Solutions of NATAS 1-15

Hello Folks, In this post, I will share with you the solutions of Natas challenges from one to fifteen. It is strongly recommended not to look at the solutions without cogitating. Natas0: Username and password have been already provided for Natas0. URL: http://natas0.natas.labs.overthewire.org natas0/natas0 Solution: Login the page with the credential natas0/natas0. On Chrome Browser right-click […]

Read More →

SSL Client Certificate Authentication with Apache

Creating CA Certificate We use this certificate for only signing certificates that we use for the clients and our web servers. It should be kept very secure. If it is disclosed other certificates signed with this certificate will be disclosed as well. openssl genrsa -des3 -out ca.key 4096 openssl req -new -x509 -days 365 -key […]

Read More →

SOCKS

SOCKS stands for Socket Secure. It exchanges data packets between client and server via proxy. It operates on the Session Layer of the OSI model. It allows users to surf on the Internet anonymously. More than that It gives you accessibility of applications only one secure port connection. In this post, I will implement fundamental […]

Read More →

SSL Validation and Troubleshooting

There may be times when we have a problem with SSL certificate because of some issues such a missing intermediate certificate, self-sign certificate and etc,. It may be exhausting to figure out what exactly the problem is. Even though, web browsers give some details about problem, It is not enough to solve the problem sometimes. […]

Read More →

Encrypting with aespipe

Hi folks! It has been long time that I did not post anything on my blog.  Actually, I set sail for new adventure, new job– I will move to Wrocław, Poland. So I have many things to do. Anyway. In this post, I write about encrypting a file in Linux. Actually, there are many command […]

Read More →

SSH Two-Factor Authentication

Hi Folks! Proliferation of the Internet changes our life that almost anything demands for the Internet. Our personal information, bank accounts, Company’ secrets etc.. So, how we protect our computer systems from intruders ? As you know most common method is password authentication. But People are so inclined to use short passwords. Brute-Force methods prevails […]

Read More →

Redirecting http to https

Do you have  a SSL certificated web site and your audience still connects you via  http because of their habit ? Easy way to handle this problem is redirecting http requests to https. By doing that any http requests are redirected to the https. To do that we will use Apache web server (httpd RHEL,CentOS). […]

Read More →

Port Knocking

Port knocking is one of hardening method to prevent unauthorized user access the services. This method ability to externally open ports that, by default, keep closed by firewall. It works by sending  TCP packets to predefined closed ports in right order. In my virtual environment, I have two Linux based systems one is Debian8 and […]

Read More →

Free SSL Certificate

Q: Is is possible to get free SSL certificate, which is supported by modern web browsers such as Chrome, Mozilla Firefox, IE etc,. A: Actually, yes you can have free green bar SSL certificates which is supported by modern web browsers. Let’s Encrypt is a free, automated, open Certificate Authority. But before you have SSL […]

Read More →