willem.com

Cyber Security on Willem's Blog

Backup Rotation Scheme

Rotate your backups with 'rsync-backup-rotator'

Dec. 15, 2023
Learn about the rsync-backup-rotator tool that helps you automatically rotate backups using rsync, creating and maintaining multiple recovery points from your backups.

In today's digital age, safeguarding your data is paramount. Simply creating a copy of your files may not be enough as they can get corrupted, overwritten or blocked by ransomware. Having multiple, time-rotated (and ideally, offsite) backups is a stronger defense. I created a new tool, rsync-backup-rotator, to help you with this.

CAPTCHA Alternative

Protect your forms in a user friendly way

July 30, 2022
If you're looking for a user-friendly alternative for CAPTCHA's you should check this post out where I outline how I protect web forms against malicious actors and spammers.

Chances are that you've encountered a CAPTCHA in the wild: they protect web forms by asking you to type over weirdly rendered characters or by asking you to select photos containing a particular thing. Why are they used and is there a user friendly alternative?

Using Google Free Android

Volla Phone as alternative to mainstream Android and iOS

Oct. 25, 2021
Using a Google Free Android phone is uncommon these days, yet I decided to try the Volla Phone to experience its freedom and privacy.

Nearly all folks I know use iOS or Android from a mainstream smartphone brand, yet alternatives still exist! The German Volla Phone prides itself to be a worthy option for those who value privacy and freedom. I bought one to experience it firsthand, read along for my thoughts!

Protecting VMware ESXi

Improve security using a firewall and proxy server

Aug. 31, 2021
In response to a possible security breach on a VMware ESXi host machine, I search for a way to improve security of the management console using NGINX and a firewall

In response to an incident on a server, I detected a possible security breach. The affected machine ran VMware ESXi, a bare metal hypervisor used to run virtual private servers. In standalone mode, a web based management console offers full control over the infrastructure, posing a risk.

Traffic shaping using iptables and tc

Limiting outbound network bandwidth per client IP-address

Apr. 1, 2020
This month I responded to an automated alert indicating excessive bandwidth usage on a server, requiring me to apply traffic shaping to mitigate the traffic.

Last month I received an automated alert indicating excessive bandwidth usage, usually a sign of trouble. When this happens, you should follow a standard incident procedure, trying to isolate the source of the traffic before shutting it down. The cause of this incident was not what I expected however... requiring a different kind of mitigation than a simple blockade.

Visiting an international hackers conference

OWASP Global AppSec Amsterdam

Sep. 27, 2019
This month I attended Global AppSec Amsterdam, an international conference for hackers and security specialists. Read along for some of the highlights.

This month I was lucky enough to attend Global AppSec Amsterdam, an international conference for hackers and security specialists. There were presentations from former intelligence agents, bounty hunters, academics and software vendors. I learned about some of the newest hacking techniques, met with interesting people and played some cool retro games. Read along for more.

Fighting backscatter spam at server level

Configure Postfix to block spam before it enters the server

Sep. 10, 2019
Deal with backscatter spam by implementing a stringent SMTP delivery policy at MTA level.

This month I had to deal with backscatter spam, affecting one of the mail servers I manage. As server engineer I make sure that servers don't send spam and that incoming email gets filtered. Despite all good efforts, this server kept being blacklisted for sending spam to iCloud, Office 365 and Google Gmail for Business (G Suite). Read along to find out how what caused this and how to fix this.

Dig for dummies

Explaining an highly useful network tool

May 24, 2019
Learn how to use the dig command to query domain name servers to find the source of network problems, IP-addresses, hostnames, mail servers and related info.

When you're building websites, apps or email services you may run into domain names and their configurations. When everything is working as it should, most of this is invisible. But when troubleshooting a domain name configuration, it may be necessary to dig a little deeper... read along to learn how!

Search like a pro: Google search operators

Comprehensive list of advanced search operators

Apr. 25, 2019
Read along for a comprehensive list of advanced Google search operators that allow you to filter your search results.

You probably use the world's most famous search engine to find things everyday, but you might not know about some of its advanced search operators. You can use these special search phrases to find things that are otherwise burried in the search results. Read along for a comprehensive list of advanced Google search operators.

WordPress: 10 tips to secure your website

Keep hackers out of the world's most popular content management system

Mar. 31, 2019
A lot of people use WordPress to manage their website. Prevent your site from being hacked using this blog post.

