Linux Tutorials on the topic “security”
-
Introducing Remo - An Easy Way to Secure an Insecure Online Application with ModSecurity
Author: dune73 • Tags: apache, security • Comments: 2Introducing Remo - An Easy Way to Secure an Insecure Online Application with ModSecurity Say you have a nasty application on your Apache webserver that has been installed by some jerks from the marketing department and you can neither remove nor patch it. Maybe it is a time problem, a lack of know-how, a lack of source-code, or possibly even political reasons. Consequently you need to protect it without touching it. There is ModSecurity, but they say this is only for experts. A straightforward alternative is Remo, a graphical rule editor for ModSecurity that comes with a whitelist approach. It has all you need to lock down the application.
-
Secure Websites Using SSL And Certificates
Author: punk0mi • Tags: apache, fedora, security • Comments: 8Secure Websites Using SSL And Certificates This how-to will guide you through the entire process of setting up a secure website using SSL and digital certificates. This guide assumes that you have already a fully functional (and configured) server running Apache, BIND, and OpenSSL. Just as a side note, this guide was written based on a Fedora Core 6 distribution, but should be the same for most other distros out there.
-
How to secure VNC remote access with two-factor authentication
Author: nowen • Tags: security • Comments: 1How to secure VNC remote access with two-factor authentication VNC is the most popular remote access solution today. However, it was developed to provide remote access, not to provide secure remote access. Administrators have to add security to VNC by tunneling it through an encrpyted channel such as SSH and adding a layer of authentication. In this article, we will show you how to combine the NoMachine NX server to encrpyt VNC and remote X session combined with two-factor authentication from WiKID Systems to create a secure, fast remote access solution.
-
-
Custom Boot Menu for Windows XP
Author: apachedude • Tags: security • Comments: 2Custom Boot Menu for Windows XP One of the first things that I do upon receiving a new windows computer is create my own custom boot menu that shows up every time I boot my machine. This is especially handy when you suspect a virus; you can reboot into safe mode and scan for it.
-
Preventing Brute Force Attacks With Fail2ban On Debian Etch
Author: Falko Timme • Tags: security, debian • Comments: 17Preventing Brute Force Attacks With Fail2ban On Debian Etch In this article I will show how to install and configure fail2ban on a Debian Etch system. Fail2ban is a tool that observes login attempts to various services, e.g. SSH, FTP, SMTP, Apache, etc., and if it finds failed login attempts again and again from the same IP address or host, fail2ban stops further login attempts from that IP address/host by blocking it with an iptables firewall rule.
-
Perfect Setup Of Snort + Base + PostgreSQL On Ubuntu 6.06 LTS
Author: ruribeetxeberria • Tags: monitoring, security, ubuntu • Comments: 8Perfect Setup Of Snort + Base + PostgreSQL On Ubuntu 6.06 LTS This tutorial describes how you can install and configure the Snort IDS (intrusion detection system) and BASE (Basic Analysis and Security Engine) on an Ubuntu 6.06 (Dapper Drake) system. With the help of Snort and BASE, you can monitor your system - with BASE you can perform analysis of intrusions that Snort has detected on your network. Snort will use a PostgreSQL database to store/log the data it gathers.
-
Intrusion Detection With BASE And Snort
Author: edge • Tags: security, monitoring • Comments: 18Intrusion Detection With BASE And Snort This tutorial shows how to install and configure BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS) on a Debian Sarge system. BASE provides a web front-end to query and analyze the alerts coming from a Snort IDS system. With BASE you can perform analysis of intrusions that Snort has detected on your network.
-
How to configure Apache to use Radius for Two-factor Authentication
Author: nowen • Tags: apache, security • Comments: 4How to configure Apache to use Radius for Two-factor Authentication This brief document shows how to configure Apache to use mod_auth_xradius to authenticate users with the WiKID Strong Authentication System. Adding two-factor authentication to Apache is a very simple process with this setup.
-
Fight Image Spam With FuzzyOCR And SpamAssassin On Debian/Ubuntu
Author: Falko Timme • Tags: antivirus, security • Comments: 5Fight Image Spam With FuzzyOCR And SpamAssassin On Debian/UbuntuThis tutorial describes how to scan emails for image spam with FuzzyOCR. FuzzyOCR is a plugin for SpamAssassin which is aimed at unsolicited bulk mail containing images as the main content carrier. Using different methods, it analyzes the content and properties of images to distinguish between normal mails (ham) and spam mails. FuzzyOCR tries to keep the system load low by scanning only mails that have not already been categorized as spam by SpamAssassin, thus avoiding unnecessary work.
-
Install and Configure Auth Shadow on Debian/Ubuntu
Author: Thanatos • Tags: apache, debian, linux, security, ubuntu • Comments: 3Install and Configure Auth Shadow on Debian/Ubuntu Auth Shadow or mod-auth-shadow is a module for apache (and apache2, sort of) that enables authentication against /etc/shadow. The benefits being that any system user with a password can be authenticated for web_dav, subversion or simply an https server. The only other way to do this is with PAM. That method is dangerous because the apache user (www-data in my case) must be able to read /etc/shadow. Obviously, not a good idea. Auth Shadow accomplishes this safely by using a intermediate program called validate. This works because validate can be owned by root but executable by everyone. In the event that your server is compromised through apache, your password file will not be readable.
