subject for many, it often goes unheeded, and as such, many are caught unaware when an issue arises. By following these best practices, you can significantly lower your risk of being compromised by a malicious actor.

Continue reading “Top 15 Server Security Practices for 2020”