LSM is a network socket monitor; it is designed to track changes to Network sockets and Unix domain sockets, effectively a port monitor. It does this by a rather simple differential based comparison of current and new server sockets (Server Ports).
A simple and configurable alerting system sends alerts whenever new ports activate. LSM will ignore services that are currently holding sockets open, events are only applicable when a ‘new’ socket (port) is created.
Install And Configure Linux Socket Monitor (LSM)
1. Download the latest version of LSM from the rfxn.com
# cd /usr/local/src
# wget http://www.rfxn.com/downloads/lsm-current.tar.gz (more…)
Ping is a networking utility used to test the reachability and round-trip time (RTT) delay of a remote host over Internet Protocol (IP). The ping utility does so by sending out a series of Internet Control Message Protocol (ICMP) echo request packets to a remote host, and waiting for corresponding ICMP response packets from the host.
However, we cannot check a specific port with ping command as ICMP belongs to layer-2 IP layer, not layer-3 transport layer.
In order to ping a specific port of a remote host, we need to use layer-3 transport protocols which have a notion of port numbers.
There are many methods to check. Among them, the easiest methods are shown below. (more…)
FirewallD is a new firewall suite being introduced to Linux distribution. At present the all new popular CentOs 7 has it as the default firewall suite which in near future will be implemented in servers. FirewallD as usual was developed by Fedora community and was implemented in the 20th version of the same. It is also being used in arch Linux and others till the date.
FirewallD is a dynamic firewall, dynamic in the sense that any change in the firewall will be implemented as soon as the amendment is made. That is unlike the previous firewall suite (iptable) where no hard reset or restart is needed to implement the rule amended or included. Iptables is deprecated in early release version of CentOs 7, which means sooner or later the package would be replaced by FirewallD. Since FirewallD is not completely compatible with Iptable it is still present. Although deprecated the concept of iptables can be implemented via firewallD using the direct option available. (more…)
We can subscribe Sent, Trash, Drafts, Junk and other IMAP folders in webmail and other email clients, if they are missing.
Below are the instructions on how to subscribe IMAP folders in order to make them appear in the webmail or any email clients.
- Login to webmail and Select Horde.
- Click on the Folders icon at the top of the screen.
- Choose the Rebuild Folder Tree option from the drop-down box. (more…)
Portsentry is a tool to detect port scans and log it. Once a host is targeted by an attacker, a port scan is almost always performed.
PortSentry detects such scans by monitoring the unused ports on the host. Upon a connection attempt to one of the unused ports, PortSentry is alerted and has the ability to issue a number of commands in response to the scan.
# cd /usr/src/
# wget http://sourceforge.net/projects/sentrytools/files/latest/download (more…)