The whole truth about the & nb p; Network
In no country in the world is a well-known software maker reconciled with the emergence of domains, including its name or trademarks belonging to it. This was the case with…

Continue reading →

Popular Copywriting Exchange
The copywriting profession is becoming increasingly popular among novice freelancers. Accordingly, the number of sites providing them with a field for activity, that is, exchanges, is growing. Experienced copywriters know…

Continue reading →

Hosting and its types
Currently, every self-respecting company or private entrepreneur consider it a duty to have a personal website. In order to start a site you need to register a domain name yourself,…

Continue reading →

Warning network attacks.

An intrusion into a computer system usually begins with a preliminary assessment of the flaws in the protection of the network perimeter of your server connected to the network. In the course of such a “shoot-in,” the hacker first needs to know the list of open ports and evaluate the identity of your computer’s operating system. The previous article described the scanlogd program, which allows analyzing attempts to scan your server. However, attacks using veiled scanning techniques like “stealth” have become widespread in the modern Web. Based on this, using scanlogd alone will not give unambiguously positive results.

If you are not satisfied with the modest capabilities of scanlogd, there is a more advanced scan attempts analyzer – PortSentry. This program allows you not only to fix the scan of your computer over the network. It also provides an opportunity to adequately respond to this process (not to scan in response, of course, but simply to block access to the offending host to your server). You can analyze the scanning process of your host and run external programs (like iptables).

Installing PortSentryThe AltLinux installation of the PortSentry utility is performed using Synaptic and is a routine procedure. PortSentry, like scanlogd, runs in daemon mode. After the installation process is complete (in any Linux distribution), you should check the functioning of the daemon autorun script. To do this, check the presence of a symbolic link in the /etc/rc5.d/ directory of the /etc/init.d/portsentry file, for example, using the following command:
# ls -l /etc/rc5.d/*portsentry*
Of course, if there is no such link, it should be created (how to do this with reference to scanlogd, described above).

PortSentry main features PortSentry main features:

possibility of wide customization of default behavior policy. The PortSentry daemon can be run in one of three modes of operation. Thus, you can choose what is more important for you – stop the intruder of your network perimeter or fix the penetration attempt (the ability is regulated by specifying certain command line parameters, for which you should edit the init script (/etc/init.d/portsentry) to start the PortSentry daemon );
the ability to perform retaliatory actions (the author of the program highly recommends that you limit yourself to blocking the hacker’s host, and not take adequate measures such as a response scan) in relation to the intruder of your network boundaries. For example, you can add such a rule to the table of your firewall that will exclude the possibility of information exchange with the offending host (you can also add a line to the /etc/hosts.deny file);
fine-tuning of the ranges of ports to be listened to and ignored, and the ability to create a list of ignored hosts. The ability is necessary to eliminate the false positives of the protection system built on PortSentry. Thus, for example, you can exclude port 53 in order not to receive further warnings about scanning of this port by gaming programs that use network capabilities somewhat frivolously (ADVANCED_EXCLUDE_TCP or ADVANCED_EXCLUDE_UDP parameters, which are used in the advanced mode of launching the PortSentry daemon). Ignored hosts are listed in the file, which is described in the IGNORE_FILE configuration parameter.
PortSentry launch modesThe PortSentry daemon can be run in the following modes:

Classic (the daemon startup key -tcp or -udp). In this mode, the PortSentry daemon waits for connections on the ports listed in the TCP_PORTS configuration file settings (or UDP_PORTS), and blocks packet exchange with the remote host when trying to reconnect or scan. This mode of operation does not allow determining “stealth” scan of your computer;
enhanced (Enchanced) detection mode for stealth scans (start keys -stcp or -sudp). When you try to scan or connect to the ports listed in TCP_PORTS (or UDP_PORTS), the remote computer is blocked;
Advanced (Advanced) mode of detecting “stealth” scans. In this mode, all ports from the first to the specified in the ADVANCED_PORT_TCP parameter (ADVANCED_PORT_UDP) are checked for connectivity or scanning. The mode is activated by the command line switches -atcp or -audp.
Depending on the importance of your host, you should choose one of the three options for starting the PortSentry daemon. It should be noted that only one launch mode can be selected for each protocol at a time. For example, you can specify for both TCP and UDP protocols advanced detection mode for stealth scans. In this case, the value of the MODES variable should be edited in the /etc/init.d/portsentry file. For the specified combination of protocols and protection modes, you must specify MODES = “audp atcp” (in AltLinux 2.4, this value is set in /etc/init.d/portsentry by default).

5 rules to help protect yourself from cybercriminals
Today, the problems of cyber defense have become more acute in society. The level of crimes related to the theft of personal data is growing from year to year in…

...

Viral marketing on the Internet
Marketing is the path to success Internet marketing has many different tools for increasing sales of products or services. Some of them are legal, others are not. And there are…

...

Indices: first step on & nb p; paths to & nb p; speed
Databases are specialized repositories of information, and working with them, we operate with concepts of data sets and operations on these data, forgetting that there is real equipment behind them.…

...

Spammers began to unite in online clubs
Spammers also know the parable of the broom twigs, which are easy to break individually, but together it is almost impossible. And these bad people, which most normal people hate…

...