- Web Server
- Control Panels
- Site Map/RSS Feeds
Virtual Users And Domains With Postfix, MailScanner, Mailwatch & MySQL On CentOS 5.1
This document describes how to customize Falko's "Virtual Users And Domains" - setup for CentOS 5.1 so that it works with MailScanner and Mailwatch. The resulting system provides a web interface (Mailwatch) where you can manage quarantined emails, train SpamAssassin, edit the white- and blacklist, view configuration files and the detailed MySQL database status ...
Virtual Hosting Howto With Virtualmin On CentOS 5.1
This tutorial shows how to set up a CentOS 5.x server to offer all services needed by virtual web hosters. These include web hosting, smtp server with (SMTP-AUTH and TLS, SPF, DKIM, Domainkeys), DNS, FTP, MySQL, POP3/IMAP, Firewall, Webalizer for stats.
Chrooting Apache2 With mod_chroot On Debian Etch
This guide explains how to set up mod_chroot with Apache2 on a Debian Etch system. With mod_chroot, you can run Apache2 in a secure chroot environment and make your server less vulnerable to break-in attempts that try to exploit vulnerabilities in Apache2 or your installed web applications.
Security Issues and Poptop
PPTP does not have the best history in terms of security. The original Microsoft implementation for PPTP faired very poorly. MS-CHAPV2 solved these weaknesses - for wired networks. Unfortunately, back in 2004, Joshua Wright released a version of ASLEAP capable of brute-force attacking PPTP passwords in a wireless environment. As a systems administrator for the VPN, you can't tell if a user is connecting via some public WiFi service where someone might be running a tool like ASLEAP. Yet, the presense of PPTP client software on Windows machines makes using PPTP very tempting. The best answer to this problem is to utilize two-factor authentication. If a one-time passcode is brute-forced, it won't matter as it can't be used again.
How To Check If Your Server Is Infected With The Linux/Rst-B Backdoor (Debian Etch)
Linux Rst-B is a backdoor that can be used to add your server to botnets (see http://www.heise.de/newsticker/meldung/103563 (in German)). This short guide explains how you can install and use the Sophos Linux/RST-B detection tool to check your Debian Etch server and find out if it is infected with Linux Rst-B.
Meet the Anti-Nmap: PSAD (EnGarde Secure Linux)
Having a great defense involves proper detection and recognition of an attack. In our security world we have great IDS tools to properly recognize when we are being attacked as well as firewalls to prevent such attacks from happening. However, certain attacks are not blindly thrown at you - a good attacker knows that a certain amount of reconnaissance and knowledge about your defenses greatly increases the chances of a successful attack. How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is...
Intrusion Detection: Snort (IDS), OSSEC (HbIDS) And Prelude (HIDS) On Ubuntu Gutsy Gibbon
Everybody knows the problem, you have a IDS tool(s) installed and every tool has his own interface. Prelude will allow to log all of the events to the prelude database and be consulted using one interface (prewikka). This howto will describe how to install and configure the different tools that will make up the complete solution.
How to install the WiKID Strong Authentication Server - Community Edition
The WiKID Strong Authentication Server is a dual-source two-factor authentication system. PINs are encrypted on a software token and sent to the WiKID server. If the PIN is correct, the encryption valid and the account active, a one-time password is generated, encrypted and returned to the user's token where it is decrypted and presented for use with a network-based services. While there are a number of tutorials on how to combine WiKID's two-factor system a variety of systems (such as SSH, OpenVPN, Apache and SSL-VPNs), this is the first to address how to install the WiKID Server.
How To Implement Domainkeys In Postfix Using dk-milter
Domainkeys is "DomainKeys is a method of e-mail authentication. Unlike some other methods, it offers almost end-to-end integrity from a signing to a verifying Mail Transfer Agent (MTA). In most cases the signing MTA acts on behalf of the sender, and the verifying MTA on behalf of the receiver. DomainKeys is specified in Historic RFC 4870, which is obsoleted by Standards Track RFC 4871, DomainKeys Identified Mail (DKIM) Signatures." according to the wikipedia. So why a how to on it when there is DKIM ? Well domainkeys is still actively being used and is more widely deployed than DKIM, the developer Yahoo still uses it to sign and verify mail although they are contributers to the DKIM standard.
Set Up Postfix DKIM With dkim-milter
DKIM is an authentication framework which stores public-keys in DNS and digitally signs emails on a domain basis. It was created as a result of merging Yahoo's domainkeys and Cisco's Identified Internet mail specification. It is defined in RFC 4871.