HowtoForge - Linux Howtos and Tutorials - Security

How To Configure Apache To Use Radius For Two-Factor Authentication On Ubuntu 12.04

Wed, 16 May 2012 18:04:15 +0200

How To Configure Apache To Use Radius For Two-Factor Authentication On Ubuntu 12.04

This document describes how to add WiKID two-factor authentication to Apache 2.2.22 using mod_auth_radius on Ubuntu 12.04. It is also recommended that you consider using mutual https authentication for web applications that are worthy of two-factor authentication. Strong mutual authentication means that the targeted website is authenticated to the user in some cryptographically secure manner, thwarting most man-in-the-middle attacks. The use of cryptography is key. While some sites use an image in an attempt to validate a server, it should be noted that any man-in-the-middle could simply replay such an image.

Encrypt Your Data With EncFS (Debian Squeeze/Ubuntu 11.10)

Mon, 07 May 2012 18:16:15 +0200

Encrypt Your Data With EncFS (Debian Squeeze/Ubuntu 11.10)

EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. It is a pass-through filesystem, not an encrypted block device, which means it is created on top of an existing filesystem. This tutorial shows how you can use EncFS on Debian Squeeze/Ubuntu 11.10 to encrypt your data.

How To Integrate ClamAV Into PureFTPd For Virus Scanning On Debian Squeeze

Mon, 30 Apr 2012 21:11:11 +0200

How To Integrate ClamAV Into PureFTPd For Virus Scanning On Debian Squeeze

This tutorial explains how you can integrate ClamAV into PureFTPd for virus scanning on a Debian Squeeze system. In the end, whenever a file gets uploaded through PureFTPd, ClamAV will check the file and delete it if it is malware.

AVG Antivirus For Linux/FreeBSD Plus Qmail Mail Server

Fri, 27 Apr 2012 15:10:49 +0200

AVG Antivirus For Linux/FreeBSD Plus Qmail Mail Server

This document describes how to deploy AVG Antivirus for Linux/FreeBSD to the Qmail mail server. It is usable for AVG version 8.5, 10 and 2012.

Remotely Unlock Fully Encrypted Debian Squeeze

Mon, 16 Apr 2012 17:10:39 +0200

Remotely Unlock Fully Encrypted Debian Squeeze

In the past I have written several howtos for remotely unlocking fully encrypted Debian installations. With the advent of Debian Squeeze, the developers have integrated a simple way to do so. Most stuff is provided directly by Debian itself - meaning you don't need 3rd party scripts anymore. However it still involves a few steps which I describe below. Also I provide you with a bash script that will do all the steps automatically.

Configuring DNSSEC On BIND9 (9.7.3) On Debian Squeeze/Ubuntu 11.10

Sun, 15 Apr 2012 20:32:17 +0200

Configuring DNSSEC On BIND9 (9.7.3) On Debian Squeeze/Ubuntu 11.10

This guide explains how you can configure DNSSEC on BIND9 (version 9.7.3 that comes with Debian Squeeze/Ubuntu 11.10) on Debian Squeeze and Ubuntu 11.10. It covers how to enable DNSSEC on authoritative nameservers (master and slave) and on resolving nameservers, creation of keys (KSKs and ZSKs), signing of zones, key rolling with rollerd, zone file checking with donuts, creation of trust anchors, using DLV (DNSSEC look-aside validation), and getting your DS records into the parent's zone.

Web Filtering On Squid Proxy

Wed, 11 Apr 2012 17:17:03 +0200

Web Filtering On Squid Proxy

This HOWTO describes how to protect your home / small enterprise network users from objectionable internet contents with help of HTTP proxy. Our goal is to set up a free Linux based server running Squid and deploy web filtering application on it saving bandwidth, speeding up web access and blocking obsessive and potentially illegal and malicious web files.

How To Integrate ClamAV Into PureFTPd For Virus Scanning On CentOS 6.2

Fri, 30 Mar 2012 17:27:04 +0200

How To Integrate ClamAV Into PureFTPd For Virus Scanning On CentOS 6.2

This tutorial explains how you can integrate ClamAV into PureFTPd for virus scanning on a CentOS 6.2 system. In the end, whenever a file gets uploaded through PureFTPd, ClamAV will check the file and delete it if it is malware.

Running LinOTP On CentOS 6.2

Mon, 26 Mar 2012 17:39:35 +0200

Running LinOTP On CentOS 6.2

This howto will show how you can set up LinOTP on CentOS 6.2. LinOTP is a modular and flexible solution for two factor authentication with one time passwords. This howto uses the community packages that are available at the python package index PyPI.

How To Configure PureFTPd To Accept TLS Sessions On CentOS 6.2

Fri, 23 Mar 2012 13:46:50 +0100

How To Configure PureFTPd To Accept TLS Sessions On CentOS 6.2

FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to configure PureFTPd to accept TLS sessions on a CentOS 6.2 server.

Setting Up ProFTPd + TLS On Ubuntu 11.10 (Oneiric Ocelot)

Fri, 02 Mar 2012 17:21:07 +0100

Setting Up ProFTPd + TLS On Ubuntu 11.10 (Oneiric Ocelot)

AVG Antivirus For Linux/FreeBSD Plus Sendmail Mail Server

Fri, 17 Feb 2012 18:10:58 +0100

AVG Antivirus For Linux/FreeBSD Plus Sendmail Mail Server

This document describes how to deploy AVG Antivirus for Linux/FreeBSD to the Sendmail mail server. It is usable for AVG version 8.5, 10 and 2012.

Changing Apache Server Name To Whatever You Want With mod_security On Debian 6

Fri, 10 Feb 2012 15:58:20 +0100

Changing Apache Server Name To Whatever You Want With mod_security On Debian 6

In this tutorial I want to focus on how to change the Apache server name to whatever you want, so you can give your own name or sentence to Apache server headers that are sent to whois programs or websites, for example you can type "YTS","GWS" or "Microsoft-IIS/7.0" to misguide the hacker to guess which Linux OS or which version of Apache you are using.

How To Set Up A TOR Middlebox Routing All VirtualBox Virtual Machine Traffic Over The TOR Network

Mon, 06 Feb 2012 18:03:38 +0100

How To Set Up A TOR Middlebox Routing All VirtualBox Virtual Machine Traffic Over The TOR Network

This tutorial will show you how to reroute all traffic for a virtual machine through the Tor network to ensure anonymity. It assumes a standalone machine with a Linux OS, and VirtualBox installed. In this case, we'll be using Ubuntu on the host machine.

Web Filtering On Squid 3 With QuintoLabs Content Security 1.4 And Windows Active Directory Integration

Fri, 06 Jan 2012 16:42:49 +0100

Web Filtering On Squid 3 With QuintoLabs Content Security 1.4 And Windows Active Directory Integration

This HOWTO will show you how to set up a Squid proxy server deployed on CentOS or RedHat 6 Linux with web and content filtering done by QuintoLabs Content Security with proxy users transparently authenticated by Windows 2008 R2 based Active Directory. This is the work in progress and all comments are welcomed. The HOWTO is targeted at novice users and may sometimes seem too thorough for more advanced gurus. No compilation magic will be involved in our setup so any system administrator accustomed to Windows will be able to easily follow the instructions.