HowtoForge - Linux Howtos and Tutorials - Security

Prevent Phishing with Mutual Authentication

Mon, 19 Feb 2007 15:43:03 +0100

Prevent Phishing with Mutual Authentication

Phishing is a man-in-the-middle attack. While many people think using time-bound, one-time passwords will solve the problem, they are wrong as attacks will just become automated. What is required is strong mutual authentication - authentication of the host to the user as well as the user to the host. This article demonstrates how to do that using open-source software from WiKID.

Custom Boot Menu for Windows XP

Tue, 30 Jan 2007 13:47:01 +0100

Custom Boot Menu for Windows XP

One of the first things that I do upon receiving a new windows computer is create my own custom boot menu that shows up every time I boot my machine. This is especially handy when you suspect a virus; you can reboot into safe mode and scan for it.

Secure your SSH deployment with WiKID two-factor authentication

Thu, 18 Jan 2007 13:30:14 +0100

Secure your SSH deployment with WiKID two-factor authentication

In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution. The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution.

How to configure OpenVPN to use WiKID Strong Authentication

Wed, 03 Jan 2007 14:05:33 +0100

How to configure OpenVPN to use WiKID Strong Authentication

The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution. This guide demonstrates how to OpenVPN and SSH to use one-time passwords from WiKID. While both solutions support private key authentication, that may not be sufficient for your requirements; you may need one-time passwords for webmail or extranet access; or centralized authentication management and logging.

What virus scanner is used by ISPConfig?

Mon, 07 Aug 2006 17:51:27 +0200

ISPConfig uses ClamAV (http://www.clamav.net) as virus scanner and the E-mail Sanitizer (http://www.impsec.org/email-tools/procmail-security.html) as content filter.Read more...

How do I scan my Linux system for rootkits, worms, trojans, etc.?

Mon, 07 Aug 2006 16:48:39 +0200

Either with chkrootkit or with rkhunter.

chkrootkit

Either install the package that comes with your distribution (on Debian you would run

apt-get install chkrootkit

), or download the sources from www.chkrootkit.org and install manually:

wget --passive-ftp ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
tar xvfz chkrootkit.tar.gz
cd chkrootkit-<version>/
make sense

Afterwards, you can move the chkrootkit directory somewhere else, e.g. /usr/local/chkrootkit: