After Meltdown and Spectre attacks , now IT world is dealing with 4 newly discovered and even more dangerous vulnerabilities in Intel CPU, MDS. These new security vulnerabilities, which of Zombieload being the worst, allow hackers to read the CPU processed data, including keys, from the cache while no particular access required!
A new bug is announced in all Linux OS recently.It is about a package, glibc. This package is responsible for C libc libraries, (libm) ,POSTIX Thread, Name Server Caching Deamon (nscd) standard libraries. This vulnerability is from Heap Buffer OverFlow kind for nss_hostname_digits_dots() function in libc which are called by gethostbyname() and ethostbyname2() that make […]
To ban a ip command these: iptables -D OUTPUT -p all -s IP.ADDRESS.HERE -j DROP iptables -D INPUT -p all -s IP.ADDRESS.HERE -j DROP
use this command in ssh:
When you are under DDOS attack, you can run this command to check the number of connections per ips:
Some times you can not use the YUM to install mod_security , in these situation, try this:
If you find yourself needing to check all open/listening ports that your server is using (a good idea for security), run the follow command via SSH:
ConfigServer Firewall, or CSF, is a common Linux security suite. Log in to your VPS as the root user and run the following commands to install CSF:
A simple, but very effective, step you can take to enhance your server’s security is to update the port SSH uses to a port other than 22 (the default). To do this, login to your VPS as root and follow these steps:
