Why port 80 (HTTP) reported as open by nmap when it is closed?

Posted on in Categories Security last updated July 2, 2017

Why are some ports reported as open by nmap?
I recently setup a small server which is running Debian 9. The purpose of this machine is to run OpenVPN server on port 443 to bypass censorship. It runs the following services and nothing else:

  1. Squid on private IP belongs to VPN pool (
  2. SSH on private IP belongs to VPN pool (
  3. DNS resolver on private IP belongs to VPN pool (
  4. OpneVPN on public IP port 443 (server_public_ip_address:443)

Linux security alert: Bug in sudo’s get_process_ttyname() [ CVE-2017-1000367 ]

Posted on in Categories Security last updated May 31, 2017

There is a serious vulnerability in sudo command that grants root access to anyone with a shell account. It works on SELinux enabled systems such as CentOS/RHEL and others too. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. Patch your system as soon as possible.

HandBrake For Mac Mirror Server Was Compromised And Infected With PROTON Malware

Posted on in Categories Open Source, Security last updated May 7, 2017

HandBrake is an open-source and free transcoder for digital video files. It makes ripping a film from a DVD to a data storage device such as NAS boxes easier. HandBrake works Linux, macOS, and Windows. A Recent version of Handbrake for Mac and possibly other downloads at the same site infected with malware. If you have downloaded HandBrake on Mac between 2/May/2017 and 06/May/2017, you need to delete the file ASAP. HandBrake infected with a new variant of OSX.PROTON malware.

ssh_scan: A SSH configuration and policy scanner for Linux and UNIX server

Posted on in Categories Security last updated April 26, 2017

The SSH (“Secure Shell”) protocol is a method for secure remote login from one system to another. Sysadmins and users use a secure channel over an unsecured network in a client-server architecture format for connecting an SSH client with an SSH server. Security ssh server is an important task. There is a tool called ssh_scan from Mozilla which act as a prototype SSH configuration and policy scanner for your SSHD.

How to speed up OpenSSL/GnuPG Entropy For Random Number Generation On Linux

Posted on in Categories Howto, Open Source, Security last updated November 7, 2016

Entropy is nothing but the measure of “randomness” in a sequence of bits. The PRNG ( pseudorandom number generator ) is a special device (e.g. /dev/random on Linux) to create randomness from server hardware activities. It uses interrupts generated from the keyboard, hard disk, mouse, network and other sources. The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. The randomness usually used for security purposes like creating TLS/SSL keys and the quality source of random bits is critical. For example, OpenSSL APIs can use quality randomness to make your program cryptographically secure. However, a poor source of randomness could result in loss of security. In this post, I will cover haveged and rng-utils/rng-tools to generate random numbers and feed linux random device for your virtual or dedicated Linux server.

Secure Your Linux Desktop and SSH Login Using Two Factor Google Authenticator

Posted on in Categories Open Source, Security last updated October 29, 2014

Two factor authentication is increasingly becoming a strongly recommended way of protecting user accounts in web applications from attackers by requiring a second method of authentication in addition to the standard username and password pair.

Although two factor authentication can encompass a wide range of techniques like biometrics or smart cards, the most commonly deployed technique in web applications is the one time password. If you have used applications like Gmail, you are probably familiar with the one time password generated by the Google Authenticator app that’s available on iOS or Android devices.

The algorithm used for the one time password in the Google Authenticator app is known as the Time-based One-Time Password (TOTP) algorithm. The TOTP algorithm is a standard algorithm approved by the IETF in (RFC 6238) totp-rfc.

Installing Tails Live Linux Operating System For Preserving Privacy and Anonymity On The Net

Posted on in Categories Open Source, Security last updated October 1, 2014

Nowadays, privacy does not hold much value when it comes to the privacy of our data on our digital devices or on the internet. In the past few weeks, we learned that everyone who tries to maintain privacy on the net is under suspicion which is all the more reason to try to keep our data, contacts, communications, and whereabouts on the internet anonymous and hidden from prying eyes as much as possible. This holds true even more for people that are more exposed like human rights activists, journalists, lawyers, and even doctors. Some of the distributions that try to assist us with this build on the Tor network.

Secure Password Hashing for Python Developers

Posted on in Categories Programming, Python, Security, Web Developer last updated July 22, 2014

It is important to store the passwords of user accounts in a secure fashion. There have been many high profile incidents where a security breach resulted in hackers obtaining database dumps of user passwords. The 2012 LinkedIn hack and the recent Adobe hack are two out of many similar cases. Due to the fact that the passwords were stored in an inappropriate fashion, the hackers (read as crackers) were able to recover the passwords of many user accounts and publish them on the Internet, resulting in an embarrassing PR fiasco for the companies.