HowtoForge - Linux Howtos and Tutorials - Security

Set Up A Full-Featured Mail Server With iRedOS: MySQL, Postfix, Dovecot, ClamAV, SpamAssassin, RoundCube/SquirrelMail

Wed, 04 Nov 2009 17:11:46 +0100

Set Up A Full-Featured Mail Server With iRedOS: MySQL, Postfix, Dovecot, ClamAV, SpamAssassin, Amavisd, RoundCube/SquirrelMail

iRedMail is a shell script that lets you quickly deploy a full-featured mail solution in less than 2 minutes, since iredmail 0.5 it also supports Debian 5.0.1 (it supports both i386 and x86_64). Its object is to make a Linux mail server installation and configuration simple and easy to use. iRedMail supports both OpenLDAP and MySQL as backends for storing virtual domains and users.This tutorial shows how to use the MySQL backend. iRedOS is a customized CentOS 5.3 distribution, where e unnecessary packages were removed. It ships with the lastest version of iRedMail (iredmail0.50); it lets you install iredmail more quickly and smooth.

Linux Security Notes - AIDE File Integrity

Fri, 16 Oct 2009 16:54:24 +0200

Linux Security Notes - AIDE File Integrity

AIDE (Advanced Intrusion Detection Enviornment) is a tool to check the file integrity. It is an opensource substitute for TRIPWIRE. It allows to take snapshots of all the major configuration files, binaries as well as libraries stats. And helps to find which binaries have been changed in case of compromisation of the system.

Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Mandriva 2009.1 x86_64)

Tue, 13 Oct 2009 18:28:33 +0200

Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Mandriva 2009.1 x86_64)

This document describes how to install a Postfix mail server that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I'll also demonstrate the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier can authenticate against the same MySQL database Postfix uses.

Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (CentOS 4.8 i386)

Tue, 06 Oct 2009 17:19:30 +0200

Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (CentOS 4.8 i386)

How To Prevent Brute Force Attacks With Brutelock

Thu, 24 Sep 2009 13:41:18 +0200

How To Prevent Brute Force Attacks With Brutelock

Brutelock is an open source program that actively monitors various system logs and immediately blocks malicious IPs trying to attack your server. Brutelock not only protects against ssh attacks but also other common systems such as ftp, pop and imap. It has an extendible rules format that allows you to monitor an unlimited number of other services by simply supplying the log file and a simple regex search pattern.

Installation & Configuration Of Intrusion Detection With Snort, ACIDBASE, MySQL, And Apache2 On Ubuntu 9.04 Using SPM

Mon, 21 Sep 2009 19:57:18 +0200

Installation & Configuration Of Intrusion Detection With Snort, ACIDBASE, MySQL, And Apache2 On Ubuntu 9.04 Using SPM

This tutorial describes how to install and configure Snort intrusion detection system (IDS), ACIDBASE (Basic Analysis and Security Engine), MySQL, and Apache2 on Ubuntu 9.04 using packages from Ubuntu’s Synaptic Package Manager. Snort will assist you in monitoring your network and alert you about possible threats. Snort will output its log files to a MySQL database which ACIDBASE will use to display in a graphical interface in web browser.

How To Install And Configure Advanced Policy Firewall (APF) On CentOS 5.3

Wed, 16 Sep 2009 17:29:04 +0200

How To Install And Configure Advanced Policy Firewall (APF) On CentOS 5.3

This tutorial explains how you can install and configure APF - an interface to IPTables which lets you easily configure a full featured firewall to secure servers and workstations connected to a network. This guide describes an example installation on a server with cPanel but it's only a matter of port numbers which must be open for everything to work. APF can be used on any system.

Firewall Access Policy Rulesets, Part 5

Mon, 14 Sep 2009 17:19:32 +0200

Firewall Access Policy Rulesets, Part 5

Secure Your Wordpress Blog Administration With Two-Factor Authentication

Thu, 10 Sep 2009 13:01:07 +0200

Secure Your Wordpress Blog Administration With Two-Factor Authentication

Wordpress is a very popular blogging service. It was recently hit by a disturbing vulnerability that allowed attackers to reset the Administrator's password. While there is a patch for that vulnerability now, wouldn't it be best to not use static passwords? It is actually quite simple to add two-factor authentication to Wordpress.

Firewall Access Policy Rulesets, Part 4

Mon, 07 Sep 2009 15:37:09 +0200

Firewall Access Policy Rulesets, Part 4

This article continues the series of articles on Firewall Builder, a graphical firewall configuration and management tool that supports many Open Source firewall platforms as well as Cisco IOS access lists and Cisco ASA (PIX). This article continues with examples of Access Policy rules and demonstrates how IPv6 and mixed IPv4+IPv6 configurations can be built.

Firewall Access Policy Rulesets, Part 3

Mon, 31 Aug 2009 18:36:29 +0200

Firewall Access Policy Rulesets, Part 3

This article continues the series of articles on Firewall Builder, a graphical firewall configuration and management tool that supports many Open Source firewall platforms as well as Cisco IOS access lists and Cisco ASA (PIX). This article continues with examples of Access Policy rules and demonstrates generated configurations for iptables, PF and Cisco PIX.

Configuring fail2ban With SquirrelMail On Debian Lenny 5.0/ISPConfig 3

Fri, 28 Aug 2009 17:01:02 +0200

Configuring fail2ban With SquirrelMail On Debian Lenny 5.0/ISPConfig 3

In this article I will show how to prevent brute force attacks with Fail2ban against your SquirrelMail Web login using the Squirrel Logger plugin.

Firewall Access Policy Rulesets, Part 2

Mon, 24 Aug 2009 16:28:58 +0200

Firewall Access Policy Rulesets, Part 2

This article continues the series of articles on Firewall Builder, a graphical firewall configuration and management tool that supports many Open Source firewall platforms as well as Cisco IOS access lists and Cisco ASA (PIX). This article demonstrates several examples of Access Policy rules and generated configurations for iptables, PF and Cisco PIX.

Firewall Access Policy Rulesets, Part 1

Wed, 19 Aug 2009 17:46:00 +0200

Firewall Access Policy Rulesets, Part 1

This article continues the series of articles on Firewall Builder, a graphical firewall configuration and management tool that supports many Open Source firewall platforms as well as Cisco IOS access lists and Cisco ASA (PIX). This article explains key principles of the policy or access control rule sets in Firewall Builder. I plan to demonstrate examples of policy rules and how they translate into iptables, pf and Cisco IOS and PIX configurations in the next article of the series.

Configuring fail2ban With SquirrelMail On CentOS 5.3/ISPConfig 3

Tue, 11 Aug 2009 12:32:56 +0200

Configuring fail2ban With SquirrelMail On CentOS 5.3/ISPConfig 3

This tutorial shows how you can prevent unlimited login attempts and hence brute force attacks against your SquirrelMail web login by using fail2ban.