There’s a handy iptables tutorial which covers just about anything one could every want to know about iptables.

TrueCrypt is a handy utility for encryption entire partitions. The encryption is transparent, so everything works like normal but that data on the disk is encrypted. As a first line of defense one might want to have everything encrypted and mount it upon booting the computer, without having to type the commands every time the computer boots. This is a guide on how to set that up.

Read the rest of this entry

A few notes about Snort.

• /usr/lib/dynamicengine/libsf_engine.so -> /usr/lib/snort/dynamicengine/libsf_engine.so
• Download the rules
• Snort does not rotate its logs, so add it to the log rotator.
• Watch the alert log closely in the beginning and fine tune the rules early to avoid being swamped in irrelevant warnings.
• Use “lowmem” in the configuration and run with “-k 0” to reduce the memory usage.
• SGUIL is a nice tool for the analysis.

Cookies is another thing that I’m not too fond of. To me cookies are currently used similar to how javascript is used, i.e. rarely necessary for functionality but often used to track users. Therefor I find the Permit Cookies Firefox plugin handy. It allows you to reject cookies from domains that are not white-listed. So one can still use cookies for e.g. remembering logins while still avoiding the bulk of malicious cookies.

NoScript is a useful firefox plugin which allows the user to block javascripts (either via a whitelist or a blacklist). Personally I think it’s nice to be able to block javascripts as they are usually not necessary for functionality but often used to track users and for advertising. As a bonus one also avoids the bulk of cross side scripting vulnerabilities.

Using SSL for encryption is a nice way to avoid people sniffing passwords when one for instance logs into admin panels. However there’s a non-trivial prerequisite to setting up SSL: obtaining a SSL certificate .

Read the rest of this entry