Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for Configuring Samba 3.0 To Use The ADS Security Mode (CentOS)

Solaris

Configuring Sendmail

Post date: April 13, 2005, 03:04 Category: Network Views: 4418 Comments
Tutorial quote: Sendmail has the reputation of having the most hideous configuration file in the history of mankind. It's extremely long and incredibly cryptic. However, it is this very complexity that has made it the most popular MTA (Mail Transport Agent) on the Internet. Its' flexibility allows sendmail to handle the most demanding, disjointed mail routing and serving configurations you can dream up.
CentOS

How To Harden PHP5 With Suhosin On CentOS 5.0

Post date: August 3, 2007, 22:08 Category: Security Views: 4199 Comments
Tutorial quote: This tutorial shows how to harden PHP5 with Suhosin on a CentOS 5.0 server. From the Suhosin project page: "Suhosin is an advanced protection system for PHP installations that was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections."
Linux

Creating a safe directory with PAM and Encfs

Post date: June 7, 2006, 20:06 Category: Security Views: 3631 Comments
Tutorial quote: Now, in my network (and others) the credentials provided at login could (and should) be used by those programs. How can you retrieve these credentials, providing enough security?
With a the PAM modules pam_script it's possible to store the password in a file, which will be used by fusemb and mount.cifs to read the password from.

To achieve security, one could make the user logging in owner and deny read/write for anybody else. Remove this file when the user ends his/her session.
This is enough, for runtime. But I was wondering, but what if the system crashes, and the file with the credentials remains on the harddrive? Anybody who is able to mount this harddrive with for example a lifecd, can read this file!

That's why I was looking for a way to encrypt this file.

With encfs this is very possible! At run time it gives an interface to encrypted files and directories, which does only exist at runtime! When the system is not running, there are only encrypted files, useless when you do not know the key to it. And this key is exactly the (encrypted) password! That's why I've chosen for a combination of PAM and Encfs.
Debian

PHP-FPM/Nginx Security In Shared Hosting Environments (Debian/Ubuntu)

Post date: September 25, 2011, 16:09 Category: Security Views: 5754 Comments
Tutorial quote: If you want to use nginx and PHP-FPM for shared hosting environments, you should make up your mind about security. In Apache/PHP environments, you can use suExec and/or suPHP to make PHP execute under individual user accounts instead of a system user like www-data. There's no such thing for PHP-FPM, but fortunately PHP-FPM allows us to set up a "pool" for each web site that makes PHP scripts execute as the user/group defined in that pool. This gives you all the benefits of suPHP, and in addition to that you don't have any FTP or SCP transfer problems because PHP scripts don't need to be owned by a specific user/group to be executed as the user/group defined in the pool.
Linux

Embedding Python In Apache2 With mod_python (Debian/Ubuntu, Fedora/CentOS, Mandriva, OpenSUSE)

Post date: July 22, 2008, 09:07 Category: Installing Views: 3712 Comments
Tutorial quote: This tutorial shows how to install and use mod_python on various distributions (Debian/Ubuntu, Fedora/CentOS, Mandriva, OpenSUSE) with Apache2. mod_python is an Apache module that embeds the Python interpreter within the server. It allows you to write web-based applications in Python that will run many times faster than traditional CGI and will have access to advanced features such as ability to retain database connections and other data between hits and access to Apache internals.
Unix+clones

KMail In Depth

Post date: April 13, 2005, 20:04 Category: Software Views: 2915 Comments
Tutorial quote: KMail has long been my Linux email client of choice for a number of reasons: nice clean interface, easily customizable and configurable, stable, and more features than you can shake a stick at. Today we'll dig into migrating from other email clients, encrypting messages and key signing, and configuring multiple accounts and identities.
CentOS

Creating An NFS-Like Standalone Storage Server With GlusterFS On CentOS 5.4

Post date: March 18, 2010, 13:03 Category: Installing Views: 3612 Comments
Tutorial quote: This tutorial shows how to set up a standalone storage server on CentOS 5.4. Instead of NFS, I will use GlusterFS here. The client system will be able to access the storage as if it was a local filesystem. GlusterFS is a clustered file-system capable of scaling to several peta-bytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. Storage bricks can be made of any commodity hardware such as x86_64 servers with SATA-II RAID and Infiniband HBA.
Ubuntu

Setting Up an Ubuntu Subversion Server

Post date: May 20, 2009, 22:05 Category: Software Views: 4261 Comments
Tutorial quote: This tutorial describes setting up a Subversion server on an Ubuntu system and configuring it for use by a group of developers.
Fedora+Core

Resolving Domains Internally And Externally With Bind9 And Caching Nameserver

Post date: February 11, 2007, 19:02 Category: Network Views: 8732 Comments
Tutorial quote: Sometimes, we are required to resolve our internal domains on a local nameserver and external (internet) domains on our ISP's nameserver. There are different solutions to this problem, but in this tutorial, we are going to solve it through configuring a combination of caching-nameserver and BIND 9.
Debian

How to configure a porn blocking proxy with Linux in under 20 mins? (squid to the max)

Post date: January 5, 2007, 05:01 Category: Software Views: 4729 Comments
Tutorial quote: A quick tutorial on installing and configuring basic squid, but then implementing block lists to block, in this case porn sites, but really anything is possible. Source to blocklist included. This is aimed at a debian server but Fedora pointers are included.
Web-based applications and online marketing solutions - LumoLink