Cloudflare offers API access to it’s WAF IP access rules, which can be a great tool to ban bots on a “edge” level, reducing load on each instance. So once a server bans an IP for repeatedly failing auth, it will be blocked on the CF level, unable to bother other servers. My old script…
Category: IT Security
Username Enumeration with ffuf
We can use the existence of error messages like “Sorry, that username already exists!” to produce a list of valid usernames already signed up on the system by using the ffuf tool below. The ffuf tool uses a list of commonly used usernames to check against for any matches. In the above example, the -w argument…
Get an Email notification for successful SSH logins
This is an email alert that is triggered once a SSH login succeeds First we will create the script itself in the ssh folder /etc/ssh/login-notify.sh: Make the file executable, then add the following line to the end of the sshd pam file in /etc/pam.d/sshd It’s set to optional for testing, as it would prevent login…
A script to secure the server using IPtables firewall
Use this bash script to automate the configuration of the iptables firewall and persist rules over restarts.
How to secure the SSH Server on Ubuntu
This is a short overview of how to secure the SSH server on a fresh Linux system. We will cover the basics of setting up a robust SSH configuration to access and manage the remote machine later on. Secure the SSH Daemon Configuration File All the configuration of the SSH server we need to adjust…
Pi-Hole on Raspberry Pi
The internet has always been invested with a lot of Ads, but the amount of tracking, personalized and intrusive Ads has grown exponentially. While I’ve kept my own devices setup to combat them, the number of smart devices and also users is growing at home. In addition, blocking the ads from displaying or the scripts…