ITsecurity
python based nmap port scanning
Nmap is a great tool to run scans on remote hosts and networks. python-nmap module uses underline nmap binary to run scans and adds advantage of programmable controls to get desired results. To start install python-nmap module. Here is a sample code how to use above module and run scans. Save this as scanit.py Output
How to interact with influxdb using REST calls
Influxdb is open source database which is predominantly used for time series data collection . I have been using influxdb on my raspberry pi to store data from IoT sensors at home. So far I was using python influxdb module to pump in data. Recently I wanted to find some clientless solution to manage data […]
Secure Elasticsearch and Kibana access using Apache reverse proxy
Default ELK installation may not fulfill enterprise requirements as kibana, the visualizer, works on port 5601 without any authentication and elasticsearch listens only on loopback IP on port 9200 without any authentication. You may want to run kibana on standard http/https port ie 80/443 with authentication control. Similarly, you may want to allow elasticsearch access […]
Create a simple CA to sign SSL certificates
Securing traffic on various apps in organizations or even in a small home lab is very important to protect passwords and other critical information floating on LAN or WiFi. Let us build a handy CA in simple steps to generate own certificates which can be used in internal applications. Before this you may also like […]
Secure internet using DNS based traffic filter – pi-hole
Internet has grown as rapidly in last two decades. A number of resources on internet remain uncensored, uncontrolled because there is no central authority and method to monitor everything. There are “bad guys” across globe who plant malicious software, misleading ads on internet. Now, with internet ready handheld devices and smart TVs people use a […]
Secure Master Slave DNS transactions using TSIG
After we have completed Master slave configuration now we will try to secure transactions between master and slave DNS servers. To achieve this we will use TSIG (Transaction SIGnature). Master DNS, 192.168.0.10, mns1.ns.mka.in Slave DNS, 192.168.0.11, sns1.ns.mka.in On the master DNS server Generate TSIG host Key in /etc/bind/corp/tsig directory dnssec-keygen -a HMAC-MD5 -b 128 -n […]