Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Security related tutorials

Debian

How To Set Up suPHP With PHP4 And PHP5

Post date: June 17, 2006, 06:06 Category: Security Views: 3709 Comments
Tutorial quote: This tutorial shows how to install and use suPHP with PHP4 and PHP5. suPHP is a tool for executing PHP scripts with the permissions of their owners instead of the Apache user. With the help of suPHP you can also have PHP4 and PHP5 installed at the same time which I will describe at the end of this article.
Debian

HELO restrictions for Exim4

Post date: June 16, 2006, 22:06 Category: Security Views: 2690 Comments
Tutorial quote: One thing that I've noticed on my mailserver in recent months has been a large number of spam mails which identify themselves as being sent from my own IP address. Since they never are blocking them is a useful thing to do before any more intensive filtering is done.
Linux

Creating a safe directory with PAM and Encfs

Post date: June 7, 2006, 20:06 Category: Security Views: 3071 Comments
Tutorial quote: Now, in my network (and others) the credentials provided at login could (and should) be used by those programs. How can you retrieve these credentials, providing enough security?
With a the PAM modules pam_script it's possible to store the password in a file, which will be used by fusemb and mount.cifs to read the password from.

To achieve security, one could make the user logging in owner and deny read/write for anybody else. Remove this file when the user ends his/her session.
This is enough, for runtime. But I was wondering, but what if the system crashes, and the file with the credentials remains on the harddrive? Anybody who is able to mount this harddrive with for example a lifecd, can read this file!

That's why I was looking for a way to encrypt this file.

With encfs this is very possible! At run time it gives an interface to encrypted files and directories, which does only exist at runtime! When the system is not running, there are only encrypted files, useless when you do not know the key to it. And this key is exactly the (encrypted) password! That's why I've chosen for a combination of PAM and Encfs.
Unix+clones

How to scan your Linux-Distro for Root Kits

Post date: May 19, 2006, 18:05 Category: Security Views: 3114 Comments
Tutorial quote: Do you suspect that you have a compromised system ?
Check now for root kits that the intruder may have installed !!!

So... What in the hell is a root kit ???
A root kit is a collection of programs that intruders often install after they have compromised the root account of a system.
These programs will help the intruders clean up their tracks, as well as provide access back into the system.
Root kits will sometimes leave processes running so that the intruder can come back easily and without the system administrator's knowledge !

Solution....
Scripts like chkrootkit will do the job for you automatically.
Unix+clones

Enhance boot-time security with GRUB passwords

Post date: April 26, 2006, 13:04 Category: Security Views: 2879 Comments
Tutorial quote: The security of data files on your computer is at risk, and not just because you are connected to the Internet. Anyone with physical access to your machine can bypass all passwords to gain entry to your hard disk with one simple command given to the bootloader. Fortunately, the popular GRand Unified Bootloader (GRUB) is equipped with security features to prevent such an 'attack.' It can password protect each entry of your boot menu.
Debian

Running network services as a non-root user

Post date: April 20, 2006, 10:04 Category: Security Views: 3124 Comments
Tutorial quote: There are many times when it is convenient to allow non-root users to run services, or daemons, which bind to "privileged ports". There are several approaches to this problem each with its own set of pros and cons. Read on for a brief look at the most common approaches.
OpenBSD

Hardening OpenBSD Internet Servers

Post date: April 11, 2006, 22:04 Category: Security Views: 9147 Comments
Tutorial quote: This tutorial on how-to harden or improve security on OpenBSD Internet servers includes sections that apply to any UNIX system. Hardening is making a computer more secure by removing unneeded functions, restricting access and tracking changes and processes. It was revised to cover OpenBSD 3.0 on Dec. 15, 2001 and includes an overview of the 2.9 to 3.0 changes. A new page on priorities ranks the value of the techniques presented here. Familiarity with UNIX system administration but not OpenBSD is assumed.
Debian

Gnu Privacy Guard (GPG)

Post date: March 21, 2006, 19:03 Category: Security Views: 2677 Comments
Tutorial quote: GNU Privacy Guard, or GPG, is a free replacement for the famous encryption tool PGP written by Phil Zimmermann. It is a tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. Here we'll provide a quick introduction to generating a key-pair and using it for basic tasks.
Debian

An Introduction to Video Surveillance with 'Motion'

Post date: February 6, 2006, 09:02 Category: Security Views: 3181 Comments
Tutorial quote: Videochatting and amateur pornography are all well and good, but have you ever wondered what else you can do with that webcam?
Well, thanks to the efforts of many dedicated open-source coders, any half-decent PC can be turned into a motion-detecting, snapshot-making, video-recording D.I.Y. security solution.
Debian

Chrooted SSH HowTo

Post date: January 30, 2006, 07:01 Category: Security Views: 3161 Comments
Tutorial quote: This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of.
Web-based applications and online marketing solutions - LumoLink