I finished reading the ModSecurity 2.5 book, written by Magnus Mischell and published by Packt Publishing. I found a lot of interest reading it as I was already using ModSecurity – and I think anyone exposing an Apache web server should. I was actually using it partially. It is not trivial to secure a web [...]
Archive of posts filed under the Firewalling category.
New book about ModSecurity
There will be a new book about mod-security coming out : ModSecurity 2.5. ModSecurity is essential when it comes to secure any web site. It will make the work of the attacker much harder and it may save you even if your favorite dynamic pages have a security hole. However, it must be configured wisely [...]
Postfix : TLS not working outside my network
As I just finished setting TLS and SASL to secure the access to my Postfix server, I realized that it was working only from inside my network. What I got from my lan : $ telnet mars 25 Trying 192.168.222.10… Connected to phocean.net. Escape character is ‘^]’. 220 phocean.net ESMTP Postfix (Debian/GNU) ehlo phocean.net 250-phocean.net [...]
How to connect to a Cisco device using the serial port on Linux
Using the serial port is still necessary to manage some devices, when it is reseted to factory defaults. It could be also a security choice… Nowadays many computers – and especially laptops don’t have anymore a built-in serial port. Not a problem, there are many cheap serial-usb converters like this. As an alternative to the [...]
FTP configuration issues
I found that it was a real mess to set up a FTP server in a DMZ, behind a firewall Cisco Asa (501 model with IOS version 7.0). The FTP server is on the DMZ area, and therefore I natted a public IP to the private IP in the DMZ subnet of this server. static [...]
