Security

Want to support HowtoForge? Become a subscriber!
 

Securing SSH On Redhat/Centos With WiKID Two-Factor Authentication

Securing SSH On Ubuntu With WiKID Two-Factor Authentication

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit.

How to find outdated joomla versions on your server to reduce the risk of being hacked

Today I want to focus on a topic that can lead to huge problems of hacked accounts, spam mailings etc.: Outdated Joomla installations on your server.

Of course, this is valid for other software, too. The mentioned method should work in a similar way for other software. Since Joomla is widely spread throughout the internet, especially on shared hosting systems CMS (Content Management System), this howto will only cover Joomla so far.

How To Set Up Kojoney SSH Honeypot On CentOS 5.5

How To Set Up Kojoney SSH Honeypot On CentOS 5.5

Kojoney is a low level interaction honeypot that emulates an SSH server. The daemon is written in Python using the Twisted Conch libraries. In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource of value to attackers. This tutorial shows how you can compile and install updated version of Kojoney on CentOS 5.5 server.

How To Defend slowloris DDoS With mod_qos (Apache2 On Debian [Lenny])

How To Defend slowloris DDoS With mod_qos (Apache2 On Debian [Lenny])

mod_qos gives some fine-grained opportunities to scale the number of used connections and to defend an attack according to bandwidth limits. Unfortunately it is only available as source-package and there are many possible settings, wich might be hard to setup for this special case. So I provide the way that helped me.

Prevent Phishing with Mutual Authentication

Prevent Phishing with Mutual Authentication

Phishing is a man-in-the-middle attack. While many people think using time-bound, one-time passwords will solve the problem, they are wrong as attacks will just become automated. What is required is strong mutual authentication - authentication of the host to the user as well as the user to the host. This article demonstrates how to do that using open-source software from WiKID.

Custom Boot Menu for Windows XP

Custom Boot Menu for Windows XP 

One of the first things that I do upon receiving a new windows computer is create my own custom boot menu that shows up every time I boot my machine. This is especially handy when you suspect a virus; you can reboot into safe mode and scan for it.

Secure your SSH deployment with WiKID two-factor authentication

Secure your SSH deployment with WiKID two-factor authentication

In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution. The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution.

How to configure OpenVPN to use WiKID Strong Authentication

How to configure OpenVPN to use WiKID Strong Authentication 

The WiKID Strong Authentication System  is a commercial/open source two-factor authentication solution.  This guide demonstrates how to OpenVPN and SSH to use one-time passwords from WiKID.  While both solutions support private key authentication, that may not be sufficient for your requirements; you may need one-time passwords for webmail or extranet access; or centralized authentication management and logging.

1
next page
last page
XML feed
"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.