Server Security - Page 45
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Don't look now, but e-business is growing webbed feet. E-commerce, e-procurement networks, B2B partnerships, e-marketplaces--they're all ripe for exploitation by Linux, the upstart OS sporting the penguin logo. Linux is already a force in Web serving, Internet security and e-mail, both . . .
The newly formed Center for Internet Security hopes to answer that question by creating a suite of tests that would give computer owners a rating--on a scale of 1 to 10--of how good their security is. A level-10 server could protect . . .
An esoteric buffer overflow bug in OpenBSD has been upgraded in importance after it was discovered that, in certain conditions, it could allow a cracker to gain remote access to a server. Users are recommended to apply a patch to fix . . .
25 Ways to make your webserver more secure is a simple and short text that contains some principles to get a real world secure server.
When hackers plan to break into Websites, they first try to find out which operating system the site is using. Once they determines that and which services are running, their chances of successfully attacking a system are greatly increased. What can . . .
BSD/OS is often considered a "secure" operating system. I often see ISPs and website hosting companies prominently brag that their servers are secure because they run BSDi's operating system. BSDi itself often promotes itself by saying it continues the BSD tradition . . .
With ``e-commerce'' becoming an important part of many businesses, it's useful to know how to set up your server to run SSL for secure transfer of sensitive information. This article starts with a description of SSL and talks about implementing OpenSSL.. . .
RSBAC is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) by Abrams and LaPadula and provides a flexible system of access control based on several modules.. . .
There is practically no information available online regarding DHCP security. This is odd, considering the ubiquity of DHCP servers on most networks. Unlike BIND, the ISC DHCP server does not have command line options to chroot the . . .
Secure Shell (SSH) was built to address these faults and provide a more secure environment to work in. SSH encrypts all your traffic including your passwords when you connect to another machine over the net. SSH also replaces telnet, ftp, rsh, . . .
With the peak online holiday buying season just around the corner, Internet security experts are urging U.S. companies to enhance their security posture in light of recent threats made by hacker groups in the Middle East to launch an electronic holy . . .
ISC has discovered (or has been notified of) eight bugs which can result in vulnerabilities of varying levels of severity in BIND as distributed by ISC. Upgrading to BIND version 8.2.2 patchlevel 7, or higher, is strongly recommended for all users . . .
Here's a great guide to reducing the risk of spam using sendmail. Additional information includes DNS blacklists, spam filters and procmail, securing identd, and more. "A properly configured BSD mail server can protect users from spam and Trojan horses while rejecting . . .
This Microsoft article does a good job of outlining a list of security issues that no patch can fix. Only dilligence in maintaining your systems can ensure you're systems are as secure as possible. "In other cases, the reported problems simply . . .
In the final entry of a three-part series of firewall product reviews, Pawel Leszek looks at dedicated appliance firewalls based on Linux. "Fire and forget" is the main idea behind hardware firewall appliances like WatchGuard's Firebox II, the Raptor Firewall from . . .
This document provides a step-by-step guide to building a more secure web server, as well as tips on network placement. "Web servers are the most exposed servers on the Internet. In order for clients/target groups to be able to access the . . .
An emerging technology promises to improve the security of the Internet's infrastructure by preventing hackers from hijacking Web traffic and redirecting it to bogus sites. The new security mechanism, dubbed DNSSEC, plugs a hole in the Internet's Domain Name System (DNS) . . .
While most Freenix admins are used to the normal concerns of Unix security, there is a higher world of security that has never been touched by Freenixes. The realm of trusted operating systems, long the province only of military and other ultra-secure environments, represents a security level beyond that of all but a few commercial operating systems. . . .
This paper presents the risks posed by an insecure DNS server and walks through compiling, installing, configuring and optionally, chroot'ing BIND 8. The test environment is Solaris 2.5, 2.6, 7 and 8. Many configuration and troubleshooting tips are provided, along with . . .
Requires free registration, but a good article nonetheless. "Can a firewall slow down HTTP proxies? If it is being used as a VPN (Virtual Private Network) endsite, and is performing encryption algorithms, the answer is "absolutely". Though proxy firewalls have come . . .