Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Security related tutorials

Unix+clones

Security Testing your Apache Configuration with Nikto

Post date: August 29, 2006, 16:08 Category: Security Views: 3455 Comments
Tutorial quote: By now you've got the perfect setup for your new Ubuntu 6.0.6 (Dapper Drake) box. You may have even followed the excellent Intrusion Detection and Prevention with BASE and Snort tutorial. And as an added precaution you installed DenyHosts to prevent hack attempts via ssh. But now that you've got your new LAMP server on the internet, how can you tell that your new web server is secure? You test it, of course!
CentOS

Securing the CentOS Perfect Setup with Bastille

Post date: August 29, 2006, 15:08 Category: Security Views: 8124 Comments
Tutorial quote: This article shows how to secure a CentOS server using psad, Bastille, and some other tweaks. psad is a tool that helps detect port scans and other suspicious traffic, and the Bastille hardening program locks down an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise.
Linux

LDAP Authentication In Linux

Post date: August 26, 2006, 06:08 Category: Security Views: 5340 Comments
Tutorial quote: This howto will show you howto store your users in LDAP and authenticate some of the services against it. I will not show howto install particular packages, as it is distribution/system dependant. I will focus on "pure" configuration of all componenets needed to have LDAP authentication/storage of users. The howto assumes somehow, that you are migrating from a regular passwd/shadow authentication, but it is also suitable for people who do it from scratch.
Debian

System encryption on Debian Etch

Post date: August 16, 2006, 16:08 Category: Security Views: 4916 Comments
Tutorial quote: In this article I will describe how to setup a nearly complete encrypted system using Debian Etch and cryptsetup with LUKS. The goal is: encrypt all partitions except /boot. The user should enter a password at boot time or provide a keyfile on an USB device to decrypt the root partition. Keyfiles for additional partitions are located on the root, so the user does not need to enter a password for every partition.
Unix+clones

How to restore a hacked Linux server

Post date: July 30, 2006, 18:07 Category: Security Views: 3636 Comments
Tutorial quote: Every sysadmin will try its best to secure the system/s he is managing. Hopefully you never had to restore your own system from a compromise and you will not have to do this in the future. Working on several projects to restore a compromised Linux system for various clients, I have developed a set of rules that others might find useful in similar situations. The type of hacks encountered can be very variate and you might see very different ones than the one I will present, or I have seen live, but even so, this rules might be used as a starting point to develop your own recovery plan.
Debian

Intrusion Detection With BASE And Snort

Post date: July 16, 2006, 16:07 Category: Security Views: 4396 Comments
Tutorial quote: This tutorial shows how to install and configure BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS) on a Debian Sarge system. BASE provides a web front-end to query and analyze the alerts coming from a Snort IDS system. With BASE you can perform analysis of intrusions that Snort has detected on your network.

Scenario: A linux server running Debian Sarge 3.1 setup according to Falko's - The Perfect Setup - Debian Sarge (3.1).
Let's assume we have one working website (www.example.com) and that the document root is: /var/www/www.example.com/web
The IP of the server is 192.168.0.5 and it's using eth0 as network interface name.
Debian

Secure Your Apache With mod_security

Post date: July 16, 2006, 16:07 Category: Security Views: 4858 Comments
Tutorial quote: This article shows how to install and configure mod_security. mod_security is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.

In the first chapter I will show how to install mod_security on Debian Sarge, Ubuntu 6.06 LTS (Dapper Drake), and on Fedora Core 5, and in the second chapter I will describe how to configure Apache for mod_security which is independent from the distribution you're using.

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
Debian

Monitoring your filesystem for unauthorised change

Post date: July 15, 2006, 05:07 Category: Security Views: 2784 Comments
Tutorial quote: If you're running a stable server and are worried about an intruder modifying your system binaries to install new corrupted versions you should be using a filesystem integrity checker.
Debian

Stack Smashing Protection for Debian

Post date: June 23, 2006, 22:06 Category: Security Views: 2746 Comments
Tutorial quote: Since we last covered the use of Stack Smashing Protection (SSP) the default compiler for Debian Sid has been upgraded to include it, with no need for custom patching. Read on for a brief demonstration of how it can be used to prevent attacks.

The default C compiler for Sid, which will be used in Etch too, is GCC v4.1. This releasecontains the SSP patch which previously needed to be applied manually (we demonstrated applying this patch for GCC v3.4 a long time ago).

Since the SSP patch is included in the compiler by default it is suddenly a lot easier to start working with it.
NetBSD

How to use encrypted swap over nfs

Post date: June 22, 2006, 21:06 Category: Security Views: 5464 Comments
Tutorial quote: It's getting more and more popular to use encrypted swap. This is however not a trivial task with nfs-swap.
Web-based applications and online marketing solutions - LumoLink