Incident Response Tools For Unix, Part One: System Tools
This article is the first in a three-part series on tools that are useful during incident response and investigation after a compromise has occurred on a OpenBSD, Linux, or Solaris system.
Find the HOWTO or step-by-step guide that you need right here.
This article is the first in a three-part series on tools that are useful during incident response and investigation after a compromise has occurred on a OpenBSD, Linux, or Solaris system.
Web servers are employing techniques for protecting session IDs from three classes of attacks: interception, prediction, and brute force attacks. This paper reveals a fourth class of session attacks against session IDs: session fixation attacks.
This program is a "secure" replacement for inetd, meaning in this case that it offers many features that allow you to control who accesses which services, and from where.
This document makes a humble attempt in explaining how to get Cyrus to work.
This documentation discusses a way to scan your system for Rootkits. The information provided is not meant to replace common security practices, but might prove useful when used in conjunction with these practices.
Chrooted system services improve security by limiting damage that someone who broke into the system can possibly do. This article discusses, in depth, how to do so.
This article will cover the issues of Linux hardening, with a specific focus on kernel hardening and its use on production systems. Several kernel-hardening approaches and their usability will be analyzed.