Author Archive: shah

I have basic level experience in Open source tools.

rss feed

How to Install and Configure Snort on PFsense Firewall

Snort is well-known open source IDS/IPS which is integrated with several firewall distributions such as IPfire, Endian and PfSense. In this tutorial, our focus is installation, configuration of snort and  rules on PfSense firewall. Snort needs packet filter (pf) firewall to provide IPS feature which is also available in this distribution. Installation All software's of […]

December 8, 2015 | By
| Reply More

How to Install uTox Client on Tails

In this tutorial, our focus is persistent installation of  uTox software on the Tails security distribution. uTox is lightweight TOX client for instant messaging. TOX application provides an easy and secure way  to users to connect with friends/family over insecure network. It is available for Windows, Linux, Mac OS and Android platforms. We assume that […]

November 17, 2015 | By
| 4 Replies More

How to Configure Tripwire IDS on Debian

This article is about Tripwire installation and configuration on Debian OS. It is a host based Intrusion detection system (IDS)  for Linux environment. Prime function of tripwire IDS is to detect and report any unauthorized change (files and directories ) on linux system. After tripwire installation, baseline database created first, tripwire monitors and detects changes […]

November 9, 2015 | By
| 3 Replies More

How to Setup Pfsense Firewall and Basic Configuration

In this article our focus is Pfsense setup, basic configuration and overview of features available in the security distribution of FreeBSD. In this tutorial we will run network wizard for basic setting of firewall and detailed overview of services. After the installation process following snapshot shows the IP addresses of WAN/LAN and different options for […]

November 3, 2015 | By
| Reply More

How to Install Snort and Usage in Ubuntu 15.04

Intrusion detection in a network is important for IT security. Intrusion Detection System used for the detection  of illegal and malicious attempts in the network. Snort is well-known  open source intrusion detection system. Web interface (Snorby) can be used  for better analysis of alerts.  Snort can be used as an intrusion prevention system with iptables/pf […]

August 10, 2015 | By
| Reply More

How to Configure OSSEC on Ubuntu 14.04 - Part 2

In our previous article we explained the installation of OSSEC on Ubuntu platform. In this part, first we will configure both client and server of OSSEC for rootkit detection, integrity checking and auditing features. Then we will integrate database with OSSEC and web interface for better analysis of logs and alerts. OSSEC Server Configuration After […]

July 1, 2015 | By
| Reply More

How to Install OSSEC Server-Client on Ubuntu 14.04 - Part 1

In this article our focus is OSSEC  which is an Open Source Host-based Intrusion Detection System (HIDS). It can be installed on Linux,Windows and MacOS. In this article, we will install OSSEC and web interface on Ubuntu distribution.  In our case, client and server of OSSEC will be linux machine. We assume that mysql and […]

June 5, 2015 | By
| Reply More

How to Install opensc and Required Smart Card Reader Drivers

OpenSC is a set of open source tools and libraries for smart cards which provides management of smart card (creation of PKCS#15 file structure and accessing smart cards using PKCS#11 API) . Smart Card or HSM (hardware security module) used for multiple purposes such as storage of cryptographic keys for web browser (Firefox) and email […]

April 20, 2015 | By
| 5 Replies More

Install libvirt to Manage Virtual Machines using virsh Command

Libvirt is a open source library which provides management of Virtual machine. It supports many function such as creation, deletion and update of VM. It is also used to run VM from XML configuration file. Libvirt is also used by well-known open source cloud platform openstack for the management of VM. It interacts with different […]

April 2, 2015 | By
| Reply More

Install NagiosQL - GUI interface to Configure Nagios Core

Nagios is an open source monitoring tool for the network devices. It uses snmp protocol for the monitoring of  network devices. Nagios Core supports configuration from CLI which is not easy for new users. NagiosQL is plugin which  provides GUI interface for the configuration of Nagios Core. In this article, our focus is installation of […]

March 29, 2015 | By
| 4 Replies More

Sleuth Kit - Open Source Forensic Tool to Analyze Disk Images and Recover Files

SIFT is a Ubuntu based forensics distribution provided by SANS Inc. It consist of many forensics tools such as Sleuth kit / Autopsy etc . However, Sleuth kit/Autopsy tools can be installed on Ubuntu/Fedora distribution  instead of downloading complete distribution of SIFT. Sleuth Kit /Autopsy is open source digital forensics investigation tool which is used […]

March 17, 2015 | By
| 1 Reply More

How to Install and Configure AlienVault SIEM (OSSIM)

OSSIM (Open Source Security Information Management) is an open source project by Alienvault which provides the SIEM (Security information and event management) functionality. It provides following SIEM features which are required by security professionals. Event collection Normalization Correlation OSSIM is a unified platform which is providing the essential security capabilities. Many proven open source security […]

February 24, 2015 | By
| 1 Reply More

Install pyxmlsec - Python XML Security Library on Ubuntu

XML encryption and digital signature are used for the security of XML documents. XML encryption and digital signature implementation exists for different programming languages. However, implementation of XML encryption and digital signature in C language is very comprehensive. It supports many functions and based on LibXML2 library. PyXMLSec is the Python implementation for XML security […]

February 13, 2015 | By
| 2 Replies More

Intro to Configure IPsec VPN (Gateway-to-Gateway ) using Strongswan

Strongswan supports Gateway-to-Gateway (site-to-site) and Road warrior  types of VPN. In first type, network traffic is encrypted/decrypted on the gateway (entrance/exit) of an organization. However in Road warrior case, traffic encrypted from the end client (machine) to remote end gateway. In this article, we will explain creation of  tunnel between two sites of an organization […]

February 10, 2015 | By
| 20 Replies More