Security

Want to support HowtoForge? Become a subscriber!
 

Fast way to update Bash on Debian based distributions to secure it against Shell Shock.

Fast way to update Bash on Debian based distributions to secure it against Shell Shock. 

Secure OpenVPN with two-factor authentication from WiKID on Centos 7

Secure OpenVPN with two-factor authentication from WiKID.

In a previous tutorial, we showed how to configure PAM-RADIUS to support two-factor authentication. Now, and in future tutorials, we will add remote access services to this server that will also use WiKID for two-factor authentication. In this tutorial, we will demonstrate how to leverage that setup to add two-factor authentication through radius to OpenVPN on Centos 7.

How to whitelist an IP in Fail2ban on Debian Wheezy

How to whitelist an IP in Fail2ban on Debian Wheezy

Fail2Ban is used to protect servers against brute force attacks. Fail2ban uses iptables to block attackers, so, if we want to add permanent IP address and never be blocked, we must add it in the config file.

Hybrid RAID 1 (Mirror) of RAM drive & SATA HDD Using LVM with LUKS [and systemd unit file] on Fedora Linux

Hybrid RAID 1 (Mirror) of RAM drive & SATA HDD Using LVM with LUKS [and systemd unit file] on Fedora Linux

The IT industry has a continual balance between security and usability. Within this balance, performance usually affects usability. In the realm of protecting "Data at Rest" (i.e. encryption) one may find three factors affecting performance, and therefore usabilty: The harddrive, CPU and RAM. Of these, the harddrive will always prove to be a bottleneck (yes, even with an SDD).

Free Software has a rather elegant solution for protecting Data at Rest, called Linux Unified Key Setup (LUKS). In the spirit of "Freedom 0: The freedom to run the program for any purpose." please enjoy my contribution to our collective knowledgebase of a solution to the fascinating problem of "how can we speed up encyption"?

How to configure pam-radius for WiKID Two-factor Authentication on Centos 7

Securing SSH On Centos 7 With WiKID Two-Factor Authentication

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit.

Linux Basics: How to Create an Apache SSL Certificate on Ubuntu

Linux Basics: How to Create an Apache SSL Certificate on Ubuntu

The following steps outline the process of creating an Apache SSL certificate on Ubuntu. Important to Note: 1. Users must note that it is essential to have access to root privileges on the VPS before executing the task (as explained in steps 3 and 4).

Linux Basics: How To Create and Install SSH Keys on the Shell

Linux Basics: How To Create and Install SSH Keys on the Shell

SSH keys offer a highly secure manner of logging into a server with SSH as against mere dependence on a password. While a password stands the risk of being finally cracked, SSH keys are rather impossible to decipher using brute force. As a matter of fact, generating a key pair offers users two lengthy strings of characters corresponding to a public as well as a private key. Users can, thus, place the public key on any server, and subsequently unlock the same by connecting to it with a client that already possesses the private key. Upon matching up of the two keys, the system unlocks without any irksome dependence on a password. The security may be further smartly firewalled by guarding the private key with a passphrase.

Securing SSH On Redhat/Centos With WiKID Two-Factor Authentication

Securing SSH On Ubuntu With WiKID Two-Factor Authentication

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit.

How to find outdated joomla versions on your server to reduce the risk of being hacked

Today I want to focus on a topic that can lead to huge problems of hacked accounts, spam mailings etc.: Outdated Joomla installations on your server.

Of course, this is valid for other software, too. The mentioned method should work in a similar way for other software. Since Joomla is widely spread throughout the internet, especially on shared hosting systems CMS (Content Management System), this howto will only cover Joomla so far.

How To Set Up Kojoney SSH Honeypot On CentOS 5.5

How To Set Up Kojoney SSH Honeypot On CentOS 5.5

Kojoney is a low level interaction honeypot that emulates an SSH server. The daemon is written in Python using the Twisted Conch libraries. In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource of value to attackers. This tutorial shows how you can compile and install updated version of Kojoney on CentOS 5.5 server.

1
next page
last page
XML feed
"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.