Enero 12

High Performance DoS Analyzer: FastNetMon

Install

For Debian 6, 7, 8 and CentOS 6, 7 and Ubuntu 14.04 and Fedora and Gentoo you should use the automatic installer:

wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/fastnetmon_install.pl -Ofastnetmon_install.pl
sudo perl fastnetmon_install.pl

Please keep in mind! We track some information about your machine (os type and distro version). If you do not want to share this information, please add flag

--do-not-track-me

To intstall script call. But in this case we can’t improve FastNetMon for your distribution.

It’s REQUIRED to add all of your networks in CIDR notation (11.22.33.0/24) to the file /etc/networks_list in the form of one prefix per line. If you are running this software on an OpenVZ node, you may not need to specify networks explicitly, as we can read them from /proc/vz/veip.

You can whitelist prefixes by adding them to /etc/networks_whitelist (CIDR notation too).

Start main process:

/opt/fastnetmon/fastnetmon

Start the client process in another console:

/opt/fastnetmon/fastnetmon_client

To enable fastnetmon to start on server startup, please add the following line to /etc/rc.local:

/opt/fastnetmon/fastnetmon --daemonize

If something goes wrong, please check logs:

tail -f /var/log/fastnetmon.log

When an incoming or outgoing attack occurs, the program calls a bash script twice (if it exists):

/usr/local/bin/notify_about_attack.sh

The first time when threshold exceed (at this step we know IP, direction and power of attack). Second when we collect 100 packets for detailed audit of what happened.

A sample script is provided and can be installed as follows:

wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/notify_about_attack.sh -O/usr/local/bin/notify_about_attack.sh
chmod 755 /usr/local/bin/notify_about_attack.sh

After downloading the file, you need to open it and configure the ’email_notify’ option as required.

You can use an alternative python script from here.

If you want to use unstable development branch, please use this syntax:

wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/fastnetmon_install.pl -Ofastnetmon_install.pl
sudo perl fastnetmon_install.pl --use-git-master

 

High Performance DoS Analyzer fastnetmon High Performance DoS Analyzer High Performance DoS Analyzer

 

Example deployment scheme:

 

High Performance DoS Analyzer network_map High Performance DoS Analyzer High Performance DoS Analyzer High Performance DoS Analyzer High Performance DoS Analyzer High Performance DoS Analyzer

Category: BGP | Los comentarios están deshabilitados en High Performance DoS Analyzer: FastNetMon
Enero 6

Change MySQL password policy level

MySQL version: 5.7.9

For development, using a MySQL server with strong password policy is dosing some matter.

If you set a simply password for someone, you will got an error like this:

ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

To change the default password plugin level, we can change the settings at runtime or in config file.

mysql> SHOW VARIABLES LIKE 'validate_password%';
+--------------------------------------+--------+
| Variable_name                        | Value  |
+--------------------------------------+--------+
| validate_password_dictionary_file    |        |
| validate_password_length             | 8      |
| validate_password_mixed_case_count   | 1      |
| validate_password_number_count       | 1      |
| validate_password_policy             | MEDIUM |
| validate_password_special_char_count | 1      |
+--------------------------------------+--------+
6 rows in set (0.01 sec)

The default level is MEDIUM, we can change it to LOW, which will only check the password’s length(min: 8 chars).

mysql> SET GLOBAL validate_password_policy=LOW;
Query OK, 0 rows affected (0.00 sec)
<code><span class="kwd">SET</span><span class="pln"> GLOBAL validate_password_length</span><span class="pun">=</span><span class="lit">6</span><span class="pun">;</span></code>

Or we can set it in my.cnf file

[mysqld]
validate_password_policy=LOW

Reference:

6.1.2.5 The Password Validation Plugin

Category: MYSQL | Los comentarios están deshabilitados en Change MySQL password policy level