Find the HOWTO or step-by-step guide that you need right here.
This is a document that I last made modifications to in 1998, but is still pretty relevant. Topics covered include developing a security policy, network and host security tips, process accounting, physical security, intrusion detection, files and fil
A bit of a shift towards UNIX for those looking to a get a different view of network scanning:
Discover how to scan your network for services and how to regularly monitor your services to keep uptimes to a maximum. A key way of ensuring the security of your network is to know what is on your network and what services individual machines are at risk of exposure. Unauthorized services, such as Web servers or file sharing solutions, not only degrade performance, but others can use these services as routes into your network. In this article, learn how to use these same techniques to ensure that genuine services remain available.
This will show you how to take boot CD's and make them hardened enough for what you need in any VPN application. From the introduction:
For several years now, users at the Institution where I currently work part-time have expressed a need for a robust and secure connection to the internal network. The internal network actually has some clients that are on private networks and some clients that are Internet-route-able.
Being mostly a Microsoft shop, the options that have been available were not deemed appropriate for various reasons, usually due to security concerns. After being introduced to the problem a few months ago and listening to the concerns surrounding it, I suggested using a boot CD, which would alleviate all of their security concerns. They gave me the go ahead to give it a try. I now have a working prototype and this document describes the process used to create it.
Ubuntu Gutsy-Gibbon on the brain? Looking to set up a solid defense with Intrusion Detection Snort, MySQL and more? HowToForge has a great guide from a contributor, Devilman:
In this tutorial I will describe how to install and configure Snort (an intrusion detection system (IDS)) from source, BASE (Basic Analysis and Security Engine), MySQL, and Apache2 on Ubuntu 7.10 (Gutsy Gibbon). Snort will assist you in monitoring your network and alert you about possible threats. Snort will output its log files to a MySQL database which BASE will use to display a graphical interface in a web browser.
Read on...
This is a recently found HOWTO, and is an amazing and comprehensive resource for getting many different Linux systems secure.
This Linux Security HOWTO is intended for a technical audience, Linux system administrators, and security people in corporations and organizations that have to use commercial Linux distributions for their production environment.
Check out the index for a complete listing of what this HOWTos Cover.
The description also states it is "A Practical Guide to Basic Linux Security in Production Enterprise Environments"
Written by Werner Puschitz
BackTrack, the penetration testing distribution, is a great LIve-CD to test a system and tear it apart. This HOWTO:
One of BackTracks' most appealing features is it's modularity. As an end user, you can add your own modules scripts and tools to the livecd.
All too often, you hear the story of how X number of laptops or social security numbers were stolen from company Y. And why is so little attention paid to how and why that information was left unprotected and so easily accessible?
There are many ways to combat this problem. One of the best ways is with encryption. And Carla Schroder takes us through a great way
Today let us focus on the issue of protecting sensitive data on hard drives with encrypted file systems. This is for your mobile users and anyone who needs extra data security on workstations and servers. We're going to use cryptsetup-luks because it is easy and it is strong. We will create an encrypted partition that requires a passphrase only at mount time. Then you can use it just like any other partition.
Nice summary and easy to follow.
