How to secure my network - Page 5.25
Find the HOWTO or step-by-step guide that you need right here.
Find the HOWTO or step-by-step guide that you need right here.
This documentation will present the basic tenets of a network security engineering process. It will also show that the network security process, as opposed to a point tool, coincides with the creation of new threats.
This document starts with "What is a network" and goes on to describe the OSI model, risk management, denial of service, authorization, types of firewalls, and more.
This documentations, part 1 of a series of articles, will help you field yourself against the imminent dangers that you will have to face when you decide to open up your business to the anarchy of the Internet. The article goes in depth on the data a
This document, written by Dave Dittrich, provides a great foundation for performing a postmortem on your box once it's been rooted.
VTun provides an easy and simpler way to create virtual tunnels between TCP/IP networks with traffic shaping, compression and encryption. It supports IP, PPP, SLIP, Ethernet and other tunnel types.
Here's a really good article by Steve Bellovin and others from CERT that attempt to provide "risk management" instead of "risk avoidance"
This is a document discusses an interesting perspective on network security and how to develop a sound security strategy.
This is a Sun document that describes what many of the most common TCP and UDP network security vulnerabilities exist, as well as how to reduce their threat.
A one-of-a-kind content-based IDS tool that generates alerts to syslog and/or text files. Comes with more than 1100 attack signatures.
RFC 2267, "Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing" by Paul Ferguson and Daniel Senie details methods for filtering spoofed packets on your network
IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte c
SSH is a powerful, yet easy-to-use application that uses strong cryptography for protecting all transmitted confidential data, including passwords, binary files, and administrative commands.
COPS is a collection of about a dozen programs that each attempt to tackle a different problem area of UNIX security. Kind of dated now, but still valuable.
Aim of this document to give some examples for setting up IPsec between different operating systems. Tested platforms were OpenBSD 3.3, GNU/Linux using Super-FreeS/WAN 1.99_kb4, Kame/NetBSD 1.6.1, Windows 2000 and PGPNet on WindowsME.
FreeS/WAN is a Linux implementation of the IPSEC (IP security) protocols. IPSEC provides encryption and authentication services at the IP (Internet Protocol) level of the network protocol stack.
This CERT document gives home users an overview of the security risks and countermeasures associated with Internet connectivity, especially in the context of 'always-on' or broadband access services (such as cable modems and DSL).
This document describes how to set up your Linux server to limit download bandwidth or incoming traffic and how to use your internet link more efficiently. This is useful when our internet link is slow or our LAN users download tons of mp3s and the n
In this Mini-HOWTO I'll be talking about what to do server side and client side to set up Gkrellm over ssh.
This document describes another method for intrusion detection. It is based on a proactive ruleset as opposed to reactive ruleset.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.