Security

Want to support HowtoForge? Become a subscriber!
 

Using The Host Object In Firewall Builder

Using The Host Object In Firewall Builder

This article continues the series of articles on Fireall Builder, a graphical firewall configuration and management tool that supports many Open Source firewall platforms as well as Cisco IOS access lists and Cisco ASA (PIX). This article demonstrates how you can work with Host objects in Firewall Builder.

Using Firewall Object In Firewall Builder

Using Firewall Object In Firewall Builder

Firewall Builder supports variety of object types, both simple such as address, network, host, or IP, TCP, UDP and ICMP services, as well as more sophisticated such as Firewall, Host, Address table, DNS name, User service. Firewall object is central to the program and is in the focus of this article.

Two-Factor Authentication For Google Apps For Your Domain Using SSO/SAML And WiKID Strong Authentication Server

Two-Factor Authentication For Google Apps For Your Domain Using SSO/SAML And WiKID Strong Authentication Server

Everybody loves GMail. With Google Apps for you Domain, you can use GMail with your own domain, allowing organizations to outsource their email - and the requisite anti-spam filtering to Google. Webmail is very convenient, but for frequent travelers and those who use public wifi, it can be quite dangerous. Logging in from a kiosk or shared computer is a sure way to get your username and password stolen by a keystroke logger. While cloud services are great, maintaining security is tough. In this document, we will add two-factor authentication to Google Apps for Your Domain using their SSO/SAML protocol and the open-source version of the WiKID Strong Authentication server.

Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (CentOS 5.3 x86_64)

Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (CentOS 5.3 x86_64)

This document describes how to install a Postfix mail server that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I'll also demonstrate the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier can authenticate against the same MySQL database used by Postfix.

Creating A Fully Encrypted Para-Virtualised Xen Guest System Using Debian Lenny

Creating A Fully Encrypted Para-Virtualised Xen Guest System Using Debian Lenny

This document explains how to set up a fully encrypted para-virtualized XEN instance. In this howto, the host system is running Debian Etch, while the guest system to be installed will be using Debian Lenny. If you are concerned about your privacy, you might want to consider using hard disk encryption to protect your valuable private data from spying eyes. Usually, the easiest way would be to use your distribution's installer to set up a fully encrypted system; I think most recent Linux distributions support this. However, when you are using XEN to provide virtualization, there are situations where you might not want to encrypt your whole computer with all guest instances, but instead only encrypt one OS instance. This howto will deal with exactly this situation. It assumes that the XEN host system is already up and running.

Learning Spam With SpamAssassin And All Of Your ISPConfig Clients [ISPConfig 2]

Learning Spam With SpamAssassin And All Of Your ISPConfig Clients [ISPConfig 2]

This is a quick way of learning spam from all of your ISPConfig clients by running a quick and simple command. Please note that this is for ISPConfig 2, not 3.

How To Install The WiKID Strong Authentication System On Slackware

How To Install The WiKID Strong Authentication System On Slackware

Tested on Slackware 12.2, 2.6.28.7-grsec, PostgreSQL 8.3.6, postgresql-8.3-604.jdbc4. Note: Some of the configuration scripts included with WiKID are designed for Redhat and friends, several steps in this guide focus on modifying these scripts for Slackware as well as working around some of them.

Using Built-in Policy Installer in Firewall Builder

Using Built-in Policy Installer in Firewall Builder

This article  demonstrates how Firewall Builder can help you automate the process of deployment and activation of the generated firewall configuration. After firewall configuration has been generated by one of the policy compilers and saved in a file on disk in the format required by the target firewall, it needs to be transferred to the firewall machine and activated. This function is performed by the component we call "Policy Installer" which is part of the Firewall Builder GUI.

Chrooted SSH/SFTP Tutorial (Debian Lenny)

Chrooted SSH/SFTP Tutorial (Debian Lenny)

Since version 4.8, OpenSSH supports chrooting, so no patches are needed anymore. This tutorial describes how to give users chrooted SSH access. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to use chrooted SFTP.

Using Built-In Revision Control In Firewall Builder

Using Built-In Revision Control In Firewall Builder

Firewall Builder GUI has built-in revision control system that can be used to keep track of changes in the objects and policy rules. If data file has been added to the revision control system, every time it is saved, the system asks the user to enter a comment that describes changes done in the file in this session and stores it along with the data. The program also assigns new revision number to the data file using standard software versioning system whith major and minor version numbers separated by a dot. When you open this data file next time, the program presents a list of revisions alongside with dates and comments, letting you choose which revision you want to use. You can open the latest revision and continue working with the file from the point where you left off last time, or open one of the older revisions to inspect how the configuration looked like in the past and possibly create a branch in the revision control system. Here we take a closer look at the built-in revision control system.

first page
previous page
...
24
...
next page
last page