Security

Want to support HowtoForge? Become a subscriber!
 

Optimizing DSPAM + MySQL 4.1

DSPAM is a scalable and open-source content-based spam filter designed for multi-user enterprise systems. It's great at filtering out spam but on busy mailservers the pruning of the MySQL databases takes way too long time. This small tutorial/hack can speed up the pruning of old data considerably.

The Perfect Linux Firewall Part II -- IPCop & Copfilter ::..

The Perfect Linux Firewall Part II -- IPCop & Copfilter

This document is the second segment in a series on installing IPCop firewall. We will be creating a "DMZ" for hosting your own web server or mail server and the Copfilter proxy for filtering your application layer ingress and egress network traffic. This is intended to be a rough overview on creating a IPCop firewall with Copfilter and comes without warranty of any kind.

Preventing SSH Dictionary Attacks With DenyHosts

Preventing SSH Dictionary Attacks With DenyHosts

In this HowTo I will show how to install and configure DenyHosts. DenyHosts is a tool that observes login attempts to SSH, and if it finds failed login attempts again and again from the same IP address, DenyHosts blocks further login attempts from that IP address by putting it into /etc/hosts.deny. DenyHosts can be run by cron or as a daemon. In this tutorial I will run DenyHosts as a daemon.

Chrooted SSH HowTo

Chrooted SSH HowTo

This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of.

The Perfect Linux Firewall Part I -- IPCop

The Perfect Linux Firewall Part I -- IPCop
::What is IPCop
The IPCop project is a GNU/Linux GPL project that offers an exceptional feature packed stand alone firewall to the internet community. Its comprehensive web interface, well documented administration guides, and its involved and helpful user/administrative mailing lists make users of any technical capacity feel at home. It goes far beyond a simple ipchains / netfilter implementation available in most Linux distributions and even the firewall feature sets of commercial competitors.

Firewalls have had to undergo a tremendous metamorphosis as a result of evolving threats. IPCop is exemplary in offering such a range of default features and even further a large set of optional plug-ins which can provide further functionality.

Some of IPCops impressive base install features include: secure https web administration GUI, DHCP Server, Proxying (Squid), DNS Proxying, Dynamic DNS, Time Server, Traffic Shaping, Traffic/Systems/Firewall/IDS graphing, Intrusion Detection (Snort), ISDN/ADSL device support and VPN (IPSec/PPTP) functionality. As if these base features were not an astounding enough there are dozens of add-ons which can further expand the functionality of your IPCop from Web Filtering to Anti virus scanning.

Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV)

Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV)

This document describes how to install a mail server based on Postfix that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I'll also demonstrate the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier can authenticate against the same MySQL database Postfix uses.

Secure and Private Browsing with Squid

Version 1.0

Author: Joe Topjian <joe [at] adminspotting [dot] net>
Last edited 05/02/2005

Browsing a site that supports SSL is a definite way to make sure no one can snoop in on what you're doing -- which is a good thing when you're doing something personal like checking email over the web or buying something from amazon. But if you're just doing stuff like reading the daily news or checking movie times, is privacy that important? The ultra-paranoid will give a resounding "yes" to that question while most people will just shrug. I find myself in between those two parties. At home while I'm reading the news, I could care less if the traffic is encrypted or not. However, when I'm at a public wi-fi spot, it does bother me a bit.

How To Build A Spam Filtering Mail Gateway

How To Build A Spam Filtering Mail Gateway

By Brian Goldberg - {brian AT carbonite D0T com}

www.carbonite.com

Spam has evolved from a nusance to a threat. SysAdms need a strategy for combating spam. You can use filtering software loaded on all your users computers, but that takes a lot of time to install and maitenance can be real drag on your time and resources. A better way is to use a centralised device which filters your spam before it enters your enterprise. This "Anti-Spam Gateway" is a lot easier to manage and maintain than individually installed client software. Additionally, it can be tuned to be a lot more effective.

SpamAssassin-ClamAV-Procmail-Howto

SpamAssassin-ClamAV-Procmail-Howto

This document describes how to install SpamAssassin (for filtering SPAM) and ClamAV (for filtering viruses, trojans, worms, etc.) and how to invoke them by using procmail recipes. It is suitable for scenarios where Sendmail or Postfix deliver emails to local users. It should work (maybe with slight changes concerning paths etc.) on all *nix operating systems. I tested it on Debian Woody so far.

Chkrootkit-Portsentry-Howto

Chkrootkit-Portsentry-Howto

This document describes how to install chkrootkit and portsentry. It should work (maybe with slight changes concerning paths etc.) on all *nix operating systems.

Chkrootkit "is a tool to locally check for signs of a rootkit" (from http://www.chkrootkit.org).

"The Sentry tools provide host-level security services for the Unix platform. PortSentry, Logcheck/LogSentry, and HostSentry protect against portscans, automate log file auditing, and detect suspicious login activity on a continuous basis".

first page
previous page
...
38