Use a SSH tunnel to hide your true IP address

It is important to hide your true IP address when performing open source research or an investigation so no one is the wiser, but how can you do this? The simple solution is to setup a SSH tunnel and tunnel your traffic through the non attributable system you built. The non attributable VPS is an important tool in any security analysts kit and in this example we will use it for a jump point so we can hide our true location.

Continue reading “Use a SSH tunnel to hide your true IP address”

How to secure a fresh Linux virtual private server install

Introduction

A Linux virtual private server (VPS) is an essential tool for any cyber security analyst, but left unsecured it can quickly be taken over by those with more nefarious intentions. Lets make sure that does not happen. This blog and accompanying video covers a few basic “must do” tasks to configure a secure Linux virtual private server at first boot. Why do we need to secure a new system? Within seconds of it coming online it will be found and attacked. If you want to test this you can leave this system as installed for 24 hours and then check the logs, there will be brute force attempts on ssh at a minimum. You may want to re-deploy the VPS before going any further if you performed this test.

YouTube video on how to secure a Linux VPS.
Continue reading “How to secure a fresh Linux virtual private server install”

Setting up a Non-Attributable system on a Linode VPS

Security analyst need a system to perform research on that is non-attributable, i.e. one that cannot be traced back to them or there company. The non-attributable system’s purpose is to keep adversaries from knowing when you are on to them. This article outlines how to setup a Linux VPS on Linode.com and demonstrates how fast and easy it is to rebuild it with another operating system if needed. 

Check out the video on YouTube and subscribe to see more cyber security videos. 
Continue reading “Setting up a Non-Attributable system on a Linode VPS”