How to secure my network - Page 5.5
Find the HOWTO or step-by-step guide that you need right here.
Find the HOWTO or step-by-step guide that you need right here.
VTun provides an easy and simpler way to create virtual tunnels between TCP/IP networks with traffic shaping, compression and encryption. It supports IP, PPP, SLIP, Ethernet and other tunnel types.
Here's a really good article by Steve Bellovin and others from CERT that attempt to provide "risk management" instead of "risk avoidance"
This is a document discusses an interesting perspective on network security and how to develop a sound security strategy.
This is a Sun document that describes what many of the most common TCP and UDP network security vulnerabilities exist, as well as how to reduce their threat.
A one-of-a-kind content-based IDS tool that generates alerts to syslog and/or text files. Comes with more than 1100 attack signatures.
RFC 2267, "Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing" by Paul Ferguson and Daniel Senie details methods for filtering spoofed packets on your network
IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte c
SSH is a powerful, yet easy-to-use application that uses strong cryptography for protecting all transmitted confidential data, including passwords, binary files, and administrative commands.
COPS is a collection of about a dozen programs that each attempt to tackle a different problem area of UNIX security. Kind of dated now, but still valuable.
Aim of this document to give some examples for setting up IPsec between different operating systems. Tested platforms were OpenBSD 3.3, GNU/Linux using Super-FreeS/WAN 1.99_kb4, Kame/NetBSD 1.6.1, Windows 2000 and PGPNet on WindowsME.
FreeS/WAN is a Linux implementation of the IPSEC (IP security) protocols. IPSEC provides encryption and authentication services at the IP (Internet Protocol) level of the network protocol stack.
This CERT document gives home users an overview of the security risks and countermeasures associated with Internet connectivity, especially in the context of 'always-on' or broadband access services (such as cable modems and DSL).
This document describes how to set up your Linux server to limit download bandwidth or incoming traffic and how to use your internet link more efficiently. This is useful when our internet link is slow or our LAN users download tons of mp3s and the n
In this Mini-HOWTO I'll be talking about what to do server side and client side to set up Gkrellm over ssh.
This document describes another method for intrusion detection. It is based on a proactive ruleset as opposed to reactive ruleset.
Many of my past newsletters have detailed configuration setups that required you to be able to execute commands on remote machines without interactively supplying a password. The next few articles will help show how you can set up such a system.
The process of modifying a system to make it highly secure is known as hardening.
The approach used by this document is to instead shame developers into producing better systems.