Menu

Tag Archives:security

Home / Tag: security
Setting Up ProFTPd + TLS On Debian Squeeze

Setting Up ProFTPd + TLS On Debian Squeeze

Setting Up ProFTPd + TLS On Debian SqueezeFTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to set up ProFTPd with TLS on a Debian Squeeze server.I do not issue any guarantee that this will work for you! 1 Preliminary NoteIn this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate. 2 Installing ProFTPd And OpenSSLOpenSSL

Read More »

Xtables-Addons On Centos 6 & Iptables GeoIP Filtering

Xtables-Addons On Centos 6 & Iptables GeoIP FilteringThis tutorial will explain how to install aditional modules for the kernel to use with iptables rules sets (netfilter modules). Xtables-addons is the successor to patch-o-matic(-ng). Likewise, it contains extensions that were not, or are not yet, accepted in the main kernel/iptables packages.
Xtables-addons is different from patch-o-matic in that you do not have to patch or recompile the kernel.A list of all available modules can be found here and their usage here. 1 Preliminary NoteBefore we start, make sure that SELinux is disabled. Runsys

Read More »
Stronghenge Application Firewall

Stronghenge Application Firewall

Stronghenge Application FirewallStronghenge is an Out-of-Band Application Firewall that can inspect both HTTP
and HTTPS traffic for attacks against your web applications. Since Stronghenge’s
detection engine is based off of the most widely deployed IDS/IPS technology
worldwide, Snort, it’s easy to start using. Additionally, since it’s an Out-
of-Band solution it requires little to no modification to your existing network.
With Snort’s powerful regular expression support, you can implement a positive
or negative security model.With it’s standalone decryption engine for RSA algorithms and custom

Read More »

Extending Perfect Server – Debian Squeeze [ISPConfig 3]

Extending Perfect Server – Debian Squeeze [ISPConfig 3]Version 1.0Author: Thomas (http://iopen.gr)Last edited 2012-02-05 (05 February 2012)The following tutorial will extend the “Perfect Server…. ” for ISPConfig 3 with BIND & Courier installed in Debian Squeeze. It explains how to change default ports (ssh, ispconfig, webmin), how to install some useful applications (webmin, roundcube, atop, htop, multitail, tiger etc), how to update awstats periodically (more than once a day) or whenever you want, how to create clients’ data backups (periodically) accessible under their folder and finally i

Read More »

How To Set Up A TOR Middlebox Routing All VirtualBox Virtual Machine Traffic Over The TOR Network

How To Set Up A TOR Middlebox Routing All VirtualBox Virtual Machine Traffic Over The TOR NetworkThis tutorial will show you how to reroute all traffic for a virtual machine through the Tor network to ensure anonymity.
It assumes a standalone machine with a Linux OS, and VirtualBox installed. In this case, we’ll be using Ubuntu on the host machine.
Thanks to- http://www.tolaris.com/2009/03/05/using-host-networking-and-nat-with-virtualbox/- https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy- http://www.rootdamnit.eu/2011/12/10/virtualbox-tor-backtrack-aka-how-to-become-almost-in

Read More »
Changing Apache Server Name To Whatever You Want With mod_security On Debian 6

Changing Apache Server Name To Whatever You Want With mod_security On Debian 6

Changing Apache Server Name To Whatever You Want With mod_security On Debian 6Autor: Alireza Razavi FarmadRayanFarmad Linux Professional Services Co. With over 70% of all attacks now carried out over the web application level,
organisations need every help they can get in making their systems secure. Web
application firewalls are deployed to establish an external security layer that
increases security, detects, and prevents attacks before they reach web
applications. One of the simple and basic tip to secure your server is that give at least
information about your O

Read More »

AVG Antivirus For Linux/FreeBSD Plus Sendmail Mail Server

AVG Antivirus For Linux/FreeBSD Plus Sendmail Mail ServerThis document describes how to deploy AVG Antivirus for Linux/FreeBSD to the Sendmail mail server.
It is usable for AVG version 8.5, 10 and 2012.Requirements1) Linux or FreeBSD x86 or x86_64 with x32 compatible libraries. (See /opt/avg/av/doc/README.)2) Configured Postfix Mail server.3) Correct HW configuration for AVG:CPU: i686 or amd64 on 800 MHzMem: 512 MB, 1GB is recommendedHDD: 500 MB of free space Installation1) Download correct package from AVG site:Trial: http://www.avg.com/cz-cs/download.prd-trialbFree: http://free.avg.com/cz-cs

Read More »
How To Configure PureFTPd To Accept TLS Sessions On CentOS 6.2

How To Configure PureFTPd To Accept TLS Sessions On CentOS 6.2

How To Configure PureFTPd To Accept TLS Sessions On CentOS 6.2FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to configure PureFTPd to accept TLS sessions on a CentOS 6.2 server. 1 Preliminary NoteYou should have a working PureFTPd setup on your CentOS 6.2 server, e.g. as shown in this tutorial: Virtual Hosting With PureFTPd And MySQL (Incl. Quota And Bandwidth Management) On CentOS 6.2. 2 Installing OpenSSLOpenSSL is needed by TL

Read More »

Running LinOTP On CentOS 6.2

Running LinOTP On CentOS 6.2This howto will show how you can set up LinOTP on CentOS 6.2. LinOTP is a modular and flexible solution for two factor authentication with one time passwords. This howto uses the community packages that are available at the python package index PyPI.yum install mysql-server/etc/init.d/mysqld startCreate a new database:mysql -u rootmysql> create database LinOTP2;Query OK, 1 row affected (0.00 sec)mysql> grant all privileges on LinOTP2.* to [email protected] identified by goodSecret;Query OK, 0 rows affected (0.01 sec)mysql> flush privileges;Query OK, 0 rows affected (

Read More »

How To Integrate ClamAV Into PureFTPd For Virus Scanning On CentOS 6.2

How To Integrate ClamAV Into PureFTPd For Virus Scanning On CentOS 6.2This tutorial explains how you can integrate ClamAV into PureFTPd for virus scanning on a CentOS 6.2 system. In the end, whenever a file gets uploaded through PureFTPd, ClamAV will check the file and delete it if it is malware. 1 Preliminary NoteYou should have a working PureFTPd setup on your CentOS 6.2 server, e.g. as shown in this tutorial: Virtual Hosting With PureFTPd And MySQL (Incl. Quota And Bandwidth Management) On CentOS 6.2. 2 Installing ClamAVClamAV is not available in the official CentOS repositories, therefore

Read More »