Linux Tutorials on the topic “security”

• Secure your SSH deployment with WiKID two-factor authentication

  Author: nowen • Tags: security • Comments: 5

  Secure your SSH deployment with WiKID two-factor authentication In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution. The WiKID Strong Authentication System is a commercial/open source two-factor authentication solution.

  read more... | view as pdf

• How do I scan my Linux system for rootkits, worms, trojans, etc.?

  Author: Falko Timme • Tags: linux, other, security • Comments: 3

  Either with chkrootkit or with rkhunter. chkrootkit Either install the package that comes with your distribution (on Debian you would run apt-get install chkrootkit ), or download the sources from www.chkrootkit.org and install manually: wget --passive-ftp ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz tar xvfz chkrootkit.tar.gz cd chkrootkit-<version>/ make sense Afterwards, you can move the chkrootkit directory somewhere else, e.g. /usr/local/chkrootkit:

  read more... | view as pdf

• Securing the connection between MySQL and MySQL Administrator using an SSH tunnel

  Author: Craig • Tags: mysql, security • Comments: 8

  Securing the connection between MySQL and MySQL Administrator using an SSH tunnelThis is a description of how to set up a secure tunnel between your MySQL Server and a locally running MySQL Administrator using Putty. By creating a secure tunnel to your MySQL server using Putty, you can grant localhost access to powerful applications like MySQL Administrator while at the same time, make your server appear as if it isn't even there. In effect, make your MySQL server disappear from the outside world.

  read more... | view as pdf

• Racoon Roadwarrior Configuration

  Author: matija.zeman • Tags: linux, security • Comments: 0

  Racoon Roadwarrior Configuration Racoon Roadwarrior is a client that uses unknown, dynamically assigned IP addresses to connect to a VPN gateway (in this case also firewall). This is one of the most interesting and today most needed scenarios in business environment. This tutorial shows how to configure Racoon Roadwarrior.

  read more... | view as pdf

• Securing Your Server With A Host-based Intrusion Detection System

  Author: Falko Timme • Tags: debian, monitoring, security • Comments: 5

  Securing Your Server With A Host-based Intrusion Detection System This article shows how to install and run OSSEC HIDS, an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. It helps you detect attacks, software misuse, policy violations and other forms of inappropriate activities.

  read more... | view as pdf

• How to Build an Effective Mail Server Defense

  Author: alinap • Tags: antivirus, freebsd, linux, security • Comments: 3

  How to Build an Effective Mail Server Defense When speaking of mail server-related security, one tends to limit the issue to message applied security measures, and even more to Antivirus and Antispam protection. This is however only one stage in the more complex process of securing your server. This article aims at identifying and explaining all security layers, highly important when choosing a certain mail server and consequently when configuring and using it.

  read more... | view as pdf

• What virus scanner is used by ISPConfig 2?

  Author: Till Brehm • Tags: ispconfig, security • Comments: 0

  ISPConfig 2 uses ClamAV (http://www.clamav.net) as virus scanner and the E-mail Sanitizer (http://www.impsec.org/email-tools/procmail-security.html) as content filter.

  read more... | view as pdf

• Chkrootkit-Portsentry-Howto

  Author: Falko Timme • Tags: security • Comments: 1

  Chkrootkit-Portsentry-HowtoThis document describes how to install chkrootkit and portsentry. It should work (maybe with slight changes concerning paths etc.) on all *nix operating systems. Chkrootkit "is a tool to locally check for signs of a rootkit" (from http://www.chkrootkit.org). "The Sentry tools provide host-level security services for the Unix platform. PortSentry, Logcheck/LogSentry, and HostSentry protect against portscans, automate log file auditing, and detect suspicious login activity on a continuous basis".

  read more... | view as pdf

• Secure and Private Browsing with Squid

  Author: joe • Tags: security • Comments: 12

  Version 1.0 Author: Joe Topjian <joe [at] adminspotting [dot] net> Last edited 05/02/2005 Browsing a site that supports SSL is a definite way to make sure no one can snoop in on what you're doing -- which is a good thing when you're doing something personal like checking email over the web or buying something from amazon. But if you're just doing stuff like reading the daily news or checking movie times, is privacy that important? The ultra-paranoid will give a resounding "yes" to that question while most people will just shrug. I find myself in between those two parties. At home while I'm reading the news, I could care less if the traffic is encrypted or not. However, when I'm at a public wi-fi spot, it does bother me a bit.

  read more... | view as pdf

• Chrooted SSH HowTo

  Author: Falko Timme • Tags: security • Comments: 17

  Chrooted SSH HowTo This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of.

  read more... | view as pdf