- Web Server
- Control Panels
- Site Map/RSS Feeds
Intrusion Detection With BASE And Snort
This tutorial shows how to install and configure BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS) on a Debian Sarge system. BASE provides a web front-end to query and analyze the alerts coming from a Snort IDS system. With BASE you can perform analysis of intrusions that Snort has detected on your network.
Creating A Safe Directory With PAM And EncFS
This HowTo is about creating a user-session-safe directory which offers security on- and offline. This is done with PAM, a module named pam_script and EncFS ("Encrypted Filesystem"). This safe directory is used to store credentials and other sensitive information during a session. When a usersession is ended, in the worst case an encrypted directory remains on the harddrive. In the best case everything is removed. This construction is only meant to store information during a session, not for documents or any other valid information.
How to scan your Linux-Distro for Root Kits
Do you suspect that you have a compromised system ?Check now for root kits that the intruder may have installed !!!
So... What in the hell is a root kit ???
A root kit is a collection of programs that intruders often install after they have compromised the root account of a system.
These programs will help the intruders clean up their tracks, as well as provide access back into the system.
Root kits will sometimes leave processes running so that the intruder can come back easily and without the system administrator's knowledge !
How To Test Your Linux-Distro Firewall
Recently, I wrote an article about how to scan your Linux-Distro for Root Kits.Now that the machine is clean. I think, a good thing to do is to test my Firewall.
The good news is that we can use the free tool FTester.
The bad news is that FTester needs to be configured right...
So... Let's get to work !
The Perfect Linux Firewall Part II -- IPCop & Copfilter
This document is the second segment in a series on installing IPCop firewall. We will be creating a "DMZ" for hosting your own web server or mail server and the Copfilter proxy for filtering your application layer ingress and egress network traffic. This is intended to be a rough overview on creating a IPCop firewall with Copfilter and comes without warranty of any kind.
Preventing SSH Dictionary Attacks With DenyHosts
In this HowTo I will show how to install and configure DenyHosts. DenyHosts is a tool that observes login attempts to SSH, and if it finds failed login attempts again and again from the same IP address, DenyHosts blocks further login attempts from that IP address by putting it into /etc/hosts.deny. DenyHosts can be run by cron or as a daemon. In this tutorial I will run DenyHosts as a daemon.
Chrooted SSH HowTo
This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of.
::What is IPCop
The IPCop project is a GNU/Linux GPL project that offers an exceptional feature packed stand alone firewall to the internet community. Its comprehensive web interface, well documented administration guides, and its involved and helpful user/administrative mailing lists make users of any technical capacity feel at home. It goes far beyond a simple ipchains / netfilter implementation available in most Linux distributions and even the firewall feature sets of commercial competitors.
Firewalls have had to undergo a tremendous metamorphosis as a result of evolving threats. IPCop is exemplary in offering such a range of default features and even further a large set of optional plug-ins which can provide further functionality.
Some of IPCops impressive base install features include: secure https web administration GUI, DHCP Server, Proxying (Squid), DNS Proxying, Dynamic DNS, Time Server, Traffic Shaping, Traffic/Systems/Firewall/IDS graphing, Intrusion Detection (Snort), ISDN/ADSL device support and VPN (IPSec/PPTP) functionality. As if these base features were not an astounding enough there are dozens of add-ons which can further expand the functionality of your IPCop from Web Filtering to Anti virus scanning.
Author: Joe Topjian <joe [at] adminspotting [dot] net>
Browsing a site that supports SSL is a definite way to make sure no one can snoop in on what you're doing -- which is a good thing when you're doing something personal like checking email over the web or buying something from amazon. But if you're just doing stuff like reading the daily news or checking movie times, is privacy that important? The ultra-paranoid will give a resounding "yes" to that question while most people will just shrug. I find myself in between those two parties. At home while I'm reading the news, I could care less if the traffic is encrypted or not. However, when I'm at a public wi-fi spot, it does bother me a bit.
This document describes how to install chkrootkit and portsentry. It should work (maybe with slight changes concerning paths etc.) on all *nix operating systems.
Chkrootkit "is a tool to locally check for signs of a rootkit" (from http://www.chkrootkit.org).
Sentry tools provide host-level security services for the Unix
platform. PortSentry, Logcheck/LogSentry, and HostSentry protect
against portscans, automate log file auditing, and detect
suspicious login activity on a continuous basis".
"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.