CategorySecurity

Run rkhunter from a crontab

Rootkit hunter is an open source Unix/Linux based tool that scans for backdoors, rootkits and local exploits on your systems. It scans for suspicious files and works like a file integrity checker.

The team behind rkhunter recommends installing same-class tools like Chkrootkit or OSSEC-HIDS which compliment the overall security of a system. On this entry today we are going to review:

  • How to install rkhunter
  • Create a bash script that can be executed from a crontab
  • Setup the crontab to run daily scans
  • How to prep rkhunter

Continue reading

Configure end-user spam notifications on Office 365

EAC

Microsoft’s Office 365 Exchange Online Protection (or EOP) can be used to easily manage the spam and malware filtering needs for an O365 tenant. It can even do this for an on-prem Exchange system.

eactabs

The spam filter offers a number of configuration options including where to send messages that have exceeded the spam score threshold.

Continue reading

GnuPG password caching

If you use GnuPG you may choose to cache your password to avoid having to re-enter it each time you need to use your key-pair. The gpg-agent handles this function and a timeout can be set within it’s configuration file typically located within the path ~/.gnupg/gpg-agent.conf

Some distributions such as Fedora 23 don’t include a configuration file. In this case you can create one with the options desired.

Default configuration file defined on an Ubuntu 15.10 system

cat ~/.gnupg/gpg-agent.conf

default-cache-ttl 300
max-cache-ttl 999999

Let’s examine these a little closer

Continue reading

DNSCrypt and Dnsmasq

Your ISP provides name to IP address resolution for any domain that is not resolvable within your local network. These unsecured requests can be spoofed by an attacker which could lead to a man-in-the-middle attack. Your ISP may also be able to monitor your traffic. Fortunately there is a simple solution to ensure data integrity while also protecting your privacy.

DNSCrypt encrypts and authenticates DNS traffic between your computer and a DNS resolver.  This ensures the IP addresses being returned to you have not been manipulated while also maintaining data confidentiality. In the following example we are going to demonstrate how to install DNSCrypt on a system running Linux and then cache those requests using Dnsmasq.

Continue reading

CryptoLocker and CryptoWall

Ransomware the  likes of  CryptoLocker and CryptoWall  have been around since 2006. You may already know that this type of malware will target and lock users files using encryption rendering them unreadable. The variant named CryptoWall 3.0 will also combine spyware in an attempt to intercept your private data. Hackers will hold your data hostage hoping you pay a ransom (in Bitcoin currency) in order to release your files.

Continue reading

© 2019 revelset

Theme by Anders NorénUp ↑