Guide to SSH Lockdown

The following, originally written 2019-07-24, was updated on 2020-04-20 to reflect more recent security requirements. OpenSSH is one of the host heavily-trafficked tools that there is among Linux systems engineers. It is used to hop around, onto and off of servers, to copy files, and even to run commands remotely.…

DefCon Resources

There are some unofficial sources of DefCon information that I have found to be super useful. For details on what is where, this one is great: DEF CON 27 – Mega Thread If you are into the badges, here’s a list: DefCon Badge Life Tracker Speaker list: DefCon Speakers Workshop…

Automate Patching/Rolling Reboot

For anyone who does patching, you know this can be ultra-tedious, especially if you have large numbers of servers.  However, I have put together a script that will roll through a list of CentOS/RHEL/Fedora servers, patch them, reboot them, and run a command or two once they’re back up (if…

Data Breaches and You

What can be done with data breaches? People can just change their password, and the breach becomes useless, right? Is there really any concern? First off, not every data breach contains credentials. Some, like the Experian hack, contain personally identifiable information (commonly referred to as PII). These types of data…

Defend Against This

While certainly not a new concept, I was thinking about the “Fork Bomb.”  There are quite a few examples of doing this in different languages.  This one takes all the CPUs to 100% and will essentially run the system out of memory: #!/bin/bash STR="#" while true ; do for i…

Pre-computed Hash Table, v. 1.0

Torrent file => 600 Million Passwords – Pre-computed Hash Table This is a list of 600 Million unique plain-text passwords collected from about 100 of the largest database dumps from about a decade ending in the summer of 2018.  I then generated NTLM, sha1, sha256, MySQL, and MD5 hashes from…

And more data

As you may know, I’ve been working on collecting the biggest leaked databases that I can find.  Well, I stumbled upon one called “Collection #1 Leaked.”  Finding the torrent, I put it into the client and began downloading it.  When it was done, the archive was about 36GB.  Unzipped, it…

More Passwords

At first, the Exploit.in dump was giving me trouble because I generated all of the SQL with Bash.  Do not do this.  It’s way harder to escape database-unfriendly characters.  So, I just did it with PHP really quick and started importing them this morning .  So far, I’m up to…

Password Database Update

I’ve been doing some other things for the past year or so, but I think I’m ready to pick this back up.  I have downloaded and imported all database dumps of which I am aware that have 1M or more compromised accounts in them, most of them from the past…

RHEL 6.9 to CentOS 6.9 Script

Sometimes, it’s a bit of a pain to work with RedHat Enterprise Linux.  I’ve been developing a solution with a co-worker that will allow you to convert a RHEL 6.9 box to a CentOS 6.9 box.  So here you have it.  The script that converts RHEL 6.9 to Cent 6.9:…