Articles by nowen
-
How to configure sudo for two-factor authentication using pam-radius on Ubuntu and CentOS
Author: nowen • Tags: centos, linux, security, ubuntu • Comments: 3
Attackers frequently use lost, stolen, weak or default credentials to escalate their privileges after they have infiltrated your network. While two-factor authentication can greatly reduce infiltration, there are other means of gaining entry such as malware. This tutorial shows how to add radius to sudo for Centos 7 and Ubuntu 14.04 for two-factor authentication with the WiKID Strong Authentication server.
-
Increasing the security of PPTP by adding two-factor authentication to poptop
Author: nowen • Tags: linux, security • Comments: 0Security Issues and Poptop PPTP does not have the best history in terms of security. The original Microsoft implementation for PPTP faired very poorly. MS-CHAPV2 solved these weaknesses - for wired networks. Unfortunately, back in 2004, Joshua Wright released a version of ASLEAP capable of brute-force attacking PPTP passwords in a wireless environment. As a systems administrator for the VPN, you can't tell if a user is connecting via some public WiFi service where someone might be running a tool like ASLEAP. Yet, the presense of PPTP client software on Windows machines makes using PPTP very tempting. The best answer to this problem is to utilize two-factor authentication. If a one-time passcode is brute-forced, it won't matter as it can't be used again.
-
How to secure WebDAV with SSL and Two-Factor Authentication
Author: nowen • Tags: apache, security • Comments: 1How to secure WebDAV with SSL and Two-Factor Authentication This how-to documents how to configure a WebDAV resource using SSL and two-factor authentication and how to access that resource from Windows, Linux and Mac.
-
-
Configuring SSH To Use Freeradius And WiKID For Two-Factor Authentication
Author: nowen • Tags: security • Comments: 2Configuring SSH To Use Freeradius And WiKID For Two-Factor Authentication Radius is a great standard. It is powerful enough to accomplish a great deal and simple enough to be easy to handle. Freeradius is an excellent, open source radius server that ships with many Linux variants. It is well documented and well supported. The WiKID Strong Authentication server is a commercial/open source two-factor authentication system that uses public key encryption to transmit PINs and one-time passcodes securely to software tokens running on Blackberries, cell phones, Palms, PocketPCs or, using the J2SE client, Linux, Macs and Windows PCs. You can think of WiKID like certificates, but without the hassles of white lists/black lists and more secure - because the PIN is validated on the server preventing offline brute-force attacks.
-
How to secure VNC remote access with two-factor authentication
Author: nowen • Tags: security • Comments: 1How to secure VNC remote access with two-factor authentication VNC is the most popular remote access solution today. However, it was developed to provide remote access, not to provide secure remote access. Administrators have to add security to VNC by tunneling it through an encrpyted channel such as SSH and adding a layer of authentication. In this article, we will show you how to combine the NoMachine NX server to encrpyt VNC and remote X session combined with two-factor authentication from WiKID Systems to create a secure, fast remote access solution.