Skip to main content

Hardening Linux

SQL INJECTION USING SQLMAP
===============================


python sqlmap.py -u "http://www.site.com/section.php?id=51"

Discover db

 python sqlmap.py -u "http://www.sitemap.com/section.php?id=51" --dbs

Discover tble

python sqlmap.py -u "http://www.site.com/section.php?id=51" --tables -D database name

Get coloumns of table

python sqlmap.py -u "http://www.site.com/section.php?id=51" --columns -D database -T tablename


Get data from table

$ python sqlmap.py -u "http://www.site.com/section.php?id=51" --dump -D database -T tablename




NMAP
=========
nmap -sS 192.168.0.101 --perform stealthy scan
nmap -PS -p 22,80 192.168.0.101--scan specific ports
nmap -sV--find host service version number
nmap -PN 192.168.0.101 --- Scan a Host to check its protected by Firewall


Lynis
++++++++
yum install git
cd /usr/src && git clone https://github.com/CISOfy/lynis.git
cd /usr/src/lynis/
 ./lynis audit system -Q



 TCP SYN Flood Protection
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 3

 wget http://hostmybytes.com/hardening.sh


Open the suPHP configuration file:

1
# vi /opt/suphp/etc/suphp.conf
And uncomment the following lines:

1
2
3
;application/x-httpd-php=/usr/local/lib/
;application/x-httpd-php4=/usr/local/php4/lib/
;application/x-httpd-php5=/usr/local/lib/
The above lines should read as below:

1
2
3
application/x-httpd-php=/usr/local/lib/
application/x-httpd-php4=/usr/local/php4/lib/
application/x-httpd-php5=/usr/local/lib/


# open_basedir = "/home/:/tmp:/usr/local/lib/"






mysleep() {
MESSAGE=$1
pid=$!
        spin='-\|***|/'
        i=0
        while kill -0 $pid 2>/dev/null
        do
          i=$(( (i+1) %4 ))
          echo -ne "\r$MESSAGE ${spin:$i:1}"
          sleep .1
        done
}



mysleep "Tweaking Apache"





red='\e[0;31m'
green='\e[0;32m'
notice='\e[0;35m'
NC='\e[0m'

    echo -ne "\r${notice}Detected cPanel/WHM on the server${NC}"


NON VPS SERVICES
======================


https://www.nixtree.com/download/free/services_dis_vps.txt


Greensnow blacklist in csf

http://blocklist.greensnow.co/greensnow.txt


WatchMySQL cPanel/WHM plugin
===========================
cd /usr/src
wget http://download.ndchost.com/watchmysql/latest-watchmysql
sh latest-watchmysql


How to uninstall the WatchMySQL cPanel/WHM Plugin
An uninstall script is included with the installer, you can download the installer and extract it without running it by passing –noexec to it. to download the installer extract it then run the uninstall, use the following commands:

wget
http://download.ndchost.com/watchmysql/latest-watchmysql
sh latest-watchmysql --noexec
./installd-watchmysql/uninstall
It will look as follows:
root@localhost [~]# wget
http://download.ndchost.com/watchmysql/latest-watchmysql
root@localhost [~]# sh latest-watchmysql --noexec
Creating directory installd-watchmysql
Verifying archive integrity... All good.
Uncompressing WatchMySQL by NDCHost.com....................................
root@localhost [~]# ls
installd-watchmysql  latest-watchmysql
root@localhost [~]# cd installd-watchmysql/
root@localhost [~/installd-watchmysql]# ls
./ ../ bootstrap  changelog  uninstall  watchmysql  watchmysql.chkservd  watchmysql.config  watchmysql.redhat  whmplugin
root@localhost [~/installd-watchmysql]# ./uninstall


Clean BACKUPS
=============
https://www.ndchost.com/cpanel-whm/addons/cleanbackups/

Comments

Popular posts from this blog

How to tweak linux server harddisk using hdparm

hdparm switches explained http://manpages.ubuntu.com/manpages/intrepid/man8/hdparm.8.html   First of all you have to install hdparm in linux. apt-get install hdparm #hdparm /dev/sda /dev/sda: readonly = 0 (off) readahead = 120 (on) geometry = 8850/255/63, sectors = 142182912, start = 0 Hard disk Performance Information # hdparm -tT /dev/hda /dev/hdd: Timing cached reads: 496 MB in 2.00 seconds = 247.42 MB/sec Timing buffered disk reads: 60 MB in 3.03 seconds = 19.81 MB/sec Hard drive set to low, slow settings # hdparm -cuda /dev/hda /dev/hda: IO_support = 0 (default 16-bit) unmaskirq = 0 (off) using_dma = 0 (off) readahead = 256 (on) Use below tweaks to increase disk read write performance. For sda drive ~]# hdparm -a 2048 /dev/sda /dev/sda: setting fs readahead to 2048 readahead = 2048 (on) For sdb drive [root@439298a ~]# hdparm -a 2048 /dev/sdb /dev/sdb: setting fs readahead to 2048 readahead = 2048 (on) ]# echo “anticipatory” >...

Modsecurity block rule for XMLRPC and wp-login attack

SecAction phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR},initcol:user=%{REMOTE_ADDR},id:5000134  <Locationmatch "/wp-login.php">  SecRule user:bf_block "@gt 0" "deny,status:401,log,id:5000135,msg:'ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes.'"  SecRule RESPONSE_STATUS "^302" "phase:5,t:none,nolog,pass,setvar:ip.bf_counter=0,id:5000136"  SecRule RESPONSE_STATUS "^200" "phase:5,chain,t:none,nolog,pass,setvar:ip.bf_counter=+1,deprecatevar:ip.bf_counter=1/180,id:5000137"  SecRule ip:bf_counter "@gt 10" "t:none,setvar:user.bf_block=1,expirevar:user.bf_block=300,setvar:ip.bf_counter=0"  </Locationmatch>  SecAction phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR},initcol:user=%{REMOTE_ADDR},id:5000234  <Locationmatch "/xmlrpc.php">  SecRule user:bf_block "@gt 0" "deny,status:401,log,id:5000235,msg:'ip address blocked for 5 m...

Apache tuning documentation

Apache bench marking ======================= Things or checklist to be considered before the test     CPU: avoid power-saving mode. cpufreq-set -g performance.     File descriptors: raise the limit to (at least) the number of concurrent connections you wish to handle, using ulimit -n in your shell, or setrlimit(RLIMIT_NOFILE) in your server. Beware, some systems forbid you to raise the limit, you might need to investigate a bit to find how to unlock it.     Disable the logs of your server (you do not want to lose time logging thousands of requests instead of answering them).     Raise /proc/sys/net/somaxconn to the number of concurrent connections you want to handle. To understand why this is necessary, read the technical report or the excellent paper Measuring the Capacity of a Web Server (Banga and Druschel, Usenix 97). More on the fascinating topic of the accept() queue can be found in accept()able Strategies for Im...