Check connection using Nmap / Linux Crontab

Sometimes you need to monitor a connection between two hosts, a single service or a host. This script check a connection using Nmap, and requires the IP and the port of the service.

Use a log file

Using a log file can be useful to generate reports, but also for checking the last status of the connection. If we don’t check last status, the script will notify for every check. We don’t want that; we want to be notified when the connection is unsuccessful and when it’s back.

Continue reading →

SSH Access Limited by IP / SSH Brute Force

You can limit the SSH access by allow few IPs and deny the others. This can be done by adding in /etc/hosts.allow  file these records.

With this configuration, you allow localhost, server home network and someone’s IP. If other IP is trying to connect over SSH to this host, it will get “Connection refused”. If you look on the /var/log/secure (Ubuntu), you will see some failed connection attempts.

You can add the last line in /etc/hosts.deny . It’s the same thing.

Continue reading →

Nmap – The Good, the Bad and the Ugly

I will start with a funny comment I found on StackExchange.

Port scanning is more akin to taking a walk around the neighbourhood and trying every handle of a door and every window to see if it’s open, to see if the neighbours have left anything available for future investigation or exploitation/theft.

Anyway, nmap is an useful tool if you use it with good intentions and white-hat reasons. You can find communication channels, vulnerabilities in your network and many more.

Continue reading →