A lot of people use WordPress to manage their website, therefore it's no surprise people ask me to have a look at their site's security. As ethical hacker, I encounter WordPress in different shapes, sizes and states. Some of them are really badly protected against hacks. Prevent your site from being hacked using these 10 practical tips.

Understanding the security concerns in shared hosting

Considering open ports and unused network facing services

Feb. 28, 2019
People pay me to hack them, provided I'll explain how I did it. Read along to learn how hackers use security holes to hack your app, webshop or website!

People pay me to hack them, provided I'll explain how it was done, so future hacks can be prevented. As security consultant, I scan for weaknesses in my clients' apps, webshops and websites. Very often a hack starts by exploiting a security hole that is visible remotely. Read along to learn how hackers find security holes and what you can do to secure them.

Cyber security: 5 easy tips to protect your server against hackers

Server hardening best practices for Windows and Linux

Mar. 10, 2018
These 5 practical cyber security measures will improve the safety of server, website and data.

This week one of my clients was hacked and asked me for emergency assistance to help secure their server infrastructure. It was a web server that ran WordPress websites on Apache (with PHP/MySQL), including a few webshops with customer data. This hack could easily have been prevented with the following best practices, is your server secure?

All blog posts
Hacking Google - How I could have stolen your photos from Google (Gergö Turcsányi)
Hacking Google - How I could have stolen your photos from Google (Gergö Turcsányi)
Traffic must wait for tokens to become available when the maximum number of tokens is given away, enforcing the maximum concurrent traffic
Traffic must wait for tokens to become available when the maximum number of tokens is given away, enforcing the maximum concurrent traffic
Causing backscatter spam when the first mail server forwards email to another server that blocks message
Causing backscatter spam when the first mail server forwards email to another server that blocks message
Simple backscatter scenario, mail server bounces message to a falsified sender address
Simple backscatter scenario, mail server bounces message to a falsified sender address
Volla's features oriented towards privacy and freedom
Volla's features oriented towards privacy and freedom
A typical web form: server processes information from a person, forwarding it to other people, like yourself. Malicious actors can easily fake the sending person, enabling automated abuse of your processing server
A typical web form: server processes information from a person, forwarding it to other people, like yourself. Malicious actors can easily fake the sending person, enabling automated abuse of your processing server
The selfie cam gets things done - but lacks certain detail - which may or may not be a problem for you
The selfie cam gets things done - but lacks certain detail - which may or may not be a problem for you
Syncing my photos to my NAS using Syncopoly, a rsync client for Android
Syncing my photos to my NAS using Syncopoly, a rsync client for Android
Who has a smartphone these days that says
Who has a smartphone these days that says "Made in Germany"?
DuckHunt with an original Nintendo zapper
DuckHunt with an original Nintendo zapper
The
The "unlauncher" in action on my Volla phone - offering a minimalistic alternative to the stock Volla experience
Bandwidth graph with unusual spike indicating that something is wrong - you don't need to be Sherlock Holmes to find it
Bandwidth graph with unusual spike indicating that something is wrong - you don't need to be Sherlock Holmes to find it
James Kettle on hacking PayPal - gaining $38,900 in bounties
James Kettle on hacking PayPal - gaining $38,900 in bounties
Volla OS features a Springboard and a centralised way to access your contacts - an interesting idea yet it lacks refinement (the typos in this screenshot taken from the official Volla website are illustrative to this)
Volla OS features a Springboard and a centralised way to access your contacts - an interesting idea yet it lacks refinement (the typos in this screenshot taken from the official Volla website are illustrative to this)
Its main camera shoots nice photos, especially when light conditions are fair
Its main camera shoots nice photos, especially when light conditions are fair
Global AppSec Amsterdam
Global AppSec Amsterdam
VMware ESXi is a bare metal hypervisor that divides one physical server into multiple virtual servers
VMware ESXi is a bare metal hypervisor that divides one physical server into multiple virtual servers
Hacking return rates on investment between 100% on the low end and 150,000% on the high end! (By Jarrod Overson)
Hacking return rates on investment between 100% on the low end and 150,000% on the high end! (By Jarrod Overson)

More Cyber Security on Willem's Blog

All blog posts

Articles (148)