Linux Tutorials on the topic “security”
Author: Falko Timme •
Tags: php, security •
Intrusion Detection For PHP Applications With PHPIDS This tutorial explains how to set up PHPIDS on a web server with Apache2 and PHP5. PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.
Author: bswinnerton •
Tags: security, ubuntu •
Setting Up An SSH Certificate For Ubuntu From A Mac This howto should help you with setting up an RSA public and private key setup from a Mac to an Ubuntu box. Of course, this should be possible with other OS's but I have not tested it.
Author: nowen •
Tags: security •
How To Add WiKID Two-Factor Authentication To The Astaro Security Gateway Astaro is a very popular Linux-based "all-in-one" security appliance offering spam filtering, malware protection, firewall, VPN, etc. The WiKID Strong Authentication Server is a dual-source two-factor authentication system. PINs are encrypted on a software token and sent to the WiKID server. If the PIN is correct, the encryption valid and the account active, a one-time password is generated, encrypted and returned to the user's token where it is decrypted and presented for use with a network-based services. This document will show how to add WiKID two-factor authentication to the Astaro Security Gateway version 7 using Radius.
Author: o.meyer •
Tags: security, debian, desktop •
Protect Your Files With TrueCrypt 5.1a On Debian Etch (GNOME) This document describes how to set up TrueCrypt 5.1a on Debian Etch (GNOME). Taken from the TrueCrypt page: "TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc)."
Author: evolutionaryit •
Tags: security •
The Perfect Linux Firewall Part I -- IPCop ::What is IPCopThe IPCop project is a GNU/Linux GPL project that offers an exceptional feature packed stand alone firewall to the internet community. Its comprehensive web interface, well documented administration guides, and its involved and helpful user/administrative mailing lists make users of any technical capacity feel at home. It goes far beyond a simple ipchains / netfilter implementation available in most Linux distributions and even the firewall feature sets of commercial competitors. Firewalls have had to undergo a tremendous metamorphosis as a result of evolving threats. IPCop is exemplary in offering such a range of default features and even further a large set of optional plug-ins which can provide further functionality. Some of IPCops impressive base install features include: secure https web administration GUI, DHCP Server, Proxying (Squid), DNS Proxying, Dynamic DNS, Time Server, Traffic Shaping, Traffic/Systems/Firewall/IDS graphing, Intrusion Detection (Snort), ISDN/ADSL device support and VPN (IPSec/PPTP) functionality. As if these base features were not an astounding enough there are dozens of add-ons which can further expand the functionality of your IPCop from Web Filtering to Anti virus scanning.
Author: Elconas •
Tags: apache, security, suse •
How To Install mod_security/mod_security2 On SuSE Linux Enterprise Server 10 (SLES10) The Apache module mod_security is a very powerful security module. Combined with predefined rules, you can close many security wholes on your server, opened by bad written php or perl apps. Unfortunately mod_security is not part of the SLES10 distribution. To install mod_security to have to install some 3rd party modules. This guide helps you to install mod_security on SLES10 in a reproducable way (RPM). It also helps you to remove the module, by building RPM packages you can easily uninstall.
Author: PhilBieber •
Tags: security, ubuntu •
Setting Up An Iptables Firewall On Ubuntu With Firehol Everybody, who tried to configure an iptables firewall knows, that it can be quite a PITA. firehol is a tool that helps us to configure iptables according to our needs. In this How-To, I will discribe how to set up an iptables firewal using firehol that only allows SSH and ICMP (the protocol responsible for ping and traceroute). Also, only incoming connections are filtered, and outgoing connections are allowed.
Author: o.meyer •
Tags: security, fedora, desktop •
Protect Your Files With TrueCrypt 5 On Fedora 8 This document describes how to set up TrueCrypt 5 on Fedora 8. Taken from the TrueCrypt page: "TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc)."
Author: nowen •
Tags: security, fedora, centos, email •
How to add two-factor authentication to Google Apps for your Domain using open source software Everybody loves GMail. With Google Apps for you Domain, you can use GMail with your own domain, allowing organizations to outsource their email - and the requisite anti-spam filtering to Google. Webmail is very convenient, but for frequent travellers and those who use public wifi, it can be quite dangerous. Logging in from a kiosk or shared computer is a sure way to get your username and password stolen by a keystroke logger. Using a public WiFi system can lead to a man-in-the-middle attack. In this document we will take advantage of two open source projects to add two-factor authentication to Google Apps. The first is Gheimdall, a a TurboGears project for Google Apps SSO service. Gheimdall supports PAM and LDAP authentication natively. It also includes sample code to add new authentication methods, which made it very easy to add two-factor authentication from WiKID. WiKID is a dual-source two-factor authentication solution that uses public key cryptography to strongly authenticate users.
Author: Daneey •
Tags: security, debian •
How To Set Up SSH With Public-Key Authentication On Debian Etch This mini-howto explains how to set up an SSH server on Debian Etch with public-key authorization (and optionally with disabled password logins). SSH is a great tool to control Linux-based computers remotely. It's safe and secure.