Security

Want to support HowtoForge? Become a subscriber!
 

Perfect Setup Of Snort + Base + PostgreSQL On Ubuntu 6.06 LTS

Perfect Setup Of Snort + Base + PostgreSQL On Ubuntu 6.06 LTS

This tutorial describes how you can install and configure the Snort IDS (intrusion detection system) and BASE (Basic Analysis and Security Engine) on an Ubuntu 6.06 (Dapper Drake) system. With the help of Snort and BASE, you can monitor your system - with BASE you can perform analysis of intrusions that Snort has detected on your network. Snort will use a PostgreSQL database to store/log the data it gathers.

How to secure WebDAV with SSL and Two-Factor Authentication

How to secure WebDAV with SSL and Two-Factor Authentication

This how-to documents how to configure a WebDAV resource using SSL and  two-factor authentication and how to access that resource from Windows, Linux and Mac.

How to encrypt a diskdrive in (X)Ubuntu Feisty with dm-crypt and LUKS

How to encrypt a diskdrive in (X)Ubuntu Feisty with dm-crypt and LUKS

Today security is one of the key aspects in our daily life - sometimes conscious, sometimes unconscious. Security has many aspects and one of them is computer security or security of your or your business' computer data. In this tutorial I will show how to encrypt a whole disk drive using (X)Ubuntu Feisty, dm-crypt, and LUKS.

How to configure Apache to use Radius for Two-factor Authentication

How to configure Apache to use Radius for Two-factor Authentication

This brief document shows how to configure Apache to use mod_auth_xradius to authenticate users with the WiKID Strong Authentication System. Adding two-factor authentication to Apache is a very simple process with this setup.

Prevent Phishing with Mutual Authentication

Prevent Phishing with Mutual Authentication

Phishing is a man-in-the-middle attack. While many people think using time-bound, one-time passwords will solve the problem, they are wrong as attacks will just become automated. What is required is strong mutual authentication - authentication of the host to the user as well as the user to the host. This article demonstrates how to do that using open-source software from WiKID.

Fight Image Spam With FuzzyOCR And SpamAssassin On Debian/Ubuntu

Fight Image Spam With FuzzyOCR And SpamAssassin On Debian/Ubuntu

This tutorial describes how to scan emails for image spam with FuzzyOCR. FuzzyOCR is a plugin for SpamAssassin which is aimed at unsolicited bulk mail containing images as the main content carrier. Using different methods, it analyzes the content and properties of images to distinguish between normal mails (ham) and spam mails. FuzzyOCR tries to keep the system load low by scanning only mails that have not already been categorized as spam by SpamAssassin, thus avoiding unnecessary work.

Install and Configure Auth Shadow on Debian/Ubuntu

Install and Configure Auth Shadow on Debian/Ubuntu

Auth Shadow or mod-auth-shadow is a module for apache (and apache2, sort of) that enables authentication against /etc/shadow. The benefits being that any system user with a password can be authenticated for web_dav, subversion or simply an https server. The only other way to do this is with PAM. That method is dangerous because the apache user (www-data in my case) must be able to read /etc/shadow. Obviously, not a good idea. Auth Shadow accomplishes this safely by using a intermediate program called validate. This works because validate can be owned by root but executable by everyone. In the event that your server is compromised through apache, your password file will not be readable.

Secure your SSH deployment with WiKID two-factor authentication

Secure your SSH deployment with WiKID two-factor authentication

In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution. The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution.

How to configure OpenVPN to use WiKID Strong Authentication

How to configure OpenVPN to use WiKID Strong Authentication 

The WiKID Strong Authentication System  is a commercial/open source two-factor authentication solution.  This guide demonstrates how to OpenVPN and SSH to use one-time passwords from WiKID.  While both solutions support private key authentication, that may not be sufficient for your requirements; you may need one-time passwords for webmail or extranet access; or centralized authentication management and logging.

Securing the connection between MySQL and MySQL Administrator using an SSH tunnel

Securing the connection between MySQL and MySQL Administrator using an SSH tunnel

This is a description of how to set up a secure tunnel between your MySQL Server and a locally running MySQL Administrator using Putty. By creating a secure tunnel to your MySQL server using Putty, you can grant localhost access to powerful applications like MySQL Administrator while at the same time, make your server appear as if it isn't even there. In effect, make your MySQL server disappear from the outside world.

first page
previous page
...
28
next page
last page
XML feed
"Facebook" is a registered trademark of Facebook, Inc. All rights reserved.