By default, SSH runs on port 22, and most scripts attack that port by brute force to attempt to gain access to your server. One way to stop script kiddies from brute forcing your SSH server so often is by changing the default port that OpenSSH uses. You must remember this port number and change all your connections that use SSH to the new port number. Continue reading “Change Default SSH Port Number”
I have run into a few times when I needed to turn off or on the Windows Firewall via command line or script. It is actually very simple to do!
To Turn Off:
NetSh Advfirewall set allprofiles state off
To Turn On:
NetSh Advfirewall set allrprofiles state on
To check the status of Windows Firewall:
Netsh Advfirewall show allprofiles
You can replace “allprofiles” with public, domain, or private and you can manipulate just that one profile. I used this in creating a script to test the firewall settings of a remote server. That way if I messed up the config, it would turn itself back off after a minute and I was able to reconnect to it. You can view that script on my other post Testing Windows Firewall Settings Safely From Remote Machine.
A while back I got me a new crisp Windows Server. By default, the Firewall was turned off and of course I wanted to turn it on for security reasons. But what happens if I lose my connection to a server a few hundred miles away? How would I disable the firewall if I can’t connect to it anymore? I decided to write a script!
The function of the script is to enable the firewall for the public internet, wait 2 minutes, then disable it again. Here is my script:
Netsh Advfirewall set public state on
Netsh Advfirewall set public state off
Save those lines as a batch file, then run it as Administrator. Keep in mind to use this at your own risk! It saved me, but never know about you! An explanation of the commands can be found on my other post Turn Windows Firewall Off or On By Command Line Or Script.
I have been with my host for a couple years now. Their service use to be blazing fast but I have noticed over time they have began to slow down. Why am I still here? Because they offer free unlimited SSL certs. Yep – that’s the only reason.
I have come to find that there are many people at work, in the public, and other places constantly sniffing my internet traffic so I secure ALL my sites. However, a new dog is coming to play. – the Internet Security Research Group (ISRG) is starting a free certificate authority known as Let’s Encrypt. With this new CA, they promise to be as secure as the big dogs, but offer automated scripts to secure your site and keep all certs up to date – automatically.
There has got to be a catch right? I mean where do they get their money from? They are getting backed by some of the world’s largest internet foundations such as Mozilla, Cisco, and Automattic, many others, and are accepting individual donations.
I am eagerly waiting – if you here of them opening up sooner let me know in the comment section below!
Kaspersky has done it yet again – made the best IT department dashboard better. If you have ever seen Kaspersky’s live cyber threat map, then you know how great of a tool it is to use to impress people walking by your IT department. Oh the joy of watching an accounting VP come down and try to explain what it is to someone else! 🙂
With the new updated map, the interface looks better, cleaner, has cool smoke effects and has a few new features. One of them being the Demo Mode. With the demo mode, it will show you stats of random countries with boxes that appear like something you would see in a movie and the best part is the fly by.
While you are watching all the different lines jolt through the world, all of a sudden you seen the camera get sucked into one of the pipes that shows the transmission of viruses, and the camera follows it. When you hit the ground, you start flying by the landscape (usually in a valley between two mountains) looking at the pipes from the ground level. See the below images for screenshots of the new and updated cyber threat real-time map or try it for yourself below.
Did I mention the screen saver that they now offer?!?
I have been wanting to setup my own IPSEC VPN for a while now to have a little bit of encryption from my network to the internet. I found a good hosting provider for the VPN because it is so cheap ($5.00 a month) – Digital Ocean, then I realized that they only charge by the hour as long as you destroy the VPS. The VPN took about 30 minutes to setup. After a few times, I realized that I could turn this into a quick script. So now I can setup a VPS with a secure VPN in about two minutes, destroy it when I am done and only get charged a few pennies for having it. Here is how I do it. Please keep in mind that this has no warranty – if it melts down your server, sorry – but it hasn’t melted mine down yet!