# Security

* [Cryptography](#cryptography)
* [Firewall](#firewall)
  * [ALG](#alg)
* [IDS/IPS](#idsips)
  * [Snort(NIPS/NIDS)](#snortnipsnids)
  * [OSSEC(HIDS)](#ossechids)
  * [Suricata(NIDS/NIPS/MSM)](#suricatanidsnipsmsm)
  * [Compare](#compare)
* [Web Vulnerability Scanner](#web-vulnerability-scanner)
  * [Tools list](#tools-list)
  * [Tools](#tools)
* [How to hack](#how-to-hack)
* [WAF](#waf)
  * [ModSecurity](#modsecurity)
    * [Application Supported](#application-supported)
    * [pfsense](#pfsense)
    * [Open Web Application Security Project](#open-web-application-security-project)
  * [Nginx](#nginx)
  * [OpenResty](#openresty)
  * [Cloud](#cloud)
  * [Hardware](#hardware)

## Cryptography

Please visit `web/SSL` page.

## Firewall

<https://github.com/sonertari/UTMFW>

Ports: <https://en.wikipedia.org/wiki/List\\_of\\_TCP\\_and\\_UDP\\_port\\_numbers>

### ALG

China Telecom Modem - Application-layer Gateway

| Service | TCP       | UDP      | Memo                    |
| ------- | --------- | -------- | ----------------------- |
| H.323   | 1720      | 1719     | VoIP                    |
| RTSP    | 554       | 554      | real-time media streams |
| L2TP    | 1701      |          |                         |
| PPTP    | 1723      |          |                         |
| IPSEC   | 4500      | L3:50/51 |                         |
| SIP     | 5060/5061 | 5060     | VoIP                    |
| FTP     | 21        |          |                         |

## IDS/IPS

Network Intrusion Detection System (NIDS) engine\
Network Intrusion Prevention System (NIPS) engine\
Network Security Monitoring (NSM) engine

### Snort(NIPS/NIDS)

<https://doc.pfsense.org/index.php/Setup\\_Snort\\_Package>

### OSSEC(HIDS)

<https://en.wikipedia.org/wiki/OSSEC\\>
log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response.

<https://ossec.github.io/docs/manual/supported-systems.html>

### Suricata(NIDS/NIPS/MSM)

Suricata is a network IDS, IPS and NSM engine.\
<https://github.com/OISF/suricata\\>
<https://suricata-ids.org/features/all-features/\\>
w/ pfSense: <http://elatov.github.io/2016/11/setup-suricata-on-pfsense/\\>
w/ Mikrotik: <https://forum.mikrotik.com/viewtopic.php?t=111727>

![](https://idsips.files.wordpress.com/2012/09/kibana-selks4.png?w=1318)

### Compare

<https://www.aldeid.com/wiki/Suricata-vs-snort>

## Web Vulnerability Scanner

### Tools list

<https://github.com/infoslack/awesome-web-hacking\\>
<http://www.toolswatch.org/2017/02/2016-top-security-tools-as-voted-by-toolswatch-org-readers/\\>
<https://www.owasp.org/index.php/Category:Vulnerability\\_Scanning\\_Tools>

### Tools

OWASP Zed Attack Proxy:\
<https://github.com/zaproxy/zaproxy/wiki/Introduction\\>
<https://null-byte.wonderhowto.com/how-to/hack-like-pro-hack-web-apps-part-6-using-owasp-zap-find-vulnerabilities-0168129/> OWASP Web Testing Framework: <https://owtf.github.io/\\>
OWASP Web Testing Environment Project: <https://www.owasp.org/index.php/OWASP\\_Web\\_Testing\\_Environment\\_Project>

<https://github.com/sullo/nikto\\>
<https://github.com/subgraph/Vega/wiki\\>
<https://github.com/anilbaranyelken/tulpar\\>
<https://github.com/dpnishant/raptor>

## How to hack

<https://github.com/ethicalhack3r/DVWA\\>
a PHP/MySQL web application that is damn vulnerable.

<https://www.youtube.com/playlist?list=PL0-xwzAwzllx4w5OYdRoVTqlNvQ7xALNM>

## WAF

### ModSecurity

<https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual\\>
support Apache, IIS7 or Nginx\
Nginx: must be compiled with the source code of the main server

#### Application Supported

<https://modsecurity.org/application\\_coverage.html>

#### pfsense

<http://pfsensesetup.com/wp-content/uploads/2014/10/pfsense\\_modsecurity01.png>

#### Open Web Application Security Project

<https://coreruleset.org/> <https://hub.docker.com/r/owasp/modsecurity/>

### Nginx

<https://hub.docker.com/r/nodeintegration/nginx-modsecurity/\\>
<https://github.com/alexazhou/VeryNginx\\>
<https://www.nginx.com/products/nginx-waf/#free-trial\\>
<https://github.com/nbs-system/naxsi> (Nginx Anti XSS & SQL Injection)

### OpenResty

<https://github.com/p0pr0ck5/lua-resty-waf\\>
High-performance WAF built on the OpenResty stack

### Cloud

<https://www.cloudflare.com/waf/\\>
<https://aws.amazon.com/waf/\\>
<https://www.aliyun.com/product/waf>

### Hardware

<http://help.sonicwall.com/help/sw/eng/8112/8/0/0/content/Chapter2\\_Overview.03.28.html\\>
<https://www.cisco.com/c/en/us/products/collateral/application-networking-services/ace-web-application-firewall/data\\_sheet\\_c78-458627.html>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://book.ferro.pro/nw/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.