Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Security related tutorials

Debian

Loop-AES

Post date: January 25, 2006, 23:01 Category: Security Views: 3205 Comments
Tutorial quote: This is a step by step tutorial on creating an encrypted partition using Loop-AES (using AES-256). This tutorial is known to work under sarge.

Loop-AES is more secure than dm-crypt (and possibly faster), although it requires a custom kernel module and is more work to install than dm-crypt.
Debian

dmcrypt

Post date: January 25, 2006, 22:01 Category: Security Views: 4186 Comments
Tutorial quote: Device-mapper is a new infrastructure in the Linux 2.6 kernel that provides a generic way to create virtual layers of block devices that can do different things on top of real block devices like striping, concatenation, mirroring, snapshotting, etc... The device-mapper is used by the LVM2 and EVMS 2.x tools. dm-crypt is such a device-mapper target that provides transparent encryption of block devices using the new Linux 2.6 cryptoapi. Writes to this device will be encrypted and reads decrypted. You can mount your filesystem on it as usual. But without the key you can't access your data. It does basically the same as cryptoloop only that it's a much cleaner code and better suits the need of a block device and has a more flexible configuration interface. The on-disk format is also compatible.
Debian

Spam filtering with Pyzor and SpamBayes

Post date: January 3, 2006, 04:01 Category: Security Views: 2720 Comments
Tutorial quote: Spam appears to be a fact of life for most of the online world at the moment. Here is how I personally handle the filtering of incoming mail, using a combination of Pyzor, SpamBayes and Procmail. These tools each integrate nicely, and work easily with my mail reader of choice: mutt.
Debian

Using the 'snort' Intrusion Detection System

Post date: December 27, 2005, 15:12 Category: Security Views: 4586 Comments
Tutorial quote: Snort is the leading open source Network Intrusion Detection System and is a valuable addition to the security framework at any site. Even if you are employing lots of preventative measures, such as firewalling, patching, etc., a detection system can give you an assurance that your defences truly are effective, or if not, will give you valuable information about what you need to improve.

Fortunately, there is a good set of snort packages for Debian which takes a lot of the tedious work out of building a useful Network Intrusion Detection System. Before we start on installation, we should review a few details about the networking satack that you're going to need to make sense of the alerts snort will generate. Impatient readers and those who are familiar with the TCP/IP suite of protocols may do now skip to the bit that says Stand alone snort.
Linux

Enhancing kernel security with grsecurity

Post date: November 25, 2005, 21:11 Category: Security Views: 2745 Comments
Tutorial quote: Is your server as secure as it could be? Sure, you use a firewall, mandate strong passwords, and patch regularly. You even take a proactive approach by performing security audits with tools such as nmap and Nessus. Yet you may still be vulnerable to zero-day exploits and privilege escalation attacks. If these possibilities keep you awake at night, you're not alone. The sleepless folks with the grsecurity project have developed an easy-to-use set of security enhancements to help put your fears to rest.
FreeBSD

Using FreeBSD's ACLs

Post date: September 29, 2005, 17:09 Category: Security Views: 3351 Comments
Tutorial quote: Five years ago (gee, has it really been that long?), I wrote a series of articles on understanding Unix permissions. Since then, FreeBSD has implemented something known as ACLs (Access Control Lists).

ACLs came to BSD as part of the TrustedBSD project. As the name suggests, they give a user finer access control over permissions.
Debian

Installing Debian onto USB flash media with everything encrypted

Post date: September 28, 2005, 16:09 Category: Security Views: 6499 Comments
Tutorial quote: This is a simple procedure for installing Debian GNU/Linux onto a USB key flash media. It includes several configuration changes but tries to stay as close to a default debian install as possible.

This is useful for administrators that need to carry sensitive information or people concerned about their privacy.
Linux

Hardening Linux: a 10 step approach to a secure server

Post date: June 22, 2005, 10:06 Category: Security Views: 3394 Comments
Tutorial quote: The Internet has become a far more dangerous place than it was 20 years ago. Nowadays, Operating System and application security is an integral part of a server configuration and, while firewalls are very important, they are not the panacea.

This list of steps is intended as a guideline with a practical approach. We’ll try to provide a complete picture without getting into unnecesary details. This list won’t replace a good book on secure systems administration, but it will be useful as a quick guide.

Before we get started it’s worth to mention that security is not a status: it’s just a process. The correct initial setup of the server only provides a good start and helps you get half the way through. But you actually need to walk the other half of the road, by providing proper security vigilance, monitoring and updating.
Gentoo

Hardened Gentoo PaX Quickstart

Post date: May 21, 2005, 21:05 Category: Security Views: 3401 Comments
Tutorial quote: This tutorial explains how to setup PaX enabled kernel and take advantage of it.
FreeBSD

Bluetooth Security Review, Part 1

Post date: April 30, 2005, 00:04 Category: Security Views: 2960 Comments
Tutorial quote: Bluetooth (BT) wireless technology provides an easy way for a wide range of devices to communicate with each other and connect to the Internet without the need for wires, cables and connectors. The technology seams to be very interesting and beneficial, yet it can also be a high threat for the privacy and security of Bluetooth users.
Web-based applications and online marketing solutions - LumoLink