Having played with CSF for a while on one server, I've decided I like it more than UFW and fail2ban. It seems much better at blocking mail bruteforce attacks and SSH as a distributed attack. So anyway, here's a list of steps to achieve that, as much for my record as anything. The server is running Ubuntu 16.04, but these general steps should work anywhere. In addition the server I did it on is also running VestaCP, so there are a couple more steps for that.
Linux
Viber SQlite Database Extraction / Forensics
Well you can use this to pull messages out of a Viber Desktop database. I personally had to do it when I re-installed Viber and it deleted my entire message history, which wasn't so friendly, so I pulled this out of the database so I could refer to it in a spreadsheet. Maybe there is … Read more
Command to find all image files which are not really image files!
Quick one this … so you've got a compromised webserver and you want to check the files on it. Many scanning tools will ignore images, but an image might not always be what it seems! Check them all with this command: find /path/to/dir -regex ".*\.\(jpg\|png\|gif\)" -exec file {} \; | grep -i -v "image data" … Read more
Bash script to clean Bots out of Apache Logs
If you've ever spent some time looking at webserver logs, you know how much crap there is in there from crawlers, bots, indexers, and all the bottom feeders of the internet. If you're looking for a specific problem with the webserver, this stuff can quickly become a nuisance, stopping you from finding the information you … Read more
Turning off ipV6 in Ubuntu 16
My home router doesn't handle IPv6, and for that matter, neither does my ISP, so I get a lot of IPv6 related garbage in my syslog and kern.log. To turn it off, you need to create a new file, rather than editing a system file, and then reload these settings. sudo nano /etc/sysctl.d/95-disable-ipv6.conf #add the … Read more