Links related to tag security

Intro to fail2ban with ufw - zaiste

fail2ban is configured by default to only ban failed SSH login attempts. Check the current configuration with the following command:

sudo fail2ban-client status

|- Number of jail:  1
`- Jail list:   sshd


Let's start by configuring fail2ban to use ufw instead of iptables. Verify that there is a ufw.conf inside /etc/fail2ban/action.d/ directory.

Copy jail.conf to jail.local to prevent ch...

Stop SSH bruteforce with endlessh – ServerOK - serverok

Endlessh is an open source SSH trapit. It send slow random banner string to attacker, wasting their time.

Before you install endlessh, you need to change your SSH port to a higher non default port. To do this edit ...

Emmerdez les pirates SSH avec Endlessh ! - geeek

Si vous avez un serveur Linux avec un port SSH exposé sur Internet, vous avez probablement pu constater que celui-ci était en permanence attaqué par des tentatives d'attaque de type force brute utilisant des listes de mots de passe communs.

Pour remédier à ces tentatives attaques, vous avez plusieurs possibilités :

  • La première consiste tout simplement à filtrer les adresses IP pouvant accéder au...
10 Unknown Security Pitfalls for Python - sonarsource

Python developers trust their applications to have a solid security state due to the use of standard libraries and common frameworks. However, within Python, just like in any other programming language, there are certain features that can be misleading or misused by developers. Often it is only a very minor subtlety or detail that can make developers slip and add a severe security vulnerability t...