Security

Want to support HowtoForge? Become a subscriber!
 

Configure Linux to use NTLM authentication proxy (ISA Server) using CNTLM

Configure Linux to use NTLM authentication proxy (ISA Server) using CNTLM

Cntlm is an NTLM / NTLM Session Response / NTLMv2 authenticating HTTP proxy intended to help you break free from the chains of Microsoft proprietary world. You can use a free OS and honor our noble idea, but you can't hide. Once you're behind those cold steel bars of a corporate proxy server requiring NTLM authentication, you're done with. The same even applies to 3rd party Windows applications, which don't support NTLM natively.

How To Run privacyIDEA With Apache2 And MySQL On Ubuntu 14.04 LTS

Howto run privacyIDEA with Apache2 and MySQL On Ubuntu 14.04 LTS

We use the latest 1.0dev0of privacyIDEA. It is available via the python package index or via github.

Howto enroll and use a Yubikey with privacyIDEA

Howto enroll and use a Yubikey with privacyIDEA

We use the latest 0.9.1 from privacyIDEA.org.

Implementing SSL Perfect Forward Secrecy in NGINX Web-Server

Implementing SSL Perfect Forward Secrecy in NGINX Web-Server

This HOW-TO describes the process of implementing Perfect Forward Secrecy with the NGINX web-server on Debian and Ubuntu systems. The process can readily be adapted to other GNU/Linux systems.

Securing SSH On Redhat/Centos With WiKID Two-Factor Authentication

Securing SSH On Ubuntu With WiKID Two-Factor Authentication

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit.

Improve Spam abuse protection in dovecot by restricting access to mail accounts by IP address (e. g. with ISPConfig 3)

Improve Spam abuse protection in dovecot by restricting access to mail accounts by IP address (e. g. with ISPConfig 3)

This howto will show you how to add ip restrictions to single mail accounts when using dovecot with MySQL.

This is especially useful if you need to access a mail account from only one single ip or a few ips or if you want to block specific ip addresses from accessing the mail account (e. g. due to spam abuse).

How To Find Outdated Wordpress Versions On Your Server To Reduce The Risk Of Being Hacked

How To Find Outdated Wordpress Versions On Your Server To Reduce The Risk Of Being Hacked

Today we want to tell you how to find outdated Wordpress installations on your server. This can be of high risk, especially for shared hosting servers. Being attacked on massively used open source software like Wordpress is only a matter of time, once security exploits get published.

How to find outdated joomla versions on your server to reduce the risk of being hacked

Today I want to focus on a topic that can lead to huge problems of hacked accounts, spam mailings etc.: Outdated Joomla installations on your server.

Of course, this is valid for other software, too. The mentioned method should work in a similar way for other software. Since Joomla is widely spread throughout the internet, especially on shared hosting systems CMS (Content Management System), this howto will only cover Joomla so far.

Configuring CAS 3.5.2 On Ubuntu 12.04 For Two-Factor Authentication From WiKID

Configuring CAS 3.5.2  On Ubuntu 12.04 For Two-Factor Authentication From WiKID

Single sign-on is a great technology. Requiring users to login to multiple applications is huge hassle, encourages password reuse and simple passwords. Security needs to focus on usability. If you can make a user's life better while increasing security, everybody wins. In this how-to we will set up the open-source CAS SSO product with the WiKID Strong Authentication Server for two-factor authentication for sessions and mutual https authentication for host authentication.

Adding WiKID Two-Factor Authentication To Google Apps For Your Domain

Adding WiKID Two-Factor Authentication To Google Apps For Your Domain

Google offers two-factor authentication for Google Apps via their own authenticator. Why would you want to use WiKID instead? Well, for starters, since you have outsourced most of your security to Google, the only security you can control is authentication. Wouldn't you like to keep a close eye on the keys to your kingdom? Second, have you ever tried to get support from Google? Third, does Google provide you with the logging required to meet your compliance needs?

first page
previous page
3
...
next page
last page