Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for Hardening OpenBSD Internet Servers

Unix+clones Enhance boot-time security with GRUB passwords
Post date: April 26, 2006, 09:04 Category: Security Views: 14
Tutorial quote: The security of data files on your computer is at risk, and not just because you are connected to the Internet. Anyone with physical access to your machine can bypass all passwords to gain entry to your hard disk with one simple command given to the bootloader. Fortunately, the popular GRand Unified Bootloader (GRUB) is equipped with security features to prevent such an 'attack.' It can password protect each entry of your boot menu.
Unix+clones Squeeze Your Gigabit NIC for Top Performance
Post date: June 24, 2005, 21:06 Category: Optimizing Views: 135
Tutorial quote: Many new workstations and servers are coming with integrated gigabit network cards, but quite a few people soon discover that they can't transfer data much faster than they did with 100 Mb/s network cards. Multiple factors can affect your ability to transfer at higher speeds, and most of them revolve around operating system settings. In this article we will discuss the necessary steps to make your new gigabit-enabled server obtain close to gigabit speeds in Linux, FreeBSD, and Windows.
Fedora+Core VNC (Virtual Network Computing) 101
Post date: April 15, 2005, 20:04 Category: Network Views: 121
Tutorial quote: VNC stands for Virtual Network Computing. It is remote control software which allows you to view and interact with one computer (the "server") using a simple program (the "viewer") on another computer anywhere on the Internet. The two computers don't even have to be the same type, so for example you can use VNC to view an office Linux machine on your Windows PC at home. VNC is freely and publicly available and is in widespread active use by millions throughout industry, academia and privately.
Unix+clones Two-in-one DNS server with BIND9
Post date: April 1, 2006, 00:04 Category: Software Views: 15
Tutorial quote: This tutorial shows you how to configure BIND9 DNS server to serve an internal network and an external network at the same time with different set of information. To accomplish that goal, a new feature of BIND9 called view is used. As a tutorial it'll walk you through the whole set up, but initial knowledge of BIND and DNS is required, there are plenty of documents that cover that information on the Internet.
Unix+clones Encrypted NFS with OpenSSH
Post date: May 21, 2005, 15:05 Category: Network Views: 44
Tutorial quote: NFS is a widely deployed, mature, and understood protocol that allows computers to share files over a network. The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted, hosts and users cannot be easily authenticated, and its difficulty in firewalling. This article provides a solution to most of these problems for Linux clients and servers. These principles may also be applied to any UNIX server with ssh installed. This article assumes basic knowledge of NFS and firewalling for Linux.
Solaris Restoring a Sun system using JumpStart technology
Post date: April 13, 2005, 01:04 Category: Installing Views: 96
Tutorial quote: If a server crash and the file systems are corrupted or totally destroyed, then the only way to recover the data is to restore from backups. If it is only user data that is corrupted, the task is in general simple, but if the system disk fails, then there is a little bit more work involved in order to to recover the system. This article explains how to backup Sun systems using ufsrestore over NFS, and how to use Sun's JumpStart technology to restore Sun servers and workstations over the network.
Debian Configuring Dynamic DNS & DHCP on Debian Stable
Post date: February 2, 2006, 20:02 Category: Network Views: 55
Tutorial quote: For the average home computer user there is no need to install a complex package such as the Internet Software Consortium's BIND DNS or DHCP server, since there are far simpler lower resource tools to use, for example dnsmasq. For those who you wish to learn how to use ISC's BIND and DHCP, for example as a learning exercise, this is how I got it all to work in Debian Sarge, the current stable version of Debian GNU/Linux.

This short article was prompted by my question on the Debian-Administration forum site, where I was able to get some answers to the issues I faced and I did promise to post a solution if I got one.
Solaris Installing Solaris using JumpStart technology on an Intel laptop
Post date: April 13, 2005, 01:04 Category: Installing Views: 97
Tutorial quote: An interesting use of Solaris 8 on a PC laptop is for use with the JumpStart technology. It has never been so easy to install, re-install, or restore a server before.

As I am as a contractor, I am more on the road than in my own office, so I need a laptop, and preferably with Solaris installed, as I am focusing on Sun's products and applications.

Through the years, I have discovered that one of the most common scenarios is that a client needs a server installed, either because they just bought it, or need it re-installed, or recovered.

This article covers how to save time when installing servers, using the JumpStart technology on a laptop with Solaris for Intel.
Linux WiFi PDA Meets Linux--Part 3
Post date: May 28, 2005, 18:05 Category: Software Views: 74
Tutorial quote: Did you know that your new WiFi-equipped iPAQ can be used as a VoIP communicator? How about your Linux notebook? The program that makes it possible is called Skype and it lets you call other Skype users over the Internet for free. You can also call regular phone numbers for very competitive per-minute rates. As it turns out, Skype is available for both platforms and Windows, too. Although it's not an Open Source solution, it is freely available and fits nicely into our WiFi-PDA-meets-Linux bag of tools.

Join me now to discover how you can use the program on the iPAQ and a Linux notebook.
Unix+clones Installing and securing Squid
Post date: March 13, 2006, 10:03 Category: Software Views: 67
Tutorial quote: Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid supports SSL, extensive access controls, and full request logging. By using the lightweight Internet Cache Protocol, Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings.

After the installation and base configuration of squid we will add another layer of security by chrooting it.