Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Security related tutorials

Debian

Intrusion Detection For PHP Applications With PHPIDS

Post date: June 24, 2008, 14:06 Category: Security Views: 4409 Comments
Tutorial quote: This tutorial explains how to set up PHPIDS on a web server with Apache2 and PHP5. PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.
CentOS

Chroot jail SFTP only OpenSSH 5.x

Post date: May 5, 2008, 00:05 Category: Security Views: 9708 Comments
Tutorial quote: This tutorial describes how to set up a chroot jail (SFTP only) to allow your users to ONLY use sftp (no ssh/bash/…), and keep them stuck inside their own home directory. This tutorial is known to work on many other distributions as well as CentOS.
This tutorial is for the 4.9-5.x updates of OpenSSH
Debian

sshpass - Non-interactive ssh password authentication

Post date: May 4, 2008, 22:05 Category: Security Views: 5676 Comments
Tutorial quote: SSH’s (secure shell) most common authentication mode is called “interactive keyboard password authentication”, so called both because it is typically done via keyboard, and because openssh takes active measures to make sure that the password is, indeed, typed interactively by the keyboard.

Sometimes, however, it is necessary to fool ssh into accepting an interactive password non-interactively. This is where sshpass comes in.
Debian

How To Set Up SSH With Public-Key Authentication On Debian Etch

Post date: March 30, 2008, 13:03 Category: Security Views: 3476 Comments
Tutorial quote: This guide explains how to set up an SSH server on Debian Etch with public-key authorization (and optionally with disabled password logins). SSH is a great tool to control Linux-based computers remotely. It is safe and secure.
Linux

Lynis - Security and system auditing tool

Post date: March 4, 2008, 22:03 Category: Security Views: 3668 Comments
Tutorial quote: Lynis is an auditing tool which tests and gathers information from Unix based systems. The audience for this tool are security and system auditors, network specialists and system maintainers.
Linux

SSH: Best Practices

Post date: January 17, 2008, 13:01 Category: Security Views: 4488 Comments
Tutorial quote: Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place. All of the examples below assume that you are using EnGarde Secure Linux but any modern Linux distribution will do just fine since, as far as I know, everybody ships OpenSSH.
Debian

Securing Debian Manual

Post date: January 1, 2008, 13:01 Category: Security Views: 3636 Comments
Tutorial quote: This document describes security in the Debian project and in the Debian operating system. Starting with the process of securing and hardening the default Debian GNU/Linux distribution installation, it also covers some of the common tasks to set up a secure network environment using Debian GNU/Linux, gives additional information on the security tools available and talks about how security is enforced in Debian by the security and audit team.
Debian

Setting Up ProFTPd + TLS On Debian Etch

Post date: December 14, 2007, 11:12 Category: Security Views: 3738 Comments
Tutorial quote: FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to set up ProFTPd with TLS on a Debian Etch server.
CentOS

Settings up a SFTP Only Chroot Jail

Post date: December 13, 2007, 22:12 Category: Security Views: 7795 Comments
Tutorial quote: This tutorial describes how to set up a chroot jail (SFTP only) to allow your users to ONLY use sftp (no ssh/bash/…), and keep them stuck inside their own home directory. This tutorial is known to work on many other distributions as well as CentOS.
OpenBSD

Using ssh keys

Post date: December 13, 2007, 11:12 Category: Security Views: 5887 Comments
Tutorial quote: I discovered that I have quite a few ssh articles on my website, but none of them include how to simply setup SSH-keys. It's so simple and so convenient, lets have a closer look.
Web-based applications and online marketing solutions - LumoLink