how to setup OAuth for Jenkins using keycloak

HI all, this document deals with how to setup OAuth for Jenkins using keycloak. Jenkins is one of best DevOps tool which is used for CICD And keycloak is another best opensource tool which can be used for SSO authentication. It will be very difficult for users to have a different username and password for various applications. let’s say if u use 10 different applications, this will lead you to 10 different usernames and passwords. In order to overcome this kind of situation it will be always better to use…

Read More

how to wipe your system data secure

linux basic

HI all, this document helps you how to wipe your system data secure. There are certain cases you need to sell or decommission HDD. Sometimes you might have stored some important data in the disk. So before that, you might need to wipe the data securely. So here we are using random digits which writes on the disk. Here is the step which I have followed before reselling my laptop. 1. Boot the live CD 2. Select try ubuntu while booting rather than installing 3. Once ubuntu is fully loaded,…

Read More

Proxy vs Reverse proxy

Hi All, this document deals with Proxy vs Reverse proxy. I know a lot of beginners won’t have an idea of what is the difference between a proxy and reverse proxy. I hope this simple piece of document will help you to clear out the confusion. Proxy Look into the below topology diagram. Proxy is a server installed with any proxy software (ex: squid ) where all the client requests will route through the proxy server. Whenever a client connects to a proxy server either by any application or network…

Read More

how to set up a keycloak server in Linux

Hi All, this document shows you how to set up a keycloak server in Linux. Keycloak is an open-source software product to allow single sign-on with Identity Management and Access Management aimed at modern applications and services. As of March 2018, this JBoss community project is under the stewardship of Red Hat who uses it as the upstream project for their RH-SSO product. Prerequisites * Java 1.8 running on the Linux server. If not installed check this link Setup Java 8 in Linux machine. * Working Nginx server. Installation Step…

Read More

secure your WordPress site

Hi All, this document how to secure your WordPress site. As you know WordPress in one of the famous and best Content management system available and widely used on the internet. WordPress is mainly used for hosting websites, blogs and there are many companies used for online sales as well. So here is the need to secure your WordPress sites. Securing the WordPress site is not a big deal, just follow some basic security measures. So in this document, we share you how to secure your WordPress site. 1. Use…

Read More

disable outdated version of SSL/TLS in apache

disable outdated version of SSL/TLS in apache Hi Techrunnr readers, this document deals with how to disable outdated version of SSL/TLS in apache. AS per the new PCI compliance following SSL protocols should be disabled from the server side. TLS 1.0/1.1 SSL 2.0/3.0 The above SSL protocols don’t provide any sort of protection while data transfer. Some cases of TLS 1.0 leads to Man In the Middle attack. Here are the following steps to disable above-mentioned SSL protocols, Add the the ssl.conf in /etc/httpd/conf.d/ by commenting on the existing Add…

Read More

php code scanner rips

php code scanner-rips Hi Techrunnr readers, this document deals with how to install php code scanner rips. RIPS is an open source static code analyzing tool for automatic detection of security vulnerabilities in PHP. It’s easy to install and do the test. Here are the features of RIPS Code scanner detect XSS, SQLi, File disclosure, LFI/RFI, RCE vulnerabilities and more 5 verbosity levels for debugging your scan results mark vulnerable lines in source code viewer highlight variables in the code viewer user-defined function code by mouse-over on detected call active…

Read More

block malware using squid proxy

block malware using squid proxy Hi Techrunnr Readers, this document deals with how to block malware using squid proxy. Squid proxy is one of best opensource web proxy which has access control, caching for reducing bandwidth. It does web content filtering. Here are adding how to block malware using malware patrol. Prerequisites * Running squid server, if not installed follow this link * Account in Malware patrol for updated malware lists. Configuration 1. Copy the URL of malware list by logging to Malware Patrol. 2. Create a script for downloading…

Read More

Misperception on Information Security

Hello Everyone! Before getting jumped in depth into Information Security which is a topic bigger than an ocean, let’s take a step back and ask yourself a question, what is Information Security? Is it all about Hacking and protecting a web site and/or also its associated components like network routers, switches and servers that host that website from un-authorized users. Some might say, it’s related to Intrusion detection and prevention or firewall stuffs. Hardware related, software related etc. In simple it is all about protecting hard/digital data from un-authorized users.…

Read More

how to install and configure nDPI in ubuntu

how to install and configure nDPI in ubuntu Hi Techrunnr readers, this tutorial shows you how to install and configure nDPI in ubuntu. nDPI is an open source LGPLv3 library for deep-packet inspection. Based on OpenDPI it includes ntop extensions. We have tried to push them into the OpenDPI source tree but nobody answered emails so we have decided to create our own source tree. nDPI is used for application-layer detection of protocols, regardless of the port being used. This means that it is possible to both detect known protocols…

Read More