Find the HOWTO or step-by-step guide that you need right here.
Looking to harden your Linux filesystem? Gocryptfs encrypts at the file level, so synchronization operations can work efficiently on each file. Learn more in this informative article:
A bit of a shift towards UNIX for those looking to a get a different view of network scanning: Discover how to scan your network for services and how to regularly monitor your services to keep uptimes to a maximum. A key way of ensuring the security of your network is to know what is on your network and what services individual machines are at risk of exposure. Unauthorized services, such as Web servers or file sharing solutions, not only degrade performance, but others can use these services as routes into your network. In this article, learn how to use these same techniques to ensure that genuine services remain available.
This will show you how to take boot CD's and make them hardened enough for what you need in any VPN application. From the introduction: For several years now, users at the Institution where I currently work part-time have expressed a need for a robust and secure connection to the internal network. The internal network actually has some clients that are on private networks and some clients that are Internet-route-able. Being mostly a Microsoft shop, the options that have been available were not deemed appropriate for various reasons, usually due to security concerns. After being introduced to the problem a few months ago and listening to the concerns surrounding it, I suggested using a boot CD, which would alleviate all of their security concerns. They gave me the go ahead to give it a try. I now have a working prototype and this document describes the process used to create it.
Ubuntu Gutsy-Gibbon on the brain? Looking to set up a solid defense with Intrusion Detection Snort, MySQL and more? HowToForge has a great guide from a contributor, Devilman: In this tutorial I will describe how to install and configure Snort (an intrusion detection system (IDS)) from source, BASE (Basic Analysis and Security Engine), MySQL, and Apache2 on Ubuntu 7.10 (Gutsy Gibbon). Snort will assist you in monitoring your network and alert you about possible threats. Snort will output its log files to a MySQL database which BASE will use to display a graphical interface in a web browser. Read on...
This is a recently found HOWTO, and is an amazing and comprehensive resource for getting many different Linux systems secure. This Linux Security HOWTO is intended for a technical audience, Linux system administrators, and security people in corporations and organizations that have to use commercial Linux distributions for their production environment. Check out the index for a complete listing of what this HOWTos Cover. The description also states it is "A Practical Guide to Basic Linux Security in Production Enterprise Environments" Written by Werner Puschitz
BackTrack, the penetration testing distribution, is a great LIve-CD to test a system and tear it apart. This HOWTO: One of BackTracks' most appealing features is it's modularity. As an end user, you can add your own modules scripts and tools to the livecd.
All too often, you hear the story of how X number of laptops or social security numbers were stolen from company Y. And why is so little attention paid to how and why that information was left unprotected and so easily accessible? There are many ways to combat this problem. One of the best ways is with encryption. And Carla Schroder takes us through a great way Today let us focus on the issue of protecting sensitive data on hard drives with encrypted file systems. This is for your mobile users and anyone who needs extra data security on workstations and servers. We're going to use cryptsetup-luks because it is easy and it is strong. We will create an encrypted partition that requires a passphrase only at mount time. Then you can use it just like any other partition. Nice summary and easy to follow.
AppArmor is one way to protect your assets on your Ubuntu Gutsy system. AppArmor attempts to protect processes on the server or desktop from security threats. AppArmor enforces limits on what processes can access on the system. It attempts to restrict processes to those resources that the process requires to function only. If you wanted to give AppArmor a try, and SELinux isn't your flavor, get your start here.
According to the Merriam-Webster online dictionary, duplicity is defined as "contradictory doubleness of thought, speech, or action." To the more Linux-initiated, however, it is an exceedingly useful tool. Make no mistakes about it, Duplicity is a very capable way of encrypting data and throwing its weight around against the standard Rsync. Read here to learn more about why duplicity is an alternative worth looking into.
This paper examines important facets of individual and group decision-making and provides prescriptive guidance on how we may improve the quality of our decision-making processes, leading to a better security decisions.
This paper helps to create a better understanding of rootkits and its effects. Also, this paper discusses how to monitor for a rootkit, and the steps that need to be taken to remove one.
This whitepaper shows how to harden your Linux kernel to prevent malicious attacks.
This paper covers various ways databases are attacked, and how to prevent them from being "hacked".
Linux-related security issues are an increasing threat to businesses. Discover a solution that protects complex networks with vital on-access scanning capabilities, automatic updating and intuitive management functions.
Superior security is often cited as the primary reason for running a non-Windows platform such as UNIX/Linux or Mac.
This document briefly describes how to harden your filesystem.
This document explains how to create encrypted file systems using the Cryptoloop functionality. Cryptoloop is part of the CryptoAPI in the 2.6 Linux kernel series.
This document describes the design and configuration of a Kerberos infrastructure for handling authentication with GNU/Linux. It details steps for a best practices method of setting up servers, Kerberos software, conversion of legacy systems, and ans
Information about installing, configuring, running and maintaining a LDAP (Lightweight Directory Access Protocol) Server on a Linux machine is presented on this document. The document also presents details about how to create LDAP databases, how to a
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
