WordPress Security: Learning From Hacks

By Tony Perez | December 7, 2013
Website Hacking Lessons Learned

This evening I will be giving a presentation at WordSesh at midnight PST (0800 UTC). This goal of this presentation is to learn from hacks as the name implies. It’s fairly straight forward to talk about hardening and malware, it’s something different all together to understand the attackers. That’s what this presentation attempts to do…

Read More

Forensics: Analyzing a WordPress Attack / Hack

By Tony Perez | November 8, 2013
Analysis Website Security Hack

Recently one of our honeypots was it by an attacker and in the process we were able to gather a bunch of good intelligence on the actions taken by the attacker. I write and detail the forensics of the attack in my latest post, for Sucuri: Case Study: Analyzing a WordPress Attack – Dissecting the…

Read More

OSSEC: Stop Agent Email Notifications from Being Grouped

By Tony Perez | August 22, 2013
email

This a quick post, for those of you that manage multiple agents under your manager, there might be instances where your email notifications will group different agent notifications together. This has to do with two things: Number of emails sent in an hour Grouping setting is On Default Max Emails By default, OSSEC has a…

Read More

OSSEC – Detecting New Files – Understanding How it Works

By Tony Perez | July 27, 2013 |
Security

I recently saw some discussion in the OSSEC distribution list of someone having an issue with getting OSSEC syscheck to work right in real-time. It reminded me of a similar issue I had with my own configuration and others I have read about, so I figured I’d write something to shed light on how OSSEC’s…

Read More

Enable 2FA with SSH Connection

By Tony Perez | July 24, 2013 |
Two Factor Authentication Personal Security Online

If you don’t know, I’m a big fan of two-factor authentication. I often talk about it integrated into your web applications access points, like wp-admin in WordPress and administrator in Joomla, but in this post I’m going to talk about leveraging it with your SSH connections. When configuring your server access points it’s important you…

Read More

Jump Between Servers using SSH and Shuttle

By Tony Perez | July 22, 2013 |
shuttle

Jason Tucker shared this cool link over the weekend and I like it a lot and wanted to share. It’s a tool that allows you to quickly access your various servers via SSH. If you authenticate using keys, then this is a serious win for you. It allows you to manage multiple SSH accounts via…

Read More