Tag: security

Posted on

How to use SCP on Linux or other UNIX-based Environment

SCP is used to copy files securely over network. In order to use SCP, the remote host must be configured to use SSH server (OpenSSH on Linux system, including Ubuntu) and the user must have an account on remote server.

scp syntax is easy,


local:~$ scp <source> <username>@<remote_host>:<destination>

Example for copying local file to the users home directory on remote host, you can replace mypapit with your own username

local:~$ scp id_rsa_.pub mypapit@remote.host:~/

id_rsa.pub 100% 392 0.9KB/s 00:00

local:~$

To list the file on the remote directory, just run

local:~$ ssh mypapit@remote.host ls

temp_file.txt id_rsa.pub

and the content of remote directory will be displayed.

Copying file recursively
To copy file recursively, you only need to add “-r” switch. Add -v for verbose output.

Example:

local:~$ scp -rv ~/* username@remote.host:~/backup

Conclusion
SCP is easy to use especially when you want to copy or upload files from client to server without the use of FTP server. Additionally, the content of the files transfered is encrypted over SSH communication and you get the benefit of simplicity while working on the console.

Posted on

How to setup Secure Webserver HTTPS (SSL) on Apache in Ubuntu

Secure HTTP (SSL/TLS) has become a must if you are planning to setup a website which includes user authentication (ie. login box) or sensitive data. HTTPS prevents the sensitive data from being transfered across the network in clear text where it is susceptible to being sniffed or altered. Here is the tutorial on how to setup a secure HTTP on Apache web server in Ubuntu 10.04 (Lucid Lynx).

What do you need?

  • apache2 (Web Server)
  • openssl
  • A bit patient, because it will take some time to learn

Step 1: Create a self-signed certificate
You need to create a self-signed certificate with openssl. To do that you will need to generate the server key.


openssl genrsa -des3 -out server-sec.key 4096

…and certificate signing request (CSR)


openssl req -new -key server-sec.key -out server.csr

After that, generate the server certificate by signing it with the server key.

openssl x509 -req -days 365 -in server.csr -signkey server-sec.key -out server.crt

Keep the server-sec.key in a secure location, with read/write permission assigned only to root. Then generate a password-less copy of the key for Apache use.

openssl rsa -in server-sec.key -out server.key

By this time, you should have :

  • server.key (passwordless key for Apache)
  • server.csr (certificate signing request)
  • server.crt (certificate)
  • server-sec.key (server key)

Continue reading “How to setup Secure Webserver HTTPS (SSL) on Apache in Ubuntu”

Posted on

How to use GNU Privacy Guard (GPG) – Encrypt, Decrypt, Sign and Verifying identities

GPG or the GNU Privacy Guard is a free and open source software that implements OpenPGP public-key cryptography message format (RFC4880). You can use GPG to encrypt, decrypt, sign and verify files or emails. To use GPG, you need to generate the public-key/private-key pairs in your computer by running this command, and choose the default option


gpg --gen-key

The application will ask you to enter your ID and passphrase, make sure you choose a strong passphrase to guarantee the safety and security of your keys.

Encrypting and Decrypting Files
You can use GPG to encrypt files, it can be only decrypted by those who have your public-key. The command that can be used to encrypt file is :

gpg --out encrypted_file.txt --encrypt original_file.txt

Run this command to decrypt. Files encrypted with private key can only be decrypted with public key and vice-versa.

gpg --out decrypted.txt --decrypt encrypted_file.txt

Signing Email or body of texts
Alternatively, you can chose to sign emails/texts instead of encrypting them. Signing files is a way to ensure that the message/texts/emails are from the right sender and its content has not been tempered with. You can run this command to sign email or texts :

gpg --clearsign original_text.txt

This will produce a signature file which content the original text with PGP signature embedded at the bottom of the message.

To verify it (assuming you have the public key), you need to run this command:

gpg --verify original_text.txt.asc

Continue reading “How to use GNU Privacy Guard (GPG) – Encrypt, Decrypt, Sign and Verifying identities”

Posted on

Google Malware Warning Fucked up?

I don’t know when this thing happened exactly, but I noticed it around 10:57 pm MYT (GMT+8) when I was searching information for Yaesu VX8R handheld radio.

It seems somehow the Google Malware Warning fucked up and labels all the search result as “may harm your computer”. Funny thing is, Google labels its own website as potentially spreading malware.

Google Calendar site is spreading malware?
Google Terfakap

This incident has showed me how reliant to Google i’ve become, which made me wonder what would happen if suddenly somebody might take advantage of our dependency to Google, and do nasty things to us and to our data? By the way, Google already know what you do, who you are, and where you live.

Update: This event has been slashdotted, MAKE Magazine blog also covered the story.

Update 2: Google somehow have fixed the issue at 11:22 pm MYT (GMT +8). Let’s see what they would say about this strange phenomenon.

Update 3: Thanks to Manley, it seems Google has not fixed the issue, but rather disabled the Malware warning on its search result.

Final Update : Google issued a statement in their official blog as well as StopBadware.org

Posted on

How to find cause of heavy usage on your Apache webserver

Here’s a quick and dirty tips on how to find cause of heavy CPU resources usage on your Apache webserver (especially when running php scripts).

First you need to locate the Apache 2 “access.log” file. By default in Ubuntu, this file is located in “/var/logs/apache2” directory.

Then you need to run this command to find out which IP address accesses your website the most in a short time.
[code]
tail -10000 access.log| awk ‘{print $1}’ | sort | uniq -c |sort -n
[/code]

The output of the command should contain a list of IP addresses along with the number of hits it made in the last 10,000 access of your website
[code]
47 117.58.252.98
81 202.124.242.186
84 202.124.245.26
182 194.164.101.217
220 208.101.22.146
225 72.167.131.144
3946 93.135.xxx.xxx
[/code]

From here you can easily locate the offending ip address and proceed to block it from accessing your website further using .htaccess file or other blocking method.

Here is an example to block certain ip address from accessing your website using .htaccess file
[code] order deny,allow
deny from 93.135.xxx.xxx [/code]

Save .htaccess file in the root directory of your web server (example /var/www), and the ip address wont be available to access your site again.

Hope that would help you